Detections
Analytics
SUSE SLES15 Security Update : kernel (SUSE-SU-2026:2310-1)
high Nessus Plugin ID 321065
Synopsis
The remote SUSE host is missing one or more security updates.Description
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2310-1 advisory.The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2026-31405: media: dvb-net: fix OOB access in ULE extension header tables (bsc#1261700).
- CVE-2026-31473: media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex (bsc#1262663).
- CVE-2026-31613: smb: client: fix OOB reads parsing symlink error response (bsc#1263769).
- CVE-2026-31614: smb: client: fix off-by-8 bounds check in check_wsl_eas() (bsc#1263774).
- CVE-2026-31629: nfc: llcp: add missing return after LLCP_CLOSED checks (bsc#1263790).
- CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmc_release (bsc#1264093).
- CVE-2026-43037: ip6_tunnel: clear skb2->cb in ip4ip6_err() (bsc#1263995).
- CVE-2026-43206: drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set() (bsc#1264551).
- CVE-2026-43362: smb: client: fix in-place encryption corruption in SMB2_write() (bsc#1264989).
- CVE-2026-43499: rtmutex: Use waiter::task instead of current in remove_waiter() (bsc#1266001).
- CVE-2026-43501: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (bsc#1266009).
- CVE-2026-43503: net: skbuff: propagate shared-frag marker through frag-transfer helpers (bsc#1265960).
- CVE-2026-45852: RDMA/rxe: Fix double free in rxe_srq_from_init (bsc#1266711).
- CVE-2026-45910: RDMA/rxe: Fix race condition in QP timer handlers (bsc#1266889).
- CVE-2026-45970: bonding: alb: fix UAF in rlb_arp_recv during bond up/down (bsc#1267205).
- CVE-2026-46004: ALSA: caiaq: Handle probe errors properly (bsc#1267222).
- CVE-2026-46021: thermal: core: Fix thermal zone governor cleanup issues (bsc#1267220).
- CVE-2026-46043: RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv (bsc#1266901).
- CVE-2026-46113: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (bsc#1266969).
- CVE-2026-46114: RDMA/rxe: Reject non-8-byte ATOMIC_WRITE payloads (bsc#1266972).
- CVE-2026-46243: smb: client: reject userspace cifs.spnego descriptions (bsc#1266238).
The following non security issues were fixed:
- arm64: tlb: Allow XZR argument to TLBI ops (git-fixes).
- arm64: tlb: Optimize ARM64_WORKAROUND_REPEAT_TLBI (git-fixes).
- drm/hyperv: validate resolution_count and fix WIN8 fallback (git-fixes).
- drm/hyperv: validate VMBus packet size in receive callback (git-fixes).
- net: gro: don't merge zcopy skbs (git-fixes).
- net: mana: Add NULL guards in teardown path to prevent panic on attach failure (git-fixes).
- net: mana: Expose hardware diagnostic info via debugfs (bsc#1266414).
- net: mana: Fix TOCTOU double-fetch of hwc_msg_id from DMA buffer (bsc#1265928).
- net: mana: hardening: Reject zero max_num_queues from GDMA_QUERY_MAX_RESOURCES (git-fixes).
- net: mana: Skip redundant detach on already-detached port (git-fixes).
- net: mana: Use kvmalloc for large RX queue and buffer allocations (bsc#1266765).
- net: mana: Use per-queue allocation for tx_qp to reduce allocation size (bsc#1266765).
- net: mana: validate rx_req_idx to prevent out-of-bounds array access (bsc#1266402).
- RDMA/mana_ib: Report max_msg_sz in mana_ib_query_port (git-fixes).
- s390/barrier: Make array_index_mask_nospec() __always_inline (bsc#1263068).
- s390/entry: Scrub r12 register on kernel entry (bsc#1263068).
- s390/syscalls: Add spectre boundary for syscall dispatch table (bsc#1263068).
- smb: client: correctly handle ErrorContextData as a flexible array (git-fixes).
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://bugzilla.suse.com/1261700
https://bugzilla.suse.com/1262663
https://bugzilla.suse.com/1263068
https://bugzilla.suse.com/1263769
https://bugzilla.suse.com/1263774
https://bugzilla.suse.com/1263790
https://bugzilla.suse.com/1263995
https://bugzilla.suse.com/1264093
https://bugzilla.suse.com/1264449
https://bugzilla.suse.com/1264551
https://bugzilla.suse.com/1264989
https://bugzilla.suse.com/1265928
https://bugzilla.suse.com/1265960
https://bugzilla.suse.com/1266001
https://bugzilla.suse.com/1266009
https://bugzilla.suse.com/1266238
https://bugzilla.suse.com/1266402
https://bugzilla.suse.com/1266414
https://bugzilla.suse.com/1266711
https://bugzilla.suse.com/1266765
https://bugzilla.suse.com/1266889
https://bugzilla.suse.com/1266901
https://bugzilla.suse.com/1266969
https://bugzilla.suse.com/1266972
https://bugzilla.suse.com/1267205
https://bugzilla.suse.com/1267220
https://bugzilla.suse.com/1267222
https://lists.suse.com/pipermail/sle-updates/2026-June/047192.html
https://www.suse.com/security/cve/CVE-2026-31405
https://www.suse.com/security/cve/CVE-2026-31473
https://www.suse.com/security/cve/CVE-2026-31613
https://www.suse.com/security/cve/CVE-2026-31614
https://www.suse.com/security/cve/CVE-2026-31629
https://www.suse.com/security/cve/CVE-2026-31758
https://www.suse.com/security/cve/CVE-2026-43037
https://www.suse.com/security/cve/CVE-2026-43206
https://www.suse.com/security/cve/CVE-2026-43284
https://www.suse.com/security/cve/CVE-2026-43362
https://www.suse.com/security/cve/CVE-2026-43499
https://www.suse.com/security/cve/CVE-2026-43501
https://www.suse.com/security/cve/CVE-2026-43503
https://www.suse.com/security/cve/CVE-2026-45852
https://www.suse.com/security/cve/CVE-2026-45910
https://www.suse.com/security/cve/CVE-2026-45970
https://www.suse.com/security/cve/CVE-2026-46004
https://www.suse.com/security/cve/CVE-2026-46021
https://www.suse.com/security/cve/CVE-2026-46043
https://www.suse.com/security/cve/CVE-2026-46113
Plugin Details
Severity: High
ID: 321065
File Name: suse_SU-2026-2310-1.nasl
Version: 1.1
Type: Local
Agent: unix
Family: SuSE Local Security Checks
Published: 6/14/2026
Updated: 6/14/2026
Supported Sensors: Continuous Assessment, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 10.0
CVSS v2
Risk Factor: Medium
Base Score: 6.2
Temporal Score: 5.4
Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:N/A:C
CVSS Score Source: CVE-2026-31614
CVSS v3
Risk Factor: High
Base Score: 7.1
Temporal Score: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-livepatch-6_4_0-150600_23_115-default, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default, p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-default-livepatch, p-cpe:/a:novell:suse_linux:kernel-zfcpdump, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-64kb, cpe:/o:novell:suse_linux:15
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 6/9/2026
Vulnerability Publication Date: 3/12/2026
Reference Information
CVE: CVE-2026-31405, CVE-2026-31473, CVE-2026-31613, CVE-2026-31614, CVE-2026-31629, CVE-2026-31758, CVE-2026-43037, CVE-2026-43206, CVE-2026-43284, CVE-2026-43362, CVE-2026-43499, CVE-2026-43501, CVE-2026-43503, CVE-2026-45852, CVE-2026-45910, CVE-2026-45970, CVE-2026-46004, CVE-2026-46021, CVE-2026-46043, CVE-2026-46113, CVE-2026-46114, CVE-2026-46243
SuSE: SUSE-SU-2026:2310-1