Main Vulnerability Database SB2026021263

SB2026021263 - SUSE update for the Linux Kernel

Published: February 12, 2026

Security Bulletin ID SB2026021263

Severity

Low

Patch available

YES

Number of vulnerabilities 50

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 50 secuirty vulnerabilities.

1) Race condition within a thread (CVE-ID: CVE-2022-49604)

The vulnerability allows a local user to corrupt data.

The vulnerability exists due to a data race within the ip_mtu_from_fib_result() function in net/ipv4/route.c. A local user can corrupt data.

2) Improper locking (CVE-ID: CVE-2022-49943)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the usb_gadget_disconnect(), gadget_bind_driver(), gadget_unbind_driver(), soft_connect_store() and function_show() functions in drivers/usb/gadget/udc/core.c. A local user can perform a denial of service (DoS) attack.

3) Use-after-free (CVE-ID: CVE-2022-49980)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the usb_udc_uevent() function in drivers/usb/gadget/udc/core.c. A local user can escalate privileges on the system.

4) Buffer overflow (CVE-ID: CVE-2022-50232)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the SYM_FUNC_START_LOCAL() function in arch/arm64/kernel/head.S. A local user can perform a denial of service (DoS) attack.

5) Use-after-free (CVE-ID: CVE-2022-50697)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mrp_join_timer(), mrp_periodic_timer(), mrp_init_applicant() and mrp_uninit_applicant() functions in net/802/mrp.c. A local user can escalate privileges on the system.

6) Input validation error (CVE-ID: CVE-2023-52433)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the __nft_rbtree_insert() function in net/netfilter/nft_set_rbtree.c. A local user can perform a denial of service (DoS) attack.

7) Buffer overflow (CVE-ID: CVE-2023-52874)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the SYM_FUNC_END() function in arch/x86/coco/tdx/tdcall.S. A local user can perform a denial of service (DoS) attack.

8) Improper locking (CVE-ID: CVE-2023-52923)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the nft_rbtree_cmp(), __nft_rbtree_lookup(), nft_rbtree_get(), nft_rbtree_gc_elem(), nft_rbtree_activate(), nft_rbtree_flush() and nft_rbtree_gc() functions in net/netfilter/nft_set_rbtree.c, within the pipapo_drop(), pipapo_gc() and nft_pipapo_activate() functions in net/netfilter/nft_set_pipapo.c, within the nft_rhash_cmp(), nft_rhash_activate(), nft_rhash_flush(), nft_rhash_deactivate(), nft_rhash_gc() and nft_rhash_destroy() functions in net/netfilter/nft_set_hash.c. A local user can perform a denial of service (DoS) attack.

9) Use-after-free (CVE-ID: CVE-2023-53178)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the zswap_writeback_entry() function in mm/zswap.c. A local user can escalate privileges on the system.

10) Memory leak (CVE-ID: CVE-2023-53407)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the pxa_init_debugfs() function in drivers/usb/gadget/udc/pxa27x_udc.c. A local user can perform a denial of service (DoS) attack.

11) Memory leak (CVE-ID: CVE-2023-53412)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the bcm63xx_udc_init_debugfs() function in drivers/usb/gadget/udc/bcm63xx_udc.c. A local user can perform a denial of service (DoS) attack.

12) Memory leak (CVE-ID: CVE-2023-53417)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the create_debug_file() function in drivers/usb/host/sl811-hcd.c. A local user can perform a denial of service (DoS) attack.

13) Memory leak (CVE-ID: CVE-2023-53418)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the create_debug_file() function in drivers/usb/gadget/udc/lpc32xx_udc.c. A local user can perform a denial of service (DoS) attack.

14) NULL pointer dereference (CVE-ID: CVE-2023-53714)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ltdc_crtc_disable_vblank() function in drivers/gpu/drm/stm/ltdc.c. A local user can perform a denial of service (DoS) attack.

15) Use-after-free (CVE-ID: CVE-2023-54142)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __gtp_encap_destroy() function in drivers/net/gtp.c. A local user can escalate privileges on the system.

16) Use-after-free (CVE-ID: CVE-2023-54243)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __do_replace() function in net/ipv6/netfilter/ip6_tables.c. A local user can escalate privileges on the system.

17) Input validation error (CVE-ID: CVE-2024-26581)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in net/netfilter/nft_set_rbtree.c. A locla user can perform a denial of service (DoS) attack.

18) Resource management error (CVE-ID: CVE-2024-26661)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the dcn21_set_abm_immediate_disable() function in drivers/gpu/drm/amd/display/dc/dcn21/dcn21_hwseq.c. A local user can perform a denial of service (DoS) attack.

19) Race condition (CVE-ID: CVE-2024-26832)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the zswap_writeback_entry() function in mm/zswap.c. A local user can escalate privileges on the system.

20) Use of uninitialized resource (CVE-ID: CVE-2024-50143)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the udf_current_aext() function in fs/udf/inode.c. A local user can perform a denial of service (DoS) attack.

21) Resource management error (CVE-ID: CVE-2024-54031)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the include/net/netfilter/nf_tables.h. A local user can perform a denial of service (DoS) attack.

22) NULL pointer dereference (CVE-ID: CVE-2025-21658)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the scrub_find_fill_first_stripe() function in fs/btrfs/scrub.c. A local user can perform a denial of service (DoS) attack.

23) Use-after-free (CVE-ID: CVE-2025-21760)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ip6_nd_hdr() and ndisc_send_skb() functions in net/ipv6/ndisc.c. A local user can escalate privileges on the system.

24) Use-after-free (CVE-ID: CVE-2025-21764)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ndisc_alloc_skb() function in net/ipv6/ndisc.c. A local user can escalate privileges on the system.

25) Input validation error (CVE-ID: CVE-2025-21765)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the ip6_default_advmss() function in net/ipv6/route.c. A local user can perform a denial of service (DoS) attack.

26) Input validation error (CVE-ID: CVE-2025-21766)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the out: kfree_skb_reason() and __ip_rt_update_pmtu() functions in net/ipv4/route.c. A local user can perform a denial of service (DoS) attack.

27) Buffer overflow (CVE-ID: CVE-2025-38068)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the lzo1x_1_do_compress() and lzogeneric1x_1_compress() functions in lib/lzo/lzo1x_compress.c, within the obj-$() function in lib/lzo/Makefile, within the __lzo_compress() function in crypto/lzo.c, within the __lzorle_compress() function in crypto/lzo-rle.c. A local user can perform a denial of service (DoS) attack.

28) Use-after-free (CVE-ID: CVE-2025-38129)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the page_pool_ethtool_stats_get(), page_pool_return_page() and page_pool_scrub() functions in net/core/page_pool.c. A local user can escalate privileges on the system.

29) Out-of-bounds read (CVE-ID: CVE-2025-38159)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the rtw_coex_tdma_timer_base() function in drivers/net/wireless/realtek/rtw88/coex.c. A local user can perform a denial of service (DoS) attack.

30) Out-of-bounds read (CVE-ID: CVE-2025-38375)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the mergeable_ctx_to_truesize(), virtnet_get_headroom(), xdp_linearize_page(), receive_small_xdp() and mergeable_xdp_get_buf() functions in drivers/net/virtio_net.c. A local user can perform a denial of service (DoS) attack.

31) Memory leak (CVE-ID: CVE-2025-38563)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the perf_mmap_pfn_mkwrite() function in kernel/events/core.c. A local user can perform a denial of service (DoS) attack.

32) Memory leak (CVE-ID: CVE-2025-38565)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the mutex_unlock() and vm_flags_set() functions in kernel/events/core.c. A local user can perform a denial of service (DoS) attack.

33) NULL pointer dereference (CVE-ID: CVE-2025-38684)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ets_qdisc_change() function in net/sched/sch_ets.c. A local user can perform a denial of service (DoS) attack.

34) Use-after-free (CVE-ID: CVE-2025-40044)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the udf_current_aext() function in fs/udf/inode.c. A local user can escalate privileges on the system.

35) Use-after-free (CVE-ID: CVE-2025-40139)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the smc_clc_msg_hdr_valid(), smc_clc_prfx_set4_rcu() and smc_clc_prfx_set() functions in net/smc/smc_clc.c. A local user can escalate privileges on the system.

36) Use-after-free (CVE-ID: CVE-2025-40257)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mptcp_remove_anno_list_by_saddr(), mptcp_pm_del_add_timer() and mptcp_pm_free_anno_list() functions in net/mptcp/pm.c. A local user can escalate privileges on the system.

37) Input validation error (CVE-ID: CVE-2025-40300)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the vcpu_enter_guest() function in arch/x86/kvm/x86.c. A local user can perform a denial of service (DoS) attack.

38) Buffer overflow (CVE-ID: CVE-2025-68183)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the ima_protect_xattr(), ima_reset_appraise_flags(), ima_inode_setxattr() and ima_inode_set_acl() functions in security/integrity/ima/ima_appraise.c. A local user can perform a denial of service (DoS) attack.

39) Out-of-bounds read (CVE-ID: CVE-2025-68284)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the handle_auth_session_key() function in net/ceph/auth_x.c. A local user can perform a denial of service (DoS) attack.

40) Use-after-free (CVE-ID: CVE-2025-68285)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the monmap_show() and osdmap_show() functions in net/ceph/debugfs.c. A local user can escalate privileges on the system.

41) Resource management error (CVE-ID: CVE-2025-68312)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the function in drivers/net/usb/usbnet.c. A local user can perform a denial of service (DoS) attack.

42) Improper error handling (CVE-ID: CVE-2025-68771)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the ocfs2_claim_suballoc_bits() function in fs/ocfs2/suballoc.c. A local user can perform a denial of service (DoS) attack.

43) NULL pointer dereference (CVE-ID: CVE-2025-68813)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the __ip_vs_get_out_rt() function in net/netfilter/ipvs/ip_vs_xmit.c. A local user can perform a denial of service (DoS) attack.

44) Resource management error (CVE-ID: CVE-2025-71085)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the calipso_skbuff_setattr() function in net/ipv6/calipso.c. A local user can perform a denial of service (DoS) attack.

45) Double free (CVE-ID: CVE-2025-71089)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the iommu_sva_bind_device() function in drivers/iommu/iommu-sva.c. A local user can perform a denial of service (DoS) attack.

46) Out-of-bounds read (CVE-ID: CVE-2025-71112)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the hclge_set_vlan_filter() function in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c. A local user can perform a denial of service (DoS) attack.

47) Out-of-bounds read (CVE-ID: CVE-2025-71116)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the decode_pool() function in net/ceph/osdmap.c. A local user can perform a denial of service (DoS) attack.

48) NULL pointer dereference (CVE-ID: CVE-2025-71120)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the gss_read_proxy_verf() function in net/sunrpc/auth_gss/svcauth_gss.c. A local user can perform a denial of service (DoS) attack.

49) Use-after-free (CVE-ID: CVE-2026-22999)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the qfq_change_class() function in net/sched/sch_qfq.c. A local user can escalate privileges on the system.

50) Use-after-free (CVE-ID: CVE-2026-23001)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the macvlan_hash_lookup_source(), macvlan_hash_add_source(), macvlan_hash_add(), macvlan_flush_sources(), macvlan_forward_source() and macvlan_fill_info_macaddr() functions in drivers/net/macvlan.c. A local user can escalate privileges on the system.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2026/suse-su-20260474-1/

Vulnerable Software

SUSE Linux Enterprise High Performance Computing LTSS 15: SP5
SUSE Linux Enterprise High Performance Computing ESPOS 15: SP5
SUSE Linux Enterprise Server 15 SP5: LTSS
SUSE Linux Enterprise Micro: 5.5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-64kb: before 5.14.21-150500.55.136.1
kernel-64kb-extra-debuginfo: before 5.14.21-150500.55.136.1
dtb-mediatek: before 5.14.21-150500.55.136.1
dtb-apple: before 5.14.21-150500.55.136.1
dtb-altera: before 5.14.21-150500.55.136.1
dtb-nvidia: before 5.14.21-150500.55.136.1
dtb-arm: before 5.14.21-150500.55.136.1
kernel-64kb-debuginfo: before 5.14.21-150500.55.136.1
ocfs2-kmp-64kb: before 5.14.21-150500.55.136.1
gfs2-kmp-64kb-debuginfo: before 5.14.21-150500.55.136.1
dtb-amd: before 5.14.21-150500.55.136.1
dtb-amazon: before 5.14.21-150500.55.136.1
kernel-64kb-extra: before 5.14.21-150500.55.136.1
cluster-md-kmp-64kb: before 5.14.21-150500.55.136.1
ocfs2-kmp-64kb-debuginfo: before 5.14.21-150500.55.136.1
dtb-exynos: before 5.14.21-150500.55.136.1
dtb-socionext: before 5.14.21-150500.55.136.1
kernel-64kb-optional-debuginfo: before 5.14.21-150500.55.136.1
dtb-xilinx: before 5.14.21-150500.55.136.1
kernel-64kb-devel-debuginfo: before 5.14.21-150500.55.136.1
dtb-allwinner: before 5.14.21-150500.55.136.1
kselftests-kmp-64kb: before 5.14.21-150500.55.136.1
dlm-kmp-64kb-debuginfo: before 5.14.21-150500.55.136.1
dtb-broadcom: before 5.14.21-150500.55.136.1
dtb-sprd: before 5.14.21-150500.55.136.1
reiserfs-kmp-64kb: before 5.14.21-150500.55.136.1
dtb-amlogic: before 5.14.21-150500.55.136.1
cluster-md-kmp-64kb-debuginfo: before 5.14.21-150500.55.136.1
kselftests-kmp-64kb-debuginfo: before 5.14.21-150500.55.136.1
dlm-kmp-64kb: before 5.14.21-150500.55.136.1
dtb-renesas: before 5.14.21-150500.55.136.1
dtb-marvell: before 5.14.21-150500.55.136.1
dtb-hisilicon: before 5.14.21-150500.55.136.1
kernel-64kb-debugsource: before 5.14.21-150500.55.136.1
gfs2-kmp-64kb: before 5.14.21-150500.55.136.1
dtb-rockchip: before 5.14.21-150500.55.136.1
kernel-64kb-optional: before 5.14.21-150500.55.136.1
dtb-qcom: before 5.14.21-150500.55.136.1
kernel-64kb-devel: before 5.14.21-150500.55.136.1
dtb-cavium: before 5.14.21-150500.55.136.1
dtb-freescale: before 5.14.21-150500.55.136.1
reiserfs-kmp-64kb-debuginfo: before 5.14.21-150500.55.136.1
dtb-apm: before 5.14.21-150500.55.136.1
dtb-lg: before 5.14.21-150500.55.136.1
dtb-aarch64: before 5.14.21-150500.55.136.1
kernel-zfcpdump-debuginfo: before 5.14.21-150500.55.136.1
kernel-zfcpdump-debugsource: before 5.14.21-150500.55.136.1
kernel-zfcpdump: before 5.14.21-150500.55.136.1
kernel-kvmsmall: before 5.14.21-150500.55.136.1
kernel-kvmsmall-vdso: before 5.14.21-150500.55.136.1
kernel-default-vdso: before 5.14.21-150500.55.136.1
kernel-default-vdso-debuginfo: before 5.14.21-150500.55.136.1
kernel-kvmsmall-vdso-debuginfo: before 5.14.21-150500.55.136.1
kernel-livepatch-5_14_21-150500_55_136-default-debuginfo: before 1-150500.11.3.1
kernel-livepatch-5_14_21-150500_55_136-default: before 1-150500.11.3.1
kernel-livepatch-SLE15-SP5_Update_35-debugsource: before 1-150500.11.3.1
kernel-default-livepatch-devel: before 5.14.21-150500.55.136.1
kernel-default: before 5.14.21-150500.55.136.1
kernel-default-debugsource: before 5.14.21-150500.55.136.1
kselftests-kmp-default-debuginfo: before 5.14.21-150500.55.136.1
kernel-obs-qa: before 5.14.21-150500.55.136.1
kernel-default-extra: before 5.14.21-150500.55.136.1
kernel-default-devel-debuginfo: before 5.14.21-150500.55.136.1
kernel-obs-build-debugsource: before 5.14.21-150500.55.136.1
reiserfs-kmp-default: before 5.14.21-150500.55.136.1
kernel-default-livepatch: before 5.14.21-150500.55.136.1
kernel-default-optional: before 5.14.21-150500.55.136.1
kernel-syms: before 5.14.21-150500.55.136.1
ocfs2-kmp-default-debuginfo: before 5.14.21-150500.55.136.1
cluster-md-kmp-default: before 5.14.21-150500.55.136.1
reiserfs-kmp-default-debuginfo: before 5.14.21-150500.55.136.1
ocfs2-kmp-default: before 5.14.21-150500.55.136.1
kernel-default-optional-debuginfo: before 5.14.21-150500.55.136.1
gfs2-kmp-default: before 5.14.21-150500.55.136.1
kernel-default-extra-debuginfo: before 5.14.21-150500.55.136.1
kernel-obs-build: before 5.14.21-150500.55.136.1
kernel-default-debuginfo: before 5.14.21-150500.55.136.1
dlm-kmp-default: before 5.14.21-150500.55.136.1
dlm-kmp-default-debuginfo: before 5.14.21-150500.55.136.1
gfs2-kmp-default-debuginfo: before 5.14.21-150500.55.136.1
kernel-default-devel: before 5.14.21-150500.55.136.1
cluster-md-kmp-default-debuginfo: before 5.14.21-150500.55.136.1
kselftests-kmp-default: before 5.14.21-150500.55.136.1
kernel-kvmsmall-devel: before 5.14.21-150500.55.136.1
kernel-default-base: before 5.14.21-150500.55.136.1.150500.6.67.1
kernel-default-base-rebuild: before 5.14.21-150500.55.136.1.150500.6.67.1
kernel-kvmsmall-debugsource: before 5.14.21-150500.55.136.1
kernel-kvmsmall-debuginfo: before 5.14.21-150500.55.136.1
kernel-kvmsmall-devel-debuginfo: before 5.14.21-150500.55.136.1
kernel-devel: before 5.14.21-150500.55.136.1
kernel-docs-html: before 5.14.21-150500.55.136.1
kernel-source: before 5.14.21-150500.55.136.1
kernel-macros: before 5.14.21-150500.55.136.1
kernel-source-vanilla: before 5.14.21-150500.55.136.1
kernel-docs: before 5.14.21-150500.55.136.1