SUSE-SU-2026:21598-1
- Source
- https://www.suse.com/support/update/announcement/2026/suse-su-202621598-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:21598-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/SUSE-SU-2026:21598-1
- Upstream
- Related
- Published
- 2026-05-08T08:30:42Z
- Modified
- 2026-05-16T18:23:57.918244222Z
- Summary
- Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 16)
- Details
-
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.8.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048).
- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in etsqdiscchange (bsc#1258005).
- CVE-2026-23004: dst: fix races in rt6uncachedlistdel() and rtdeluncachedlist() (bsc#1258655).
- CVE-2026-23204: net/sched: clsu32: use skbheaderpointercareful() (bsc#1259126).
- CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845).
- CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrmnatkeepalivenetfini() (bsc#1261630).
- CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689).
- References
-
- https://www.suse.com/support/update/announcement/2026/suse-su-202621598-1/
- https://bugzilla.suse.com/1252048
- https://bugzilla.suse.com/1258005
- https://bugzilla.suse.com/1258655
- https://bugzilla.suse.com/1259126
- https://bugzilla.suse.com/1261630
- https://bugzilla.suse.com/1261845
- https://bugzilla.suse.com/1263689
- https://www.suse.com/security/cve/CVE-2025-39977
- https://www.suse.com/security/cve/CVE-2025-71066
- https://www.suse.com/security/cve/CVE-2026-23004
- https://www.suse.com/security/cve/CVE-2026-23204
- https://www.suse.com/security/cve/CVE-2026-23437
- https://www.suse.com/security/cve/CVE-2026-31406
- https://www.suse.com/security/cve/CVE-2026-31431