SUSE SLES15: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2026:3044-1)

high Nessus Plugin ID 327300

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:3044-1 advisory.

The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues

The following security issues were fixed:

- CVE-2026-31771: Bluetooth: hci_event: move wake reason storage into validated event handlers (bsc#1264145).
- CVE-2026-43038: ipv6: icmp: clear skb2->cb in ip6_err_gen_icmpv6_unreach() (bsc#1264097).
- CVE-2026-46090: ALSA: aloop: Fix peer runtime UAF during format-change stop (bsc#1267531).
- CVE-2026-46173: exit: prevent preemption of oopsing TASK_DEAD task (bsc#1267722).
- CVE-2026-46229: drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure (bsc#1267567).
- CVE-2026-46253: pstore/ram: fix buffer overflow in persistent_ram_save_old() (bsc#1267635).
- CVE-2026-46266: inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP (bsc#1267684).
- CVE-2026-46319: net/sched: act_ct: Only release RCU read lock after ct_ft (bsc#1268022).
- CVE-2026-46320: tap: free page on error paths in tap_get_user_xdp() (bsc#1267993).
- CVE-2026-46331: net/sched: fix pedit partial COW leading to page cache (bsc#1265421).
- CVE-2026-52909: ip6_vti: set netns_immutable on the fallback device (bsc#1268660).
- CVE-2026-52918: Bluetooth: serialize accept_q access (bsc#1269100).
- CVE-2026-52923: ipc: limit next_id allocation to the valid ID range (bsc#1269033).
- CVE-2026-52924: sctp: purge outqueue on stale COOKIE-ECHO handling (bsc#1269036).
- CVE-2026-52943: net: skbuff: fix missing zerocopy reference in pskb_carve helpers (bsc#1269022).
- CVE-2026-52955: libceph: Fix potential out-of-bounds access in crush_decode() (bsc#1269159).
- CVE-2026-52969: KVM: Reject wrapped offset in kvm_reset_dirty_gfn() (bsc#1269184).
- CVE-2026-52972: crypto: af_alg - Cap AEAD AD length to 0x80000000 (bsc#1269195).
- CVE-2026-52993: tipc: fix double-free in tipc_buf_append() (bsc#1269193).
- CVE-2026-53016: crypto: ccp - copy IV using skcipher ivsize (bsc#1269090).
- CVE-2026-53041: ocfs2: fix listxattr handling when the buffer is full (bsc#1269398).
- CVE-2026-53053: iommu/amd: Fix clone_alias() to use the original device's devid (bsc#1269310).
- CVE-2026-53071: Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp (bsc#1269678).
- CVE-2026-53072: Bluetooth: fix locking in hci_conn_request_evt() with HCI_PROTO_DEFER (bsc#1269681).
- CVE-2026-53133: RDMA/umem: Fix truncation for block sizes >= 4G (bsc#1269821).
- CVE-2026-53253: Bluetooth: bnep: fix incorrect length parsing in bnep_rx_frame() extension handling (bsc#1269574).
- CVE-2026-53359: KVM: x86: Fix shadow paging use-after-free due to unexpected role (bsc#1270059).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1264097

https://bugzilla.suse.com/1264145

https://bugzilla.suse.com/1265421

https://bugzilla.suse.com/1267531

https://bugzilla.suse.com/1267567

https://bugzilla.suse.com/1267635

https://bugzilla.suse.com/1267684

https://bugzilla.suse.com/1267722

https://bugzilla.suse.com/1267918

https://bugzilla.suse.com/1267993

https://bugzilla.suse.com/1268022

https://bugzilla.suse.com/1268660

https://bugzilla.suse.com/1269022

https://bugzilla.suse.com/1269033

https://bugzilla.suse.com/1269036

https://bugzilla.suse.com/1269090

https://bugzilla.suse.com/1269100

https://bugzilla.suse.com/1269159

https://bugzilla.suse.com/1269184

https://bugzilla.suse.com/1269193

https://bugzilla.suse.com/1269195

https://bugzilla.suse.com/1269310

https://bugzilla.suse.com/1269398

https://bugzilla.suse.com/1269574

https://bugzilla.suse.com/1269678

https://bugzilla.suse.com/1269681

https://bugzilla.suse.com/1269821

https://bugzilla.suse.com/1270059

https://lists.suse.com/pipermail/sle-updates/2026-July/048288.html

https://www.suse.com/security/cve/CVE-2026-31771

https://www.suse.com/security/cve/CVE-2026-43038

https://www.suse.com/security/cve/CVE-2026-46090

https://www.suse.com/security/cve/CVE-2026-46173

https://www.suse.com/security/cve/CVE-2026-46229

https://www.suse.com/security/cve/CVE-2026-46253

https://www.suse.com/security/cve/CVE-2026-46266

https://www.suse.com/security/cve/CVE-2026-46274

https://www.suse.com/security/cve/CVE-2026-46319

https://www.suse.com/security/cve/CVE-2026-46320

https://www.suse.com/security/cve/CVE-2026-46331

https://www.suse.com/security/cve/CVE-2026-52909

https://www.suse.com/security/cve/CVE-2026-52918

https://www.suse.com/security/cve/CVE-2026-52923

https://www.suse.com/security/cve/CVE-2026-52924

https://www.suse.com/security/cve/CVE-2026-52943

https://www.suse.com/security/cve/CVE-2026-52955

https://www.suse.com/security/cve/CVE-2026-52969

https://www.suse.com/security/cve/CVE-2026-52972

https://www.suse.com/security/cve/CVE-2026-52993

https://www.suse.com/security/cve/CVE-2026-53016

https://www.suse.com/security/cve/CVE-2026-53041

https://www.suse.com/security/cve/CVE-2026-53053

https://www.suse.com/security/cve/CVE-2026-53071

https://www.suse.com/security/cve/CVE-2026-53072

https://www.suse.com/security/cve/CVE-2026-53133

https://www.suse.com/security/cve/CVE-2026-53253

https://www.suse.com/security/cve/CVE-2026-53359

Plugin Details

Severity: High

ID: 327300

File Name: suse_SU-2026-3044-1.nasl

Version: 1.1

Type: Local

Agent: unix

Published: 7/16/2026

Updated: 7/16/2026

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Tenable Cloud Security, Tenable Self-Hosted Container Security, Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9

Percentile: 99.75

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2026-52969

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default-livepatch, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:kernel-64kb, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default, p-cpe:/a:novell:suse_linux:kernel-livepatch-5_14_21-150400_24_228-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-zfcpdump, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/15/2026

Vulnerability Publication Date: 7/3/2025

Reference Information

CVE: CVE-2026-31771, CVE-2026-43038, CVE-2026-46090, CVE-2026-46173, CVE-2026-46229, CVE-2026-46253, CVE-2026-46266, CVE-2026-46274, CVE-2026-46319, CVE-2026-46320, CVE-2026-46331, CVE-2026-52909, CVE-2026-52918, CVE-2026-52923, CVE-2026-52924, CVE-2026-52943, CVE-2026-52955, CVE-2026-52969, CVE-2026-52972, CVE-2026-52993, CVE-2026-53016, CVE-2026-53041, CVE-2026-53053, CVE-2026-53071, CVE-2026-53072, CVE-2026-53133, CVE-2026-53253, CVE-2026-53359

SuSE: SUSE-SU-2026:3044-1