Detections
Analytics
SUSE SLES15 Security Update : kernel (SUSE-SU-2026:2202-1)
medium Nessus Plugin ID 318286
Synopsis
The remote SUSE host is missing one or more security updates.Description
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2202-1 advisory.The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2021-47103: inet: fully convert sk->sk_rx_dst to RCU rules (bsc#1221010).
- CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1 (bsc#1243603).
- CVE-2026-23239: espintcp: Fix race condition in espintcp_close() (bsc#1259485).
- CVE-2026-23240: tls: Fix race condition in tls_sw_cancel_work_tx() (bsc#1259484).
- CVE-2026-23271: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race (bsc#1260018).
- CVE-2026-23351: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase (bsc#1260526).
- CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260522).
- CVE-2026-23449: net/sched: teql: Fix double-free in teql_master_xmit (bsc#1261779).
- CVE-2026-23458: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() (bsc#1261781).
- CVE-2026-23462: Bluetooth: HIDP: Fix possible UAF (bsc#1261710).
- CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (bsc#1261638).
- CVE-2026-31403: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd (bsc#1261796).
- CVE-2026-31408: Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold (bsc#1261797).
- CVE-2026-31436: dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() (bsc#1262602).
- CVE-2026-31504: net: fix fanout UAF in packet_release() via NETDEV_UP race (bsc#1263085).
- CVE-2026-31507: net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer (bsc#1263095).
- CVE-2026-31512: Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv() (bsc#1262734).
- CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (bsc#1262758).
- CVE-2026-31570: can: gw: fix OOB heap access in cgw_csum_crc8_rel() (bsc#1263065).
- CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (bsc#1263176).
- CVE-2026-31588: KVM: x86: Use scratch field in MMIO fragment to hold small write values (bsc#1263165).
- CVE-2026-31602: ALSA: ctxfi: Limit PTP to a single page (bsc#1263723).
- CVE-2026-31607: usbip: validate number_of_packets in usbip_pack_ret_submit() (bsc#1263600).
- CVE-2026-31649: net: stmmac: fix integer underflow in chain mode (bsc#1263582).
- CVE-2026-31656: drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (bsc#1263170).
- CVE-2026-31662: tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG (bsc#1263131).
- CVE-2026-31669: mptcp: fix slab-use-after-free in __inet_lookup_established (bsc#1263141).
- CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263668).
- CVE-2026-31694: fuse: reject oversized dirents in page cache (bsc#1263901).
- CVE-2026-31700: net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (bsc#1263882).
- CVE-2026-31738: vxlan: validate ND option lengths in vxlan_na_create (bsc#1264059).
- CVE-2026-31787: xen/privcmd: fix double free via VMA splitting (bsc#1262181).
- CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new expectations (bsc#1263931).
- CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect cleanup (bsc#1263933).
- CVE-2026-43050: atm: lec: fix use-after-free in sock_def_readable() (bsc#1264082).
- CVE-2026-43110: wifi: brcmfmac: validate bsscfg indices in IF events (bsc#1264482).
- CVE-2026-43126: ALSA: mixer: oss: Add card disconnect checkpoints (bsc#1264634).
- CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264848).
- CVE-2026-43214: KVM: x86: Add SRCU protection for reading PDPTRs in __get_sregs2() (bsc#1264651).
- CVE-2026-43329: netfilter: flowtable: strictly check for maximum number of actions (bsc#1265085).
- CVE-2026-43334: Bluetooth: SMP: force responder MITM requirements before building the pairing response (bsc#1265090).
- CVE-2026-43365: xfs: fix undersized l_iclog_roundoff values (bsc#1265119).
- CVE-2026-43437: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (bsc#1265126).
- CVE-2026-43494: net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626).
- CVE-2026-43500: supported.conf: drop rxrpc and af_kfs (bsc#1264450).
- CVE-2026-43503: net: skbuff: propagate shared-frag marker through frag-transfer helpers (bsc#1265960).
- CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265308).
The following non security issues were fixed:
- check-for-config-changes: Exclude CC_MS_EXTENSIONS.
- check-for-config-changes: Exclude HAVE_CFI_ICALL_NORMALIZE_INTEGERS{,_RUSTC}.
- crypto: qat - fix ring to service map for QAT GEN4 (bsc#1258248).
- crypto: qat - refactor fw config related functions (bsc#1258248).
- crypto: qat - use masks for AE groups (bsc#1258248).
- dm init: ensure device probing has finished in dm-mod.waitfor= (git-fixes).
- mkspec: Add signature to source list only when it exists.
- net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626).
- net: gro: don't merge zcopy skbs (git-fixes).
- nvmet-rdma: fix possible bad dereference when freeing rsps (bsc#1260983).
- ocfs2: fix possible deadlock between unlink and dio_end_io_write (bsc#1258718).
- ocfs2: split transactions in dio completion to avoid credit exhaustion (bsc#1258718).
- xfrm: esp: avoid in-place decrypt on shared skb frags.
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://lists.suse.com/pipermail/sle-updates/2026-June/046908.html
https://www.suse.com/security/cve/CVE-2021-47103
https://www.suse.com/security/cve/CVE-2023-20585
https://www.suse.com/security/cve/CVE-2026-23209
https://www.suse.com/security/cve/CVE-2026-23239
https://www.suse.com/security/cve/CVE-2026-23240
https://www.suse.com/security/cve/CVE-2026-23268
https://www.suse.com/security/cve/CVE-2026-23269
https://www.suse.com/security/cve/CVE-2026-23271
https://www.suse.com/security/cve/CVE-2026-23273
https://www.suse.com/security/cve/CVE-2026-23351
https://www.suse.com/security/cve/CVE-2026-23393
https://www.suse.com/security/cve/CVE-2026-23403
https://www.suse.com/security/cve/CVE-2026-23404
https://www.suse.com/security/cve/CVE-2026-23405
https://www.suse.com/security/cve/CVE-2026-23406
https://www.suse.com/security/cve/CVE-2026-23407
https://www.suse.com/security/cve/CVE-2026-23408
https://www.suse.com/security/cve/CVE-2026-23409
https://www.suse.com/security/cve/CVE-2026-23410
https://www.suse.com/security/cve/CVE-2026-23411
https://www.suse.com/security/cve/CVE-2026-23449
https://www.suse.com/security/cve/CVE-2026-31685
https://bugzilla.suse.com/1221010
https://bugzilla.suse.com/1243603
https://bugzilla.suse.com/1258248
https://bugzilla.suse.com/1258518
https://bugzilla.suse.com/1258718
https://bugzilla.suse.com/1258849
https://bugzilla.suse.com/1258850
https://bugzilla.suse.com/1258854
https://bugzilla.suse.com/1258855
https://bugzilla.suse.com/1258856
https://bugzilla.suse.com/1258857
https://bugzilla.suse.com/1259484
https://bugzilla.suse.com/1259485
https://bugzilla.suse.com/1259857
https://bugzilla.suse.com/1260010
https://bugzilla.suse.com/1260018
https://bugzilla.suse.com/1260522
https://bugzilla.suse.com/1260526
https://bugzilla.suse.com/1260983
https://bugzilla.suse.com/1261287
https://bugzilla.suse.com/1261295
https://bugzilla.suse.com/1261638
https://bugzilla.suse.com/1261710
https://bugzilla.suse.com/1261779
https://bugzilla.suse.com/1261781
https://bugzilla.suse.com/1261796
https://bugzilla.suse.com/1261797
https://bugzilla.suse.com/1262179
https://bugzilla.suse.com/1262181
https://bugzilla.suse.com/1262602
https://bugzilla.suse.com/1262734
https://bugzilla.suse.com/1262758
https://bugzilla.suse.com/1263065
https://bugzilla.suse.com/1263085
https://bugzilla.suse.com/1263095
https://bugzilla.suse.com/1263131
https://bugzilla.suse.com/1263141
https://bugzilla.suse.com/1263165
https://bugzilla.suse.com/1263170
https://bugzilla.suse.com/1263176
https://bugzilla.suse.com/1263582
https://bugzilla.suse.com/1263600
https://bugzilla.suse.com/1263668
https://bugzilla.suse.com/1263723
https://bugzilla.suse.com/1263882
https://bugzilla.suse.com/1263901
https://bugzilla.suse.com/1263931
https://bugzilla.suse.com/1263933
https://bugzilla.suse.com/1264059
https://bugzilla.suse.com/1264082
https://bugzilla.suse.com/1264450
https://bugzilla.suse.com/1264482
https://bugzilla.suse.com/1264634
https://bugzilla.suse.com/1264651
https://bugzilla.suse.com/1264848
https://bugzilla.suse.com/1265085
https://bugzilla.suse.com/1265090
https://bugzilla.suse.com/1265119
https://bugzilla.suse.com/1265126
https://bugzilla.suse.com/1265308
https://bugzilla.suse.com/1265456
https://bugzilla.suse.com/1265626
https://bugzilla.suse.com/1265960
https://www.suse.com/security/cve/CVE-2026-23458
https://www.suse.com/security/cve/CVE-2026-23462
https://www.suse.com/security/cve/CVE-2026-31402
https://www.suse.com/security/cve/CVE-2026-31403
https://www.suse.com/security/cve/CVE-2026-31408
https://www.suse.com/security/cve/CVE-2026-31436
https://www.suse.com/security/cve/CVE-2026-31504
https://www.suse.com/security/cve/CVE-2026-31507
https://www.suse.com/security/cve/CVE-2026-31512
https://www.suse.com/security/cve/CVE-2026-31533
https://www.suse.com/security/cve/CVE-2026-31570
https://www.suse.com/security/cve/CVE-2026-31586
https://www.suse.com/security/cve/CVE-2026-31588
https://www.suse.com/security/cve/CVE-2026-31602
https://www.suse.com/security/cve/CVE-2026-31607
https://www.suse.com/security/cve/CVE-2026-31649
https://www.suse.com/security/cve/CVE-2026-31694
https://www.suse.com/security/cve/CVE-2026-31700
https://www.suse.com/security/cve/CVE-2026-31738
https://www.suse.com/security/cve/CVE-2026-31787
https://www.suse.com/security/cve/CVE-2026-43025
https://www.suse.com/security/cve/CVE-2026-43027
https://www.suse.com/security/cve/CVE-2026-43050
https://www.suse.com/security/cve/CVE-2026-43110
https://www.suse.com/security/cve/CVE-2026-43126
https://www.suse.com/security/cve/CVE-2026-31656
https://www.suse.com/security/cve/CVE-2026-31662
https://www.suse.com/security/cve/CVE-2026-31669
https://www.suse.com/security/cve/CVE-2026-43190
https://www.suse.com/security/cve/CVE-2026-43214
https://www.suse.com/security/cve/CVE-2026-43329
https://www.suse.com/security/cve/CVE-2026-43334
https://www.suse.com/security/cve/CVE-2026-43365
https://www.suse.com/security/cve/CVE-2026-43437
https://www.suse.com/security/cve/CVE-2026-43494
https://www.suse.com/security/cve/CVE-2026-43500
Plugin Details
Severity: Medium
ID: 318286
File Name: suse_SU-2026-2202-1.nasl
Version: 1.1
Type: Local
Agent: unix
Family: SuSE Local Security Checks
Published: 6/3/2026
Updated: 6/3/2026
Supported Sensors: Nessus Agent, Continuous Assessment, Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 9.0
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5.6
Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C
CVSS Score Source: CVE-2026-43500
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
CVSS v4
Risk Factor: Medium
Base Score: 5.6
Threat Score: 4.3
Threat Vector: CVSS:4.0/E:P
Vector: CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
CVSS Score Source: CVE-2023-20585
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:kernel-livepatch-5_14_21-150400_24_219-default, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default, p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-default-livepatch, p-cpe:/a:novell:suse_linux:kernel-zfcpdump, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-64kb, cpe:/o:novell:suse_linux:15
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 6/1/2026
Vulnerability Publication Date: 7/21/2021
Reference Information
CVE: CVE-2021-47103, CVE-2023-20585, CVE-2026-23209, CVE-2026-23239, CVE-2026-23240, CVE-2026-23268, CVE-2026-23269, CVE-2026-23271, CVE-2026-23273, CVE-2026-23351, CVE-2026-23393, CVE-2026-23403, CVE-2026-23404, CVE-2026-23405, CVE-2026-23406, CVE-2026-23407, CVE-2026-23408, CVE-2026-23409, CVE-2026-23410, CVE-2026-23411, CVE-2026-23449, CVE-2026-23458, CVE-2026-23462, CVE-2026-31402, CVE-2026-31403, CVE-2026-31408, CVE-2026-31436, CVE-2026-31504, CVE-2026-31507, CVE-2026-31512, CVE-2026-31533, CVE-2026-31570, CVE-2026-31586, CVE-2026-31588, CVE-2026-31602, CVE-2026-31607, CVE-2026-31649, CVE-2026-31656, CVE-2026-31662, CVE-2026-31669, CVE-2026-31685, CVE-2026-31694, CVE-2026-31700, CVE-2026-31738, CVE-2026-31787, CVE-2026-43025, CVE-2026-43027, CVE-2026-43050, CVE-2026-43110, CVE-2026-43126, CVE-2026-43190, CVE-2026-43214, CVE-2026-43329, CVE-2026-43334, CVE-2026-43365, CVE-2026-43437, CVE-2026-43494, CVE-2026-43500, CVE-2026-43503, CVE-2026-46333
SuSE: SUSE-SU-2026:2202-1