SUSE-SU-2026:1907-1
- Source
- https://www.suse.com/support/update/announcement/2026/suse-su-20261907-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1907-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/SUSE-SU-2026:1907-1
- Upstream
- Related
- Published
- 2026-05-17T17:12:55Z
- Modified
- 2026-05-19T08:45:06.854105217Z
- Summary
- Security update for the Linux Kernel
- Details
-
The SUSE Linux Enterprise 15 SP5 kernel was updated to fix the following issue:
Security issues fixed:
- CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags (bsc#1264449).
- CVE-2026-43500: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present (bsc#1264450).
- CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache (bsc#1264013).
- CVE-2026-46300: net: skbuff: propagate shared-frag marker through pskb_copy() (bsc#1265209).
- CVE-2026-46333: Fixed logic bug in the Linux kernel's __ptracemayaccess() function (bsc#1265308).
Other issues fixed:
- io-wq: check that the predecessor is hashed in iowqremove_pending() (git-fixes).
- References
-
- https://www.suse.com/support/update/announcement/2026/suse-su-20261907-1/
- https://bugzilla.suse.com/1264013
- https://bugzilla.suse.com/1264449
- https://bugzilla.suse.com/1264450
- https://bugzilla.suse.com/1265209
- https://bugzilla.suse.com/1265308
- https://www.suse.com/security/cve/CVE-2025-54518
- https://www.suse.com/security/cve/CVE-2026-43284
- https://www.suse.com/security/cve/CVE-2026-43500
- https://www.suse.com/security/cve/CVE-2026-46300
- https://www.suse.com/security/cve/CVE-2026-46333