The SUSE Linux Enterprise 15 SP3 kernel was updated to fix various security
issues
The following security issues were fixed:
* CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant
uninit (bsc#1255594).
* CVE-2025-38129: page_pool: fix inconsistency for page_pool_ring_lock()
(bsc#1245723).
* CVE-2025-40139: net: ipv4: Consolidate ipv4_mtu and ip_dst_mtu_maybe_forward
(bsc#1253409).
* CVE-2025-68312: usbnet: Prevents free active kevent (bsc#1255171).
* CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of
calipso_skbuff_setattr() (bsc#1256623).
* CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256612).
* CVE-2025-71112: net: hns3: add VLAN id validation before using
(bsc#1256726).
* CVE-2026-22999: net/sched: sch_qfq: do not free existing class in
qfq_change_class() (bsc#1257236).
* CVE-2026-23001: macvlan: Use 'hash' iterators to simplify code
(bsc#1257232).
## Special Instructions and Notes:
Read the Full Advisory
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.3
zypper in -t patch SUSE-2026-475=1
* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-475=1
* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-475=1
* openSUSE Leap 15.3 (noarch nosrc)
* kernel-docs-5.3.18-150300.59.235.1
* openSUSE Leap 15.3 (noarch)
* kernel-devel-5.3.18-150300.59.235.1
* kernel-source-5.3.18-150300.59.235.1
* kernel-source-vanilla-5.3.18-150300.59.235.1
* kernel-macros-5.3.18-150300.59.235.1
* kernel-docs-html-5.3.18-150300.59.235.1
* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64)
* kselftests-kmp-default-debuginfo-5.3.18-150300.59.235.1
* ocfs2-kmp-default-debuginfo-5.3.18-150300.59.235.1
* gfs2-kmp-default-debuginfo-5.3.18-150300.59.235.1
* kernel-default-devel-debuginfo-5.3.18-150300.59.235.1
* kernel-syms-5.3.18-150300.59.235.1
* kernel-default-extra-debuginfo-5.3.18-150300.59.235.1
* ocfs2-kmp-default-5.3.18-150300.59.235.1
* kernel-obs-build-5.3.18-150300.59.235.1
* kernel-default-debuginfo-5.3.18-150300.59.235.1
* kernel-default-optional-5.3.18-150300.59.235.1
* kernel-default-livepatch-5.3.18-150300.59.235.1
* kernel-default-devel-5.3.18-150300.59.235.1
* kernel-default-optional-debuginfo-5.3.18-150300.59.235.1
*...
Read the Full Advisory* bsc#1223007
* bsc#1235905
* bsc#1236104
* bsc#1237885
* bsc#1237906
* bsc#1238414
* bsc#1238754
* bsc#1238763
* bsc#1240284
* bsc#1244904
* bsc#1245110
* bsc#1245723
* bsc#1248306
* bsc#1248377
* bsc#1249699
* bsc#1249827
* bsc#1251201
* bsc#1253409
* bsc#1255171
* bsc#1255594
* bsc#1256612
* bsc#1256623
* bsc#1256726
* bsc#1256792
* bsc#1257232
* bsc#1257236
## References:
* https://www.suse.com/security/cve/CVE-2022-49604.html
* https://www.suse.com/security/cve/CVE-2022-49943.html
* https://www.suse.com/security/cve/CVE-2022-49980.html
* https://www.suse.com/security/cve/CVE-2022-50329.html
* https://www.suse.com/security/cve/CVE-2022-50488.html
* https://www.suse.com/security/cve/CVE-2022-50697.html
* https://www.suse.com/security/cve/CVE-2023-52923.html
* https://www.suse.com/security/cve/CVE-2023-52983.html
* https://www.suse.com/security/cve/CVE-2023-53178.html
* https://www.suse.com/security/cve/CVE-2024-26832.html
* https://www.suse.com/security/cve/CVE-2024-54031.html
*...
Read the Full AdvisoryGet the latest Linux and open source security news straight to your inbox.