SUSE-SU-2026:0316-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2026/suse-su-20260316-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0316-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/SUSE-SU-2026:0316-1
Upstream
Related
Published
2026-01-28T14:35:14Z
Modified
2026-03-11T07:31:34.337682Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues

The following security issues were fixed:

  • CVE-2022-49604,CVE-2025-40074: ip: Fix data-races around sysctlipfwdusepmtu (bsc#1238414 bsc#1252794).
  • CVE-2022-50527: drm/amdgpu: Fix size validation for non-exclusive domains (v4) (bsc#1251738).
  • CVE-2022-50625: serial: amba-pl011: avoid SBSA UART accessing DMACR register (bsc#1254559).
  • CVE-2022-50630: mm: hugetlb: fix UAF in hugetlbhandleuserfault (bsc#1254785).
  • CVE-2022-50656: nfc: pn533: Clear nfc_target before being used (bsc#1254745).
  • CVE-2022-50678: wifi: brcmfmac: fix invalid address access when enabling SCAN log level (bsc#1254902).
  • CVE-2022-50700: wifi: ath10k: Delay the unmapping of the buffer (bsc#1255576).
  • CVE-2023-53454: HID: multitouch: Correct devm device reference for hidinput input_dev name (bsc#1250759).
  • CVE-2023-53718: ring-buffer: Do not swap cpu_buffer during resize process (bsc#1252564).
  • CVE-2023-53748: media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queue_setup (bsc#1254907).
  • CVE-2023-53765: dm cache: free background tracker's queued work in btracker_destroy (bsc#1254912).
  • CVE-2023-53781: smc: Fix use-after-free in tcpwritetimer_handler() (bsc#1254751).
  • CVE-2023-53788: ALSA: hda/ca0132: fixup buffer overrun at tuningctlset() (bsc#1254917).
  • CVE-2023-53819: amdgpu: validate offsetinbo of drmamdgpugem_va (bsc#1254712).
  • CVE-2023-53850: iavf: use internal state to free traffic IRQs (bsc#1254677).
  • CVE-2023-54120: Bluetooth: Fix race condition in hidpsessionthread (bsc#1256133).
  • CVE-2023-54214: Bluetooth: L2CAP: Fix potential user-after-free (bsc#1255954).
  • CVE-2023-54236: net/net_failover: fix txq exceeding warning (bsc#1255922).
  • CVE-2023-54286: wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace (bsc#1255803).
  • CVE-2023-54300: wifi: ath9k: avoid referencing uninit memory in ath9kwmictrl_rx (bsc#1255790).
  • CVE-2025-38085: mm/hugetlb: fix hugepmdunshare() vs GUP-fast race (bsc#1245431 bsc#1245499).
  • CVE-2025-38336: ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 (bsc#1246370).
  • CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd (bsc#1249256).
  • CVE-2025-40006: mm/hugetlb: fix folio is still mapped when deleted (bsc#1252342).
  • CVE-2025-40035: Input: uinput - zero-initialize uinputffupload_compat to avoid info leak (bsc#1252866).
  • CVE-2025-40053: net: dlink: handle copy_thresh allocation failure (bsc#1252808).
  • CVE-2025-40064: smc: Fix use-after-free in _pnetfindbasendev() (bsc#1252845).
  • CVE-2025-40075: tcpmetrics: use dstdevnetrcu() (bsc#1252795).
  • CVE-2025-40081: perf: armspe: Prevent overflow in PERFIDX2OFF() (bsc#1252776).
  • CVE-2025-40110: drm/vmwgfx: Fix a null-ptr access in the cursor snooper (bsc#1253275).
  • CVE-2025-40123: bpf: Enforce expectedattachtype for tailcall compatibility (bsc#1253365).
  • CVE-2025-40135: ipv6: use RCU in ip6_xmit() (bsc#1253342).
  • CVE-2025-40139: smc: Use _skdstget() and dstdevrcu() in in smcclcprfxset() (bsc#1253409).
  • CVE-2025-40149: tls: Use _skdstget() and dstdevrcu() in getnetdevforsock() (bsc#1253355).
  • CVE-2025-40153: mm: hugetlb: avoid soft lockup when mprotect to large memory area (bsc#1253408).
  • CVE-2025-40158: ipv6: use RCU in ip6_output() (bsc#1253402).
  • CVE-2025-40160: xen/events: Cleanup find_virq() return codes (bsc#1253400).
  • CVE-2025-40164: usbnet: Fix using smpprocessorid() in preemptible code warnings (bsc#1253407).
  • CVE-2025-40167: ext4: detect invalid INLINE_DATA + EXTENTS flag combination (bsc#1253458).
  • CVE-2025-40168: smc: Use _skdstget() and dstdevrcu() in smcclcprfxmatch() (bsc#1253427).
  • CVE-2025-40170: net: use dstdevrcu() in sksetupcaps() (bsc#1253413).
  • CVE-2025-40178: pid: Add a judgment for ns null in pidnrns (bsc#1253463).
  • CVE-2025-40198: ext4: avoid potential buffer over-read in parseapplysbmountoptions() (bsc#1253453).
  • CVE-2025-40200: Squashfs: reject negative file sizes in squashfsreadinode() (bsc#1253448).
  • CVE-2025-40215: kABI: xfrm: delete x->tunnel as we delete x (bsc#1254959).
  • CVE-2025-40219: PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV (bsc#1254518).
  • CVE-2025-40233: ocfs2: clear extent cache after moving/defragmenting extents (bsc#1254813).
  • CVE-2025-40240: sctp: avoid NULL dereference when chunk data buffer is missing (bsc#1254869).
  • CVE-2025-40244: hfsplus: fix KMSAN uninit-value issue in _hfsplusextcacheextent() (bsc#1255033).
  • CVE-2025-40248: vsock: Ignore signal/timeout on connect() if already established (bsc#1254864).
  • CVE-2025-40252: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont() and qedetpaend() (bsc#1254849).
  • CVE-2025-40269: ALSA: usb-audio: Fix potential overflow of PCM transfer buffer (bsc#1255035).
  • CVE-2025-40275: ALSA: usb-audio: Fix NULL pointer dereference in sndusbmixercontrolsbadd (bsc#1254829).
  • CVE-2025-40278: net: sched: actife: initialize struct tcife to fix KMSAN kernel-infoleak (bsc#1254825).
  • CVE-2025-40279: net: sched: actconnmark: initialize struct tcife to fix kernel leak (bsc#1254846).
  • CVE-2025-40283: Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF (bsc#1254858).
  • CVE-2025-40304: fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds (bsc#1255034).
  • CVE-2025-40308: Bluetooth: bcsp: receive data only if registered (bsc#1255064).
  • CVE-2025-40321: wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode (bsc#1254795).
  • CVE-2025-40322: fbdev: bitblit: bound-check glyph index in bit_putcs* (bsc#1255092).
  • CVE-2025-40331: sctp: Prevent TOCTOU out-of-bounds write (bsc#1254615).
  • CVE-2025-40337: net: stmmac: Correctly handle Rx checksum offload errors (bsc#1255081).
  • CVE-2025-40349: hfs: validate record offset in hfsplusbmapalloc (bsc#1255280).
  • CVE-2025-40351: hfsplus: fix KMSAN uninit-value issue in hfsplusdeletecat() (bsc#1255281).
  • CVE-2025-68206: netfilter: nft_ct: add seqadj extension for natted connections (bsc#1255142).
  • CVE-2025-68340: team: Move team device type change at the end of teamportadd (bsc#1255507).

The following non security issues were fixed:

  • HID: multitouch: Add NULL check in mtinputconfigured (bsc#1250759).
  • Squashfs: add additional inode sanity checking (bsc#1253448).
  • drm/amdgpu: Fix potential NULL dereference (bsc#1251238).
References

Affected packages

SUSE:Linux Enterprise Live Patching 12 SP5
kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.290.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-default-kgraft-devel": "4.12.14-122.290.1",
            "kernel-default-kgraft": "4.12.14-122.290.1",
            "kgraft-patch-4_12_14-122_290-default": "1-8.7.1"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0316-1.json"
kgraft-patch-SLE12-SP5_Update_76

Package

Name
kgraft-patch-SLE12-SP5_Update_76
Purl
pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_76&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1-8.7.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-default-kgraft-devel": "4.12.14-122.290.1",
            "kernel-default-kgraft": "4.12.14-122.290.1",
            "kgraft-patch-4_12_14-122_290-default": "1-8.7.1"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0316-1.json"
SUSE:Linux Enterprise Server 12 SP5-LTSS
kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.290.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-devel": "4.12.14-122.290.1",
            "ocfs2-kmp-default": "4.12.14-122.290.1",
            "kernel-syms": "4.12.14-122.290.1",
            "kernel-default-base": "4.12.14-122.290.1",
            "kernel-source": "4.12.14-122.290.1",
            "cluster-md-kmp-default": "4.12.14-122.290.1",
            "kernel-macros": "4.12.14-122.290.1",
            "dlm-kmp-default": "4.12.14-122.290.1",
            "kernel-default-man": "4.12.14-122.290.1",
            "kernel-default-devel": "4.12.14-122.290.1",
            "kernel-default": "4.12.14-122.290.1",
            "gfs2-kmp-default": "4.12.14-122.290.1"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0316-1.json"
kernel-source

Package

Name
kernel-source
Purl
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.290.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-devel": "4.12.14-122.290.1",
            "ocfs2-kmp-default": "4.12.14-122.290.1",
            "kernel-syms": "4.12.14-122.290.1",
            "kernel-default-base": "4.12.14-122.290.1",
            "kernel-source": "4.12.14-122.290.1",
            "cluster-md-kmp-default": "4.12.14-122.290.1",
            "kernel-macros": "4.12.14-122.290.1",
            "dlm-kmp-default": "4.12.14-122.290.1",
            "kernel-default-man": "4.12.14-122.290.1",
            "kernel-default-devel": "4.12.14-122.290.1",
            "kernel-default": "4.12.14-122.290.1",
            "gfs2-kmp-default": "4.12.14-122.290.1"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0316-1.json"
kernel-syms

Package

Name
kernel-syms
Purl
pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.290.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-devel": "4.12.14-122.290.1",
            "ocfs2-kmp-default": "4.12.14-122.290.1",
            "kernel-syms": "4.12.14-122.290.1",
            "kernel-default-base": "4.12.14-122.290.1",
            "kernel-source": "4.12.14-122.290.1",
            "cluster-md-kmp-default": "4.12.14-122.290.1",
            "kernel-macros": "4.12.14-122.290.1",
            "dlm-kmp-default": "4.12.14-122.290.1",
            "kernel-default-man": "4.12.14-122.290.1",
            "kernel-default-devel": "4.12.14-122.290.1",
            "kernel-default": "4.12.14-122.290.1",
            "gfs2-kmp-default": "4.12.14-122.290.1"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0316-1.json"
SUSE:Linux Enterprise Server LTSS Extended Security 12 SP5
kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.290.1

Ecosystem specific 

{
    "binaries": [
        {
            "gfs2-kmp-default": "4.12.14-122.290.1",
            "ocfs2-kmp-default": "4.12.14-122.290.1",
            "kernel-syms": "4.12.14-122.290.1",
            "kernel-default-base": "4.12.14-122.290.1",
            "cluster-md-kmp-default": "4.12.14-122.290.1",
            "kernel-macros": "4.12.14-122.290.1",
            "dlm-kmp-default": "4.12.14-122.290.1",
            "kernel-default-devel": "4.12.14-122.290.1",
            "kernel-source": "4.12.14-122.290.1",
            "kernel-default": "4.12.14-122.290.1",
            "kernel-devel": "4.12.14-122.290.1"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0316-1.json"
kernel-source

Package

Name
kernel-source
Purl
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.290.1

Ecosystem specific 

{
    "binaries": [
        {
            "gfs2-kmp-default": "4.12.14-122.290.1",
            "ocfs2-kmp-default": "4.12.14-122.290.1",
            "kernel-syms": "4.12.14-122.290.1",
            "kernel-default-base": "4.12.14-122.290.1",
            "cluster-md-kmp-default": "4.12.14-122.290.1",
            "kernel-macros": "4.12.14-122.290.1",
            "dlm-kmp-default": "4.12.14-122.290.1",
            "kernel-default-devel": "4.12.14-122.290.1",
            "kernel-source": "4.12.14-122.290.1",
            "kernel-default": "4.12.14-122.290.1",
            "kernel-devel": "4.12.14-122.290.1"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0316-1.json"
kernel-syms

Package

Name
kernel-syms
Purl
pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.290.1

Ecosystem specific 

{
    "binaries": [
        {
            "gfs2-kmp-default": "4.12.14-122.290.1",
            "ocfs2-kmp-default": "4.12.14-122.290.1",
            "kernel-syms": "4.12.14-122.290.1",
            "kernel-default-base": "4.12.14-122.290.1",
            "cluster-md-kmp-default": "4.12.14-122.290.1",
            "kernel-macros": "4.12.14-122.290.1",
            "dlm-kmp-default": "4.12.14-122.290.1",
            "kernel-default-devel": "4.12.14-122.290.1",
            "kernel-source": "4.12.14-122.290.1",
            "kernel-default": "4.12.14-122.290.1",
            "kernel-devel": "4.12.14-122.290.1"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0316-1.json"