Kernel, Rust, Hauler, and more updates for SUSE

SUSE 5536 Published by

Several security updates have been released for SUSE Linux, including patches for the Linux kernel and other packages. The most critical updates are for the Linux kernel live patches, which address vulnerabilities in multiple versions of SUSE Linux Enterprise 15 SP4 and SP5. Moderate updates were also issued for various packages such as rust1.91, rust1.92, and python-weasyprint, among others. These security updates aim to patch known vulnerabilities and protect against potential threats to the system's security.

SUSE-SU-2026:0173-1: important: Security update for the Linux Kernel (Live Patch 21 for SUSE Linux Enterprise 15 SP5)
SUSE-SU-2026:0168-1: important: Security update for the Linux Kernel (Live Patch 40 for SUSE Linux Enterprise 15 SP4)
SUSE-SU-2026:0174-1: important: Security update for the Linux Kernel (Live Patch 34 for SUSE Linux Enterprise 15 SP4)
SUSE-SU-2026:0176-1: important: Security update for the Linux Kernel (Live Patch 44 for SUSE Linux Enterprise 15 SP4)
openSUSE-SU-2026:20062-1: moderate: Security update for rust1.91, rust1.92
SUSE-SU-2026:0180-1: important: Security update for the Linux Kernel (Live Patch 26 for SUSE Linux Enterprise 15 SP5)
openSUSE-SU-2026:10072-1: moderate: libblkid-devel-2.41.3-1.1 on GA media
openSUSE-SU-2026:10071-1: moderate: libraylib550-5.5-2.1 on GA media
openSUSE-SU-2026:10068-1: moderate: hauler-1.4.1-1.1 on GA media
openSUSE-SU-2026:10070-1: moderate: python-keystonemiddleware-doc-10.12.0-2.1 on GA media
openSUSE-SU-2026:10067-1: moderate: grafana-11.6.7-2.1 on GA media
SUSE-SU-2026:0184-1: important: Security update for the Linux Kernel (Live Patch 28 for SUSE Linux Enterprise 15 SP5)
SUSE-SU-2026:0185-1: important: Security update for the Linux Kernel (Live Patch 45 for SUSE Linux Enterprise 15 SP4)
openSUSE-SU-2026:0024-1: important: Security update for python-weasyprint
openSUSE-SU-2026:0026-1: important: Security update for python-weasyprint
SUSE-SU-2026:0187-1: important: Security update for the Linux Kernel (Live Patch 30 for SUSE Linux Enterprise 15 SP5)
SUSE-SU-2026:0188-1: important: Security update for the Linux Kernel (Live Patch 31 for SUSE Linux Enterprise 15 SP5)
SUSE-SU-2026:0186-1: important: Security update for the Linux Kernel (Live Patch 29 for SUSE Linux Enterprise 15 SP5)




SUSE-SU-2026:0173-1: important: Security update for the Linux Kernel (Live Patch 21 for SUSE Linux Enterprise 15 SP5)


# Security update for the Linux Kernel (Live Patch 21 for SUSE Linux Enterprise
15 SP5)

Announcement ID: SUSE-SU-2026:0173-1
Release Date: 2026-01-19T17:33:53Z
Rating: important
References:

* bsc#1235815
* bsc#1248400
* bsc#1248615
* bsc#1248670
* bsc#1250665
* bsc#1251165
* bsc#1251203
* bsc#1251787
* bsc#1253437
* bsc#1254451

Cross-References:

* CVE-2022-50327
* CVE-2022-50409
* CVE-2022-50490
* CVE-2023-53676
* CVE-2024-57849
* CVE-2024-58239
* CVE-2025-38476
* CVE-2025-38572
* CVE-2025-38608
* CVE-2025-40204

CVSS scores:

* CVE-2022-50327 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50327 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50327 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50409 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50409 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50490 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50490 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-53676 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53676 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-57849 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-57849 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-57849 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-58239 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-58239 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-58239 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38476 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38476 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38476 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38572 ( SUSE ): 9.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38572 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38572 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38608 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38608 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2025-38608 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-40204 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-40204 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves 10 vulnerabilities can now be installed.

## Description:

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.88 fixes
various security issues

The following security issues were fixed:

* CVE-2022-50327: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return
value (bsc#1254451).
* CVE-2022-50409: net: If sock is dead don't access sock's sk_wq in
sk_stream_wait_memory (bsc#1250665).
* CVE-2022-50490: bpf: Propagate error from htab_lock_bucket() to userspace
(bsc#1251165).
* CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in
lio_target_nacl_info_show() (bsc#1251787).
* CVE-2024-57849: s390/cpum_sf: handle CPU hotplug remove during sampling
(bsc#1235815).
* CVE-2024-58239: tls: stop recv() if initial process_rx_list gave us non-DATA
(bsc#1248615).
* CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline()
(bsc#1251203).
* CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment()
(bsc#1248400).
* CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data()
in ktls (bsc#1248670).
* CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-173=1

* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-173=1

## Package List:

* openSUSE Leap 15.5 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP5_Update_21-debugsource-17-150500.2.1
* kernel-livepatch-5_14_21-150500_55_88-default-17-150500.2.1
* kernel-livepatch-5_14_21-150500_55_88-default-debuginfo-17-150500.2.1
* SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP5_Update_21-debugsource-17-150500.2.1
* kernel-livepatch-5_14_21-150500_55_88-default-17-150500.2.1
* kernel-livepatch-5_14_21-150500_55_88-default-debuginfo-17-150500.2.1

## References:

* https://www.suse.com/security/cve/CVE-2022-50327.html
* https://www.suse.com/security/cve/CVE-2022-50409.html
* https://www.suse.com/security/cve/CVE-2022-50490.html
* https://www.suse.com/security/cve/CVE-2023-53676.html
* https://www.suse.com/security/cve/CVE-2024-57849.html
* https://www.suse.com/security/cve/CVE-2024-58239.html
* https://www.suse.com/security/cve/CVE-2025-38476.html
* https://www.suse.com/security/cve/CVE-2025-38572.html
* https://www.suse.com/security/cve/CVE-2025-38608.html
* https://www.suse.com/security/cve/CVE-2025-40204.html
* https://bugzilla.suse.com/show_bug.cgi?id=1235815
* https://bugzilla.suse.com/show_bug.cgi?id=1248400
* https://bugzilla.suse.com/show_bug.cgi?id=1248615
* https://bugzilla.suse.com/show_bug.cgi?id=1248670
* https://bugzilla.suse.com/show_bug.cgi?id=1250665
* https://bugzilla.suse.com/show_bug.cgi?id=1251165
* https://bugzilla.suse.com/show_bug.cgi?id=1251203
* https://bugzilla.suse.com/show_bug.cgi?id=1251787
* https://bugzilla.suse.com/show_bug.cgi?id=1253437
* https://bugzilla.suse.com/show_bug.cgi?id=1254451



SUSE-SU-2026:0168-1: important: Security update for the Linux Kernel (Live Patch 40 for SUSE Linux Enterprise 15 SP4)


# Security update for the Linux Kernel (Live Patch 40 for SUSE Linux Enterprise
15 SP4)

Announcement ID: SUSE-SU-2026:0168-1
Release Date: 2026-01-19T19:33:53Z
Rating: important
References:

* bsc#1248400
* bsc#1248615
* bsc#1248670
* bsc#1249242
* bsc#1250665
* bsc#1251165
* bsc#1251203
* bsc#1251787
* bsc#1253437
* bsc#1254451

Cross-References:

* CVE-2022-50233
* CVE-2022-50327
* CVE-2022-50409
* CVE-2022-50490
* CVE-2023-53676
* CVE-2024-58239
* CVE-2025-38476
* CVE-2025-38572
* CVE-2025-38608
* CVE-2025-40204

CVSS scores:

* CVE-2022-50233 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50233 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50233 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50327 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50327 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50327 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50409 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50409 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50490 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50490 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-53676 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53676 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-58239 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-58239 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-58239 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38476 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38476 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38476 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38572 ( SUSE ): 9.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38572 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38572 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38608 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38608 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2025-38608 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-40204 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-40204 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4

An update that solves 10 vulnerabilities can now be installed.

## Description:

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.164 fixes
various security issues

The following security issues were fixed:

* CVE-2022-50233: bluetooth: device name can cause reading kernel memory by
not supplying terminal \0 (bsc#1249242).
* CVE-2022-50327: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return
value (bsc#1254451).
* CVE-2022-50409: net: If sock is dead don't access sock's sk_wq in
sk_stream_wait_memory (bsc#1250665).
* CVE-2022-50490: bpf: Propagate error from htab_lock_bucket() to userspace
(bsc#1251165).
* CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in
lio_target_nacl_info_show() (bsc#1251787).
* CVE-2024-58239: tls: stop recv() if initial process_rx_list gave us non-DATA
(bsc#1248615).
* CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline()
(bsc#1251203).
* CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment()
(bsc#1248400).
* CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data()
in ktls (bsc#1248670).
* CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-175=1 SUSE-2026-168=1 SUSE-2026-177=1
SUSE-2026-178=1

* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-175=1 SUSE-SLE-
Module-Live-Patching-15-SP4-2026-168=1 SUSE-SLE-Module-Live-
Patching-15-SP4-2026-177=1 SUSE-SLE-Module-Live-Patching-15-SP4-2026-178=1

## Package List:

* openSUSE Leap 15.4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_164-default-debuginfo-12-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_39-debugsource-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_161-default-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_161-default-debuginfo-12-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_37-debugsource-13-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_40-debugsource-12-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_38-debugsource-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_164-default-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_153-default-debuginfo-13-150400.2.1
* kernel-livepatch-5_14_21-150400_24_158-default-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_153-default-13-150400.2.1
* kernel-livepatch-5_14_21-150400_24_158-default-debuginfo-12-150400.2.1
* SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_164-default-debuginfo-12-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_39-debugsource-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_161-default-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_161-default-debuginfo-12-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_37-debugsource-13-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_40-debugsource-12-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_38-debugsource-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_164-default-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_153-default-debuginfo-13-150400.2.1
* kernel-livepatch-5_14_21-150400_24_158-default-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_153-default-13-150400.2.1
* kernel-livepatch-5_14_21-150400_24_158-default-debuginfo-12-150400.2.1

## References:

* https://www.suse.com/security/cve/CVE-2022-50233.html
* https://www.suse.com/security/cve/CVE-2022-50327.html
* https://www.suse.com/security/cve/CVE-2022-50409.html
* https://www.suse.com/security/cve/CVE-2022-50490.html
* https://www.suse.com/security/cve/CVE-2023-53676.html
* https://www.suse.com/security/cve/CVE-2024-58239.html
* https://www.suse.com/security/cve/CVE-2025-38476.html
* https://www.suse.com/security/cve/CVE-2025-38572.html
* https://www.suse.com/security/cve/CVE-2025-38608.html
* https://www.suse.com/security/cve/CVE-2025-40204.html
* https://bugzilla.suse.com/show_bug.cgi?id=1248400
* https://bugzilla.suse.com/show_bug.cgi?id=1248615
* https://bugzilla.suse.com/show_bug.cgi?id=1248670
* https://bugzilla.suse.com/show_bug.cgi?id=1249242
* https://bugzilla.suse.com/show_bug.cgi?id=1250665
* https://bugzilla.suse.com/show_bug.cgi?id=1251165
* https://bugzilla.suse.com/show_bug.cgi?id=1251203
* https://bugzilla.suse.com/show_bug.cgi?id=1251787
* https://bugzilla.suse.com/show_bug.cgi?id=1253437
* https://bugzilla.suse.com/show_bug.cgi?id=1254451



SUSE-SU-2026:0174-1: important: Security update for the Linux Kernel (Live Patch 34 for SUSE Linux Enterprise 15 SP4)


# Security update for the Linux Kernel (Live Patch 34 for SUSE Linux Enterprise
15 SP4)

Announcement ID: SUSE-SU-2026:0174-1
Release Date: 2026-01-19T18:04:30Z
Rating: important
References:

* bsc#1235815
* bsc#1248400
* bsc#1248615
* bsc#1248670
* bsc#1249242
* bsc#1250665
* bsc#1251165
* bsc#1251203
* bsc#1251787
* bsc#1253437
* bsc#1254451

Cross-References:

* CVE-2022-50233
* CVE-2022-50327
* CVE-2022-50409
* CVE-2022-50490
* CVE-2023-53676
* CVE-2024-57849
* CVE-2024-58239
* CVE-2025-38476
* CVE-2025-38572
* CVE-2025-38608
* CVE-2025-40204

CVSS scores:

* CVE-2022-50233 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50233 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50233 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50327 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50327 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50327 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50409 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50409 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50490 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50490 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-53676 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53676 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-57849 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-57849 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-57849 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-58239 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-58239 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-58239 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38476 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38476 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38476 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38572 ( SUSE ): 9.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38572 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38572 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38608 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38608 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2025-38608 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-40204 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-40204 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4

An update that solves 11 vulnerabilities can now be installed.

## Description:

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.144 fixes
various security issues

The following security issues were fixed:

* CVE-2022-50233: bluetooth: device name can cause reading kernel memory by
not supplying terminal \0 (bsc#1249242).
* CVE-2022-50327: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return
value (bsc#1254451).
* CVE-2022-50409: net: If sock is dead don't access sock's sk_wq in
sk_stream_wait_memory (bsc#1250665).
* CVE-2022-50490: bpf: Propagate error from htab_lock_bucket() to userspace
(bsc#1251165).
* CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in
lio_target_nacl_info_show() (bsc#1251787).
* CVE-2024-57849: s390/cpum_sf: handle CPU hotplug remove during sampling
(bsc#1235815).
* CVE-2024-58239: tls: stop recv() if initial process_rx_list gave us non-DATA
(bsc#1248615).
* CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline()
(bsc#1251203).
* CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment()
(bsc#1248400).
* CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data()
in ktls (bsc#1248670).
* CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-174=1

* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-174=1

## Package List:

* openSUSE Leap 15.4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_144-default-debuginfo-19-150400.2.1
* kernel-livepatch-5_14_21-150400_24_144-default-19-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_34-debugsource-19-150400.2.1
* SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_144-default-debuginfo-19-150400.2.1
* kernel-livepatch-5_14_21-150400_24_144-default-19-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_34-debugsource-19-150400.2.1

## References:

* https://www.suse.com/security/cve/CVE-2022-50233.html
* https://www.suse.com/security/cve/CVE-2022-50327.html
* https://www.suse.com/security/cve/CVE-2022-50409.html
* https://www.suse.com/security/cve/CVE-2022-50490.html
* https://www.suse.com/security/cve/CVE-2023-53676.html
* https://www.suse.com/security/cve/CVE-2024-57849.html
* https://www.suse.com/security/cve/CVE-2024-58239.html
* https://www.suse.com/security/cve/CVE-2025-38476.html
* https://www.suse.com/security/cve/CVE-2025-38572.html
* https://www.suse.com/security/cve/CVE-2025-38608.html
* https://www.suse.com/security/cve/CVE-2025-40204.html
* https://bugzilla.suse.com/show_bug.cgi?id=1235815
* https://bugzilla.suse.com/show_bug.cgi?id=1248400
* https://bugzilla.suse.com/show_bug.cgi?id=1248615
* https://bugzilla.suse.com/show_bug.cgi?id=1248670
* https://bugzilla.suse.com/show_bug.cgi?id=1249242
* https://bugzilla.suse.com/show_bug.cgi?id=1250665
* https://bugzilla.suse.com/show_bug.cgi?id=1251165
* https://bugzilla.suse.com/show_bug.cgi?id=1251203
* https://bugzilla.suse.com/show_bug.cgi?id=1251787
* https://bugzilla.suse.com/show_bug.cgi?id=1253437
* https://bugzilla.suse.com/show_bug.cgi?id=1254451



SUSE-SU-2026:0176-1: important: Security update for the Linux Kernel (Live Patch 44 for SUSE Linux Enterprise 15 SP4)


# Security update for the Linux Kernel (Live Patch 44 for SUSE Linux Enterprise
15 SP4)

Announcement ID: SUSE-SU-2026:0176-1
Release Date: 2026-01-19T19:03:59Z
Rating: important
References:

* bsc#1248400
* bsc#1249242
* bsc#1250665
* bsc#1251165
* bsc#1251203
* bsc#1251787
* bsc#1253437
* bsc#1254451

Cross-References:

* CVE-2022-50233
* CVE-2022-50327
* CVE-2022-50409
* CVE-2022-50490
* CVE-2023-53676
* CVE-2025-38476
* CVE-2025-38572
* CVE-2025-40204

CVSS scores:

* CVE-2022-50233 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50233 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50233 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50327 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50327 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50327 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50409 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50409 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50490 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50490 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-53676 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53676 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38476 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38476 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38476 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38572 ( SUSE ): 9.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38572 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38572 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-40204 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-40204 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4

An update that solves eight vulnerabilities can now be installed.

## Description:

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.176 fixes
various security issues

The following security issues were fixed:

* CVE-2022-50233: bluetooth: device name can cause reading kernel memory by
not supplying terminal \0 (bsc#1249242).
* CVE-2022-50327: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return
value (bsc#1254451).
* CVE-2022-50409: net: If sock is dead don't access sock's sk_wq in
sk_stream_wait_memory (bsc#1250665).
* CVE-2022-50490: bpf: Propagate error from htab_lock_bucket() to userspace
(bsc#1251165).
* CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in
lio_target_nacl_info_show() (bsc#1251787).
* CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline()
(bsc#1251203).
* CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment()
(bsc#1248400).
* CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-176=1

* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-176=1

## Package List:

* openSUSE Leap 15.4 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP4_Update_44-debugsource-6-150400.2.1
* kernel-livepatch-5_14_21-150400_24_176-default-debuginfo-6-150400.2.1
* kernel-livepatch-5_14_21-150400_24_176-default-6-150400.2.1
* SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP4_Update_44-debugsource-6-150400.2.1
* kernel-livepatch-5_14_21-150400_24_176-default-debuginfo-6-150400.2.1
* kernel-livepatch-5_14_21-150400_24_176-default-6-150400.2.1

## References:

* https://www.suse.com/security/cve/CVE-2022-50233.html
* https://www.suse.com/security/cve/CVE-2022-50327.html
* https://www.suse.com/security/cve/CVE-2022-50409.html
* https://www.suse.com/security/cve/CVE-2022-50490.html
* https://www.suse.com/security/cve/CVE-2023-53676.html
* https://www.suse.com/security/cve/CVE-2025-38476.html
* https://www.suse.com/security/cve/CVE-2025-38572.html
* https://www.suse.com/security/cve/CVE-2025-40204.html
* https://bugzilla.suse.com/show_bug.cgi?id=1248400
* https://bugzilla.suse.com/show_bug.cgi?id=1249242
* https://bugzilla.suse.com/show_bug.cgi?id=1250665
* https://bugzilla.suse.com/show_bug.cgi?id=1251165
* https://bugzilla.suse.com/show_bug.cgi?id=1251203
* https://bugzilla.suse.com/show_bug.cgi?id=1251787
* https://bugzilla.suse.com/show_bug.cgi?id=1253437
* https://bugzilla.suse.com/show_bug.cgi?id=1254451



openSUSE-SU-2026:20062-1: moderate: Security update for rust1.91, rust1.92


openSUSE security update: security update for rust1.91, rust1.92
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:20062-1
Rating: moderate

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves various issues can now be installed.

Description:

This update for rust1.91 and rust1.92 fixes the following issues:

Rust is shipped in 1.91.0 version.

Please see https://github.com/rust-lang/rust/releases/tag/1.91.0 for changes.

Rust is shipped in 1.92.0 version.

Please see https://github.com/rust-lang/rust/releases/tag/1.92.0 for changes.

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-155=1

Package List:

- openSUSE Leap 16.0:

cargo1.91-1.91.0-160000.1.1
cargo1.92-1.92.0-160000.1.1
rust1.91-1.91.0-160000.1.1
rust1.91-src-1.91.0-160000.1.1
rust1.92-1.92.0-160000.1.1
rust1.92-src-1.92.0-160000.1.1



SUSE-SU-2026:0180-1: important: Security update for the Linux Kernel (Live Patch 26 for SUSE Linux Enterprise 15 SP5)


# Security update for the Linux Kernel (Live Patch 26 for SUSE Linux Enterprise
15 SP5)

Announcement ID: SUSE-SU-2026:0180-1
Release Date: 2026-01-20T07:04:30Z
Rating: important
References:

* bsc#1248400
* bsc#1248615
* bsc#1248670
* bsc#1250665
* bsc#1251165
* bsc#1251203
* bsc#1251787
* bsc#1253437
* bsc#1254451

Cross-References:

* CVE-2022-50327
* CVE-2022-50409
* CVE-2022-50490
* CVE-2023-53676
* CVE-2024-58239
* CVE-2025-38476
* CVE-2025-38572
* CVE-2025-38608
* CVE-2025-40204

CVSS scores:

* CVE-2022-50327 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50327 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50327 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50409 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50409 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50490 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50490 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-53676 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53676 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-58239 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-58239 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-58239 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38476 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38476 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38476 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38572 ( SUSE ): 9.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38572 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38572 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38608 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38608 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2025-38608 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-40204 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-40204 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves nine vulnerabilities can now be installed.

## Description:

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.103 fixes
various security issues

The following security issues were fixed:

* CVE-2022-50327: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return
value (bsc#1254451).
* CVE-2022-50409: net: If sock is dead don't access sock's sk_wq in
sk_stream_wait_memory (bsc#1250665).
* CVE-2022-50490: bpf: Propagate error from htab_lock_bucket() to userspace
(bsc#1251165).
* CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in
lio_target_nacl_info_show() (bsc#1251787).
* CVE-2024-58239: tls: stop recv() if initial process_rx_list gave us non-DATA
(bsc#1248615).
* CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline()
(bsc#1251203).
* CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment()
(bsc#1248400).
* CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data()
in ktls (bsc#1248670).
* CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-180=1 SUSE-2026-181=1 SUSE-2026-179=1

* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-180=1 SUSE-SLE-
Module-Live-Patching-15-SP5-2026-181=1 SUSE-SLE-Module-Live-
Patching-15-SP5-2026-179=1

## Package List:

* openSUSE Leap 15.5 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP5_Update_25-debugsource-12-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_24-debugsource-13-150500.2.1
* kernel-livepatch-5_14_21-150500_55_103-default-debuginfo-12-150500.2.1
* kernel-livepatch-5_14_21-150500_55_100-default-12-150500.2.1
* kernel-livepatch-5_14_21-150500_55_97-default-13-150500.2.1
* kernel-livepatch-5_14_21-150500_55_97-default-debuginfo-13-150500.2.1
* kernel-livepatch-5_14_21-150500_55_100-default-debuginfo-12-150500.2.1
* kernel-livepatch-5_14_21-150500_55_103-default-12-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_26-debugsource-12-150500.2.1
* SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP5_Update_25-debugsource-12-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_24-debugsource-13-150500.2.1
* kernel-livepatch-5_14_21-150500_55_103-default-debuginfo-12-150500.2.1
* kernel-livepatch-5_14_21-150500_55_100-default-12-150500.2.1
* kernel-livepatch-5_14_21-150500_55_97-default-13-150500.2.1
* kernel-livepatch-5_14_21-150500_55_97-default-debuginfo-13-150500.2.1
* kernel-livepatch-5_14_21-150500_55_100-default-debuginfo-12-150500.2.1
* kernel-livepatch-5_14_21-150500_55_103-default-12-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_26-debugsource-12-150500.2.1

## References:

* https://www.suse.com/security/cve/CVE-2022-50327.html
* https://www.suse.com/security/cve/CVE-2022-50409.html
* https://www.suse.com/security/cve/CVE-2022-50490.html
* https://www.suse.com/security/cve/CVE-2023-53676.html
* https://www.suse.com/security/cve/CVE-2024-58239.html
* https://www.suse.com/security/cve/CVE-2025-38476.html
* https://www.suse.com/security/cve/CVE-2025-38572.html
* https://www.suse.com/security/cve/CVE-2025-38608.html
* https://www.suse.com/security/cve/CVE-2025-40204.html
* https://bugzilla.suse.com/show_bug.cgi?id=1248400
* https://bugzilla.suse.com/show_bug.cgi?id=1248615
* https://bugzilla.suse.com/show_bug.cgi?id=1248670
* https://bugzilla.suse.com/show_bug.cgi?id=1250665
* https://bugzilla.suse.com/show_bug.cgi?id=1251165
* https://bugzilla.suse.com/show_bug.cgi?id=1251203
* https://bugzilla.suse.com/show_bug.cgi?id=1251787
* https://bugzilla.suse.com/show_bug.cgi?id=1253437
* https://bugzilla.suse.com/show_bug.cgi?id=1254451



openSUSE-SU-2026:10072-1: moderate: libblkid-devel-2.41.3-1.1 on GA media


# libblkid-devel-2.41.3-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10072-1
Rating: moderate

Cross-References:

* CVE-2025-14104

CVSS scores:

* CVE-2025-14104 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2025-14104 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the libblkid-devel-2.41.3-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* libblkid-devel 2.41.3-1.1
* libblkid-devel-32bit 2.41.3-1.1
* libblkid-devel-static 2.41.3-1.1
* libblkid1 2.41.3-1.1
* libblkid1-32bit 2.41.3-1.1
* libfdisk-devel 2.41.3-1.1
* libfdisk-devel-32bit 2.41.3-1.1
* libfdisk-devel-static 2.41.3-1.1
* libfdisk1 2.41.3-1.1
* libfdisk1-32bit 2.41.3-1.1
* libmount-devel 2.41.3-1.1
* libmount-devel-32bit 2.41.3-1.1
* libmount-devel-static 2.41.3-1.1
* libmount1 2.41.3-1.1
* libmount1-32bit 2.41.3-1.1
* libsmartcols-devel 2.41.3-1.1
* libsmartcols-devel-32bit 2.41.3-1.1
* libsmartcols-devel-static 2.41.3-1.1
* libsmartcols1 2.41.3-1.1
* libsmartcols1-32bit 2.41.3-1.1
* libuuid-devel 2.41.3-1.1
* libuuid-devel-32bit 2.41.3-1.1
* libuuid-devel-static 2.41.3-1.1
* libuuid1 2.41.3-1.1
* libuuid1-32bit 2.41.3-1.1
* util-linux 2.41.3-1.1
* util-linux-lang 2.41.3-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-14104.html



openSUSE-SU-2026:10071-1: moderate: libraylib550-5.5-2.1 on GA media


# libraylib550-5.5-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10071-1
Rating: moderate

Cross-References:

* CVE-2025-15533
* CVE-2025-15534

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the libraylib550-5.5-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* libraylib550 5.5-2.1
* raylib-devel 5.5-2.1

## References:

* https://www.suse.com/security/cve/CVE-2025-15533.html
* https://www.suse.com/security/cve/CVE-2025-15534.html



openSUSE-SU-2026:10068-1: moderate: hauler-1.4.1-1.1 on GA media


# hauler-1.4.1-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10068-1
Rating: moderate

Cross-References:

* CVE-2026-22772

CVSS scores:

* CVE-2026-22772 ( SUSE ): 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
* CVE-2026-22772 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the hauler-1.4.1-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* hauler 1.4.1-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-22772.html



openSUSE-SU-2026:10070-1: moderate: python-keystonemiddleware-doc-10.12.0-2.1 on GA media


# python-keystonemiddleware-doc-10.12.0-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10070-1
Rating: moderate

Cross-References:

* CVE-2026-22797

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the python-keystonemiddleware-doc-10.12.0-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* python-keystonemiddleware-doc 10.12.0-2.1
* python311-keystonemiddleware 10.12.0-2.1
* python312-keystonemiddleware 10.12.0-2.1
* python313-keystonemiddleware 10.12.0-2.1

## References:

* https://www.suse.com/security/cve/CVE-2026-22797.html



openSUSE-SU-2026:10067-1: moderate: grafana-11.6.7-2.1 on GA media


# grafana-11.6.7-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10067-1
Rating: moderate

Cross-References:

* CVE-2025-68156

CVSS scores:

* CVE-2025-68156 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68156 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the grafana-11.6.7-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* grafana 11.6.7-2.1

## References:

* https://www.suse.com/security/cve/CVE-2025-68156.html



SUSE-SU-2026:0184-1: important: Security update for the Linux Kernel (Live Patch 28 for SUSE Linux Enterprise 15 SP5)


# Security update for the Linux Kernel (Live Patch 28 for SUSE Linux Enterprise
15 SP5)

Announcement ID: SUSE-SU-2026:0184-1
Release Date: 2026-01-20T09:34:00Z
Rating: important
References:

* bsc#1248400
* bsc#1248615
* bsc#1248670
* bsc#1250665
* bsc#1251165
* bsc#1251203
* bsc#1251787
* bsc#1253437
* bsc#1254451

Cross-References:

* CVE-2022-50327
* CVE-2022-50409
* CVE-2022-50490
* CVE-2023-53676
* CVE-2024-58239
* CVE-2025-38476
* CVE-2025-38572
* CVE-2025-38608
* CVE-2025-40204

CVSS scores:

* CVE-2022-50327 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50327 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50327 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50409 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50409 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50490 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50490 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-53676 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53676 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-58239 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-58239 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-58239 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38476 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38476 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38476 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38572 ( SUSE ): 9.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38572 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38572 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38608 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38608 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2025-38608 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-40204 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-40204 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves nine vulnerabilities can now be installed.

## Description:

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.113 fixes
various security issues

The following security issues were fixed:

* CVE-2022-50327: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return
value (bsc#1254451).
* CVE-2022-50409: net: If sock is dead don't access sock's sk_wq in
sk_stream_wait_memory (bsc#1250665).
* CVE-2022-50490: bpf: Propagate error from htab_lock_bucket() to userspace
(bsc#1251165).
* CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in
lio_target_nacl_info_show() (bsc#1251787).
* CVE-2024-58239: tls: stop recv() if initial process_rx_list gave us non-DATA
(bsc#1248615).
* CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline()
(bsc#1251203).
* CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment()
(bsc#1248400).
* CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data()
in ktls (bsc#1248670).
* CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-184=1 SUSE-2026-182=1

* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-184=1 SUSE-SLE-
Module-Live-Patching-15-SP5-2026-182=1

## Package List:

* openSUSE Leap 15.5 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150500_55_110-default-debuginfo-11-150500.2.1
* kernel-livepatch-5_14_21-150500_55_110-default-11-150500.2.1
* kernel-livepatch-5_14_21-150500_55_113-default-10-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_28-debugsource-10-150500.2.1
* kernel-livepatch-5_14_21-150500_55_113-default-debuginfo-10-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_27-debugsource-11-150500.2.1
* SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150500_55_110-default-debuginfo-11-150500.2.1
* kernel-livepatch-5_14_21-150500_55_110-default-11-150500.2.1
* kernel-livepatch-5_14_21-150500_55_113-default-10-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_28-debugsource-10-150500.2.1
* kernel-livepatch-5_14_21-150500_55_113-default-debuginfo-10-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_27-debugsource-11-150500.2.1

## References:

* https://www.suse.com/security/cve/CVE-2022-50327.html
* https://www.suse.com/security/cve/CVE-2022-50409.html
* https://www.suse.com/security/cve/CVE-2022-50490.html
* https://www.suse.com/security/cve/CVE-2023-53676.html
* https://www.suse.com/security/cve/CVE-2024-58239.html
* https://www.suse.com/security/cve/CVE-2025-38476.html
* https://www.suse.com/security/cve/CVE-2025-38572.html
* https://www.suse.com/security/cve/CVE-2025-38608.html
* https://www.suse.com/security/cve/CVE-2025-40204.html
* https://bugzilla.suse.com/show_bug.cgi?id=1248400
* https://bugzilla.suse.com/show_bug.cgi?id=1248615
* https://bugzilla.suse.com/show_bug.cgi?id=1248670
* https://bugzilla.suse.com/show_bug.cgi?id=1250665
* https://bugzilla.suse.com/show_bug.cgi?id=1251165
* https://bugzilla.suse.com/show_bug.cgi?id=1251203
* https://bugzilla.suse.com/show_bug.cgi?id=1251787
* https://bugzilla.suse.com/show_bug.cgi?id=1253437
* https://bugzilla.suse.com/show_bug.cgi?id=1254451



SUSE-SU-2026:0185-1: important: Security update for the Linux Kernel (Live Patch 45 for SUSE Linux Enterprise 15 SP4)


# Security update for the Linux Kernel (Live Patch 45 for SUSE Linux Enterprise
15 SP4)

Announcement ID: SUSE-SU-2026:0185-1
Release Date: 2026-01-20T11:08:06Z
Rating: important
References:

* bsc#1251165
* bsc#1251787
* bsc#1253437
* bsc#1254451

Cross-References:

* CVE-2022-50327
* CVE-2022-50490
* CVE-2023-53676
* CVE-2025-40204

CVSS scores:

* CVE-2022-50327 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50327 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50327 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50490 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50490 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-53676 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53676 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-40204 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-40204 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4

An update that solves four vulnerabilities can now be installed.

## Description:

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.179 fixes
various security issues

The following security issues were fixed:

* CVE-2022-50327: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return
value (bsc#1254451).
* CVE-2022-50490: bpf: Propagate error from htab_lock_bucket() to userspace
(bsc#1251165).
* CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in
lio_target_nacl_info_show() (bsc#1251787).
* CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-185=1

* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-185=1

## Package List:

* openSUSE Leap 15.4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_179-default-debuginfo-4-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_45-debugsource-4-150400.2.1
* kernel-livepatch-5_14_21-150400_24_179-default-4-150400.2.1
* SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_179-default-debuginfo-4-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_45-debugsource-4-150400.2.1
* kernel-livepatch-5_14_21-150400_24_179-default-4-150400.2.1

## References:

* https://www.suse.com/security/cve/CVE-2022-50327.html
* https://www.suse.com/security/cve/CVE-2022-50490.html
* https://www.suse.com/security/cve/CVE-2023-53676.html
* https://www.suse.com/security/cve/CVE-2025-40204.html
* https://bugzilla.suse.com/show_bug.cgi?id=1251165
* https://bugzilla.suse.com/show_bug.cgi?id=1251787
* https://bugzilla.suse.com/show_bug.cgi?id=1253437
* https://bugzilla.suse.com/show_bug.cgi?id=1254451



openSUSE-SU-2026:0024-1: important: Security update for python-weasyprint


openSUSE Security Update: Security update for python-weasyprint
_______________________________

Announcement ID: openSUSE-SU-2026:0024-1
Rating: important
References: #1256936
Cross-References: CVE-2025-68616
CVSS scores:
CVE-2025-68616 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes one vulnerability is now available.

Description:

This update for python-weasyprint fixes the following issues:

- CVE-2025-68616: Fixed a server-side request forgery in default fetcher
(boo#1256936).

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-24=1

Package List:

- openSUSE Backports SLE-15-SP7 (noarch):

python311-weasyprint-60.2-bp157.2.3.1

References:

https://www.suse.com/security/cve/CVE-2025-68616.html
https://bugzilla.suse.com/1256936



openSUSE-SU-2026:0026-1: important: Security update for python-weasyprint


openSUSE Security Update: Security update for python-weasyprint
_______________________________

Announcement ID: openSUSE-SU-2026:0026-1
Rating: important
References: #1256936
Cross-References: CVE-2025-68616
CVSS scores:
CVE-2025-68616 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products:
openSUSE Backports SLE-15-SP6
_______________________________

An update that fixes one vulnerability is now available.

Description:

This update for python-weasyprint fixes the following issues:

- CVE-2025-68616: Fixed a server-side request forgery in default fetcher
(boo#1256936).

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2026-26=1

Package List:

- openSUSE Backports SLE-15-SP6 (noarch):

python311-weasyprint-60.2-bp156.2.3.1

References:

https://www.suse.com/security/cve/CVE-2025-68616.html
https://bugzilla.suse.com/1256936



SUSE-SU-2026:0187-1: important: Security update for the Linux Kernel (Live Patch 30 for SUSE Linux Enterprise 15 SP5)


# Security update for the Linux Kernel (Live Patch 30 for SUSE Linux Enterprise
15 SP5)

Announcement ID: SUSE-SU-2026:0187-1
Release Date: 2026-01-20T12:46:06Z
Rating: important
References:

* bsc#1248400
* bsc#1250665
* bsc#1251165
* bsc#1251203
* bsc#1251787
* bsc#1253437
* bsc#1254451

Cross-References:

* CVE-2022-50327
* CVE-2022-50409
* CVE-2022-50490
* CVE-2023-53676
* CVE-2025-38476
* CVE-2025-38572
* CVE-2025-40204

CVSS scores:

* CVE-2022-50327 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50327 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50327 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50409 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50409 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50490 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50490 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-53676 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53676 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38476 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38476 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38476 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38572 ( SUSE ): 9.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38572 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38572 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-40204 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-40204 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves seven vulnerabilities can now be installed.

## Description:

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.121 fixes
various security issues

The following security issues were fixed:

* CVE-2022-50327: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return
value (bsc#1254451).
* CVE-2022-50409: net: If sock is dead don't access sock's sk_wq in
sk_stream_wait_memory (bsc#1250665).
* CVE-2022-50490: bpf: Propagate error from htab_lock_bucket() to userspace
(bsc#1251165).
* CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in
lio_target_nacl_info_show() (bsc#1251787).
* CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline()
(bsc#1251203).
* CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment()
(bsc#1248400).
* CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-187=1

* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-187=1

## Package List:

* openSUSE Leap 15.5 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP5_Update_30-debugsource-5-150500.2.1
* kernel-livepatch-5_14_21-150500_55_121-default-debuginfo-5-150500.2.1
* kernel-livepatch-5_14_21-150500_55_121-default-5-150500.2.1
* SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP5_Update_30-debugsource-5-150500.2.1
* kernel-livepatch-5_14_21-150500_55_121-default-debuginfo-5-150500.2.1
* kernel-livepatch-5_14_21-150500_55_121-default-5-150500.2.1

## References:

* https://www.suse.com/security/cve/CVE-2022-50327.html
* https://www.suse.com/security/cve/CVE-2022-50409.html
* https://www.suse.com/security/cve/CVE-2022-50490.html
* https://www.suse.com/security/cve/CVE-2023-53676.html
* https://www.suse.com/security/cve/CVE-2025-38476.html
* https://www.suse.com/security/cve/CVE-2025-38572.html
* https://www.suse.com/security/cve/CVE-2025-40204.html
* https://bugzilla.suse.com/show_bug.cgi?id=1248400
* https://bugzilla.suse.com/show_bug.cgi?id=1250665
* https://bugzilla.suse.com/show_bug.cgi?id=1251165
* https://bugzilla.suse.com/show_bug.cgi?id=1251203
* https://bugzilla.suse.com/show_bug.cgi?id=1251787
* https://bugzilla.suse.com/show_bug.cgi?id=1253437
* https://bugzilla.suse.com/show_bug.cgi?id=1254451



SUSE-SU-2026:0188-1: important: Security update for the Linux Kernel (Live Patch 31 for SUSE Linux Enterprise 15 SP5)


# Security update for the Linux Kernel (Live Patch 31 for SUSE Linux Enterprise
15 SP5)

Announcement ID: SUSE-SU-2026:0188-1
Release Date: 2026-01-20T14:06:23Z
Rating: important
References:

* bsc#1251165
* bsc#1251203
* bsc#1251787
* bsc#1253437
* bsc#1254451

Cross-References:

* CVE-2022-50327
* CVE-2022-50490
* CVE-2023-53676
* CVE-2025-38476
* CVE-2025-40204

CVSS scores:

* CVE-2022-50327 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50327 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50327 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50490 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50490 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-53676 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53676 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38476 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38476 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38476 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-40204 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-40204 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves five vulnerabilities can now be installed.

## Description:

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.124 fixes
various security issues

The following security issues were fixed:

* CVE-2022-50327: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return
value (bsc#1254451).
* CVE-2022-50490: bpf: Propagate error from htab_lock_bucket() to userspace
(bsc#1251165).
* CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in
lio_target_nacl_info_show() (bsc#1251787).
* CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline()
(bsc#1251203).
* CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-188=1

* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-188=1

## Package List:

* openSUSE Leap 15.5 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP5_Update_31-debugsource-3-150500.2.1
* kernel-livepatch-5_14_21-150500_55_124-default-debuginfo-3-150500.2.1
* kernel-livepatch-5_14_21-150500_55_124-default-3-150500.2.1
* SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP5_Update_31-debugsource-3-150500.2.1
* kernel-livepatch-5_14_21-150500_55_124-default-debuginfo-3-150500.2.1
* kernel-livepatch-5_14_21-150500_55_124-default-3-150500.2.1

## References:

* https://www.suse.com/security/cve/CVE-2022-50327.html
* https://www.suse.com/security/cve/CVE-2022-50490.html
* https://www.suse.com/security/cve/CVE-2023-53676.html
* https://www.suse.com/security/cve/CVE-2025-38476.html
* https://www.suse.com/security/cve/CVE-2025-40204.html
* https://bugzilla.suse.com/show_bug.cgi?id=1251165
* https://bugzilla.suse.com/show_bug.cgi?id=1251203
* https://bugzilla.suse.com/show_bug.cgi?id=1251787
* https://bugzilla.suse.com/show_bug.cgi?id=1253437
* https://bugzilla.suse.com/show_bug.cgi?id=1254451



SUSE-SU-2026:0186-1: important: Security update for the Linux Kernel (Live Patch 29 for SUSE Linux Enterprise 15 SP5)


# Security update for the Linux Kernel (Live Patch 29 for SUSE Linux Enterprise
15 SP5)

Announcement ID: SUSE-SU-2026:0186-1
Release Date: 2026-01-20T12:45:55Z
Rating: important
References:

* bsc#1248400
* bsc#1248615
* bsc#1248670
* bsc#1250665
* bsc#1251165
* bsc#1251203
* bsc#1251787
* bsc#1253437
* bsc#1254451

Cross-References:

* CVE-2022-50327
* CVE-2022-50409
* CVE-2022-50490
* CVE-2023-53676
* CVE-2024-58239
* CVE-2025-38476
* CVE-2025-38572
* CVE-2025-38608
* CVE-2025-40204

CVSS scores:

* CVE-2022-50327 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50327 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50327 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50409 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50409 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50490 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50490 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-53676 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53676 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-58239 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-58239 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-58239 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38476 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38476 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38476 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38572 ( SUSE ): 9.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38572 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38572 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38608 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38608 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2025-38608 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-40204 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-40204 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves nine vulnerabilities can now be installed.

## Description:

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.116 fixes
various security issues

The following security issues were fixed:

* CVE-2022-50327: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return
value (bsc#1254451).
* CVE-2022-50409: net: If sock is dead don't access sock's sk_wq in
sk_stream_wait_memory (bsc#1250665).
* CVE-2022-50490: bpf: Propagate error from htab_lock_bucket() to userspace
(bsc#1251165).
* CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in
lio_target_nacl_info_show() (bsc#1251787).
* CVE-2024-58239: tls: stop recv() if initial process_rx_list gave us non-DATA
(bsc#1248615).
* CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline()
(bsc#1251203).
* CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment()
(bsc#1248400).
* CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data()
in ktls (bsc#1248670).
* CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-186=1

* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-186=1

## Package List:

* openSUSE Leap 15.5 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP5_Update_29-debugsource-8-150500.2.1
* kernel-livepatch-5_14_21-150500_55_116-default-8-150500.2.1
* kernel-livepatch-5_14_21-150500_55_116-default-debuginfo-8-150500.2.1
* SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150500_55_116-default-8-150500.2.1
* kernel-livepatch-5_14_21-150500_55_116-default-debuginfo-8-150500.2.1
* SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x)
* kernel-livepatch-SLE15-SP5_Update_29-debugsource-8-150500.2.1

## References:

* https://www.suse.com/security/cve/CVE-2022-50327.html
* https://www.suse.com/security/cve/CVE-2022-50409.html
* https://www.suse.com/security/cve/CVE-2022-50490.html
* https://www.suse.com/security/cve/CVE-2023-53676.html
* https://www.suse.com/security/cve/CVE-2024-58239.html
* https://www.suse.com/security/cve/CVE-2025-38476.html
* https://www.suse.com/security/cve/CVE-2025-38572.html
* https://www.suse.com/security/cve/CVE-2025-38608.html
* https://www.suse.com/security/cve/CVE-2025-40204.html
* https://bugzilla.suse.com/show_bug.cgi?id=1248400
* https://bugzilla.suse.com/show_bug.cgi?id=1248615
* https://bugzilla.suse.com/show_bug.cgi?id=1248670
* https://bugzilla.suse.com/show_bug.cgi?id=1250665
* https://bugzilla.suse.com/show_bug.cgi?id=1251165
* https://bugzilla.suse.com/show_bug.cgi?id=1251203
* https://bugzilla.suse.com/show_bug.cgi?id=1251787
* https://bugzilla.suse.com/show_bug.cgi?id=1253437
* https://bugzilla.suse.com/show_bug.cgi?id=1254451


JMC, GPSD-Minimal, Kernel, NET-SNMP updates for AlmaLinux

Dungeon Crawl Stone Stoup update for Ubuntu LTS

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...