SUSE-SU-2026:2111-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2026/suse-su-20262111-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:2111-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/SUSE-SU-2026:2111-1
Upstream
  • CVE-2023-20585
  • CVE-2025-54518
Related
Published
2026-05-29T15:22:50Z
Modified
2026-05-30T23:15:04.821639852Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues

The following security issues were fixed:

  • CVE-2021-47103: inet: fully convert sk->skrxdst to RCU rules (bsc#1221010).
  • CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1 (bsc#1243603).
  • CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache (bsc#1264013).
  • CVE-2026-23239: espintcp: Fix race condition in espintcp_close() (bsc#1259485).
  • CVE-2026-23240: tls: Fix race condition in tlsswcancelworktx() (bsc#1259484).
  • CVE-2026-23271: perf: Fix _perfeventoverflow() vs perfremovefromcontext() race (bsc#1260018).
  • CVE-2026-23351: netfilter: nftsetpipapo: split gc into unlink and reclaim phase (bsc#1260526).
  • CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260522).
  • CVE-2026-23449: net/sched: teql: Fix double-free in teqlmasterxmit (bsc#1261779).
  • CVE-2026-23458: netfilter: ctnetlink: fix use-after-free in ctnetlinkdumpexp_ct() (bsc#1261781).
  • CVE-2026-23462: Bluetooth: HIDP: Fix possible UAF (bsc#1261710).
  • CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (bsc#1261638).
  • CVE-2026-31403: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd (bsc#1261796).
  • CVE-2026-31408: Bluetooth: SCO: Fix use-after-free in scorecvframe() due to missing sock_hold (bsc#1261797).
  • CVE-2026-31436: dmaengine: idxd: fix possible wrong descriptor completion in llistabortdesc() (bsc#1262602).
  • CVE-2026-31504: net: fix fanout UAF in packetrelease() via NETDEVUP race (bsc#1263085).
  • CVE-2026-31507: net/smc: fix double-free of smcspdpriv when tee() duplicates splice pipe buffer (bsc#1263095).
  • CVE-2026-31512: Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2capecreddata_rcv() (bsc#1262734).
  • CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tlsdoencryption (bsc#1262758).
  • CVE-2026-31570: can: gw: fix OOB heap access in cgwcsumcrc8_rel() (bsc#1263065).
  • CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwbreleaseworkfn() (bsc#1263176).
  • CVE-2026-31588: KVM: x86: Use scratch field in MMIO fragment to hold small write values (bsc#1263165).
  • CVE-2026-31602: ALSA: ctxfi: Limit PTP to a single page (bsc#1263723).
  • CVE-2026-31607: usbip: validate numberofpackets in usbippackret_submit() (bsc#1263600).
  • CVE-2026-31649: net: stmmac: fix integer underflow in chain mode (bsc#1263582).
  • CVE-2026-31656: drm/i915/gt: fix refcount underflow in intelenginepark_heartbeat (bsc#1263170).
  • CVE-2026-31662: tipc: fix bcackers underflow on duplicate GRPACK_MSG (bsc#1263131).
  • CVE-2026-31669: mptcp: fix slab-use-after-free in __inetlookupestablished (bsc#1263141).
  • CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263668).
  • CVE-2026-31694: fuse: reject oversized dirents in page cache (bsc#1263901).
  • CVE-2026-31700: net/packet: fix TOCTOU race on mmap'd vnethdr in tpacketsnd() (bsc#1263882).
  • CVE-2026-31738: vxlan: validate ND option lengths in vxlannacreate (bsc#1264059).
  • CVE-2026-31787: xen/privcmd: fix double free via VMA splitting (bsc#1262181).
  • CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new expectations (bsc#1263931).
  • CVE-2026-43027: netfilter: nfconntrackhelper: pass helper to expect cleanup (bsc#1263933).
  • CVE-2026-43050: atm: lec: fix use-after-free in sockdefreadable() (bsc#1264082).
  • CVE-2026-43110: wifi: brcmfmac: validate bsscfg indices in IF events (bsc#1264482).
  • CVE-2026-43126: ALSA: mixer: oss: Add card disconnect checkpoints (bsc#1264634).
  • CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264848).
  • CVE-2026-43214: KVM: x86: Add SRCU protection for reading PDPTRs in _getsregs2() (bsc#1264651).
  • CVE-2026-43329: netfilter: flowtable: strictly check for maximum number of actions (bsc#1265085).
  • CVE-2026-43334: Bluetooth: SMP: force responder MITM requirements before building the pairing response (bsc#1265090).
  • CVE-2026-43365: xfs: fix undersized liclogroundoff values (bsc#1265119).
  • CVE-2026-43437: ALSA: pcm: fix use-after-free on linked stream runtime in sndpcmdrain() (bsc#1265126).
  • CVE-2026-43494: net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626).
  • CVE-2026-43500: supported.conf: drop rxrpc and af_kfs (bsc#1264450).
  • CVE-2026-43503: net: skbuff: propagate shared-frag marker through frag-transfer helpers (bsc#1265960).
  • CVE-2026-46300: net: skbuff: preserve shared-frag marker during coalescing (bsc#1265209).
  • CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265308).

The following non security issues were fixed:

  • check-for-config-changes: Exclude CCMSEXTENSIONS.
  • check-for-config-changes: Exclude HAVECFIICALLNORMALIZEINTEGERS{,_RUSTC}.
  • crypto: qat - fix ring to service map for QAT GEN4 (bsc#1258248).
  • crypto: qat - refactor fw config related functions (bsc#1258248).
  • crypto: qat - use masks for AE groups (bsc#1258248).
  • dm init: ensure device probing has finished in dm-mod.waitfor= (git-fixes).
  • mkspec: Add signature to source list only when it exists.
  • net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626).
  • net: gro: don't merge zcopy skbs (git-fixes).
  • nvmet-rdma: fix possible bad dereference when freeing rsps (bsc#1260983).
  • ocfs2: fix possible deadlock between unlink and dioendio_write (bsc#1258718).
  • ocfs2: split transactions in dio completion to avoid credit exhaustion (bsc#1258718).
  • xfrm: esp: avoid in-place decrypt on shared skb frags.
References

Affected packages