Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

openSUSE Leap 15.6 Kernel Important Security Fix CVE-2026-1041-1

opensuse
Calendar Grey March 25, 2026
Dist Opensuse Esm H88
# Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:1041-1 Release Date: 2026-03-25
An update that solves 27 vulnerabilities and has 19 security fixes can now be installed.

Description

The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security

bugfixes.

The following security bugs were fixed:

* CVE-2023-53817: crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui()

(bsc#1254992).

* CVE-2024-38542: RDMA/mana_ib: boundary check before installing cq callbacks

(bsc#1226591).

* CVE-2025-37861: scsi: mpi3mr: Synchronous access b/w reset and tm thread for

reply queue (bsc#1243055).

* CVE-2025-39817: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare

(bsc#1249998).

* CVE-2025-39964: crypto: af_alg - Disallow concurrent writes in

af_alg_sendmsg (bsc#1251966).

* CVE-2025-40099: cifs: parse_dfs_referrals: prevent oob on malformed input

(bsc#1252911).

* CVE-2025-40103: smb: client: Fix refcount leak for cifs_sb_tlink

(bsc#1252924).

* CVE-2025-40253: s390/ctcm: Fix double-kfree (bsc#1255084).

* CVE-2025-71066: net/sched: ets: Always remove class from active list before

deleting in ets_qdisc_change...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory security issue important kernel system patch OpenSUSE

Patch

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like

YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6

zypper in -t patch SUSE-2026-1041=1 openSUSE-SLE-15.6-2026-1041=1

* SUSE Linux Enterprise High Availability Extension 15 SP6

zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2026-1041=1

* SUSE Linux Enterprise Server 15 SP6 LTSS

zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1041=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6

zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1041=1

* SUSE Linux Enterprise Live Patching 15-SP6

zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-1041=1

Package List

* openSUSE Leap 15.6 (ppc64le s390x x86_64)

* kernel-livepatch-6_4_0-150600_23_92-default-1-150600.13.5.1

* kernel-livepatch-SLE15-SP6_Update_21-debugsource-1-150600.13.5.1

* kernel-default-livepatch-devel-6.4.0-150600.23.92.1

* kernel-livepatch-6_4_0-150600_23_92-default-debuginfo-1-150600.13.5.1

* openSUSE Leap 15.6 (noarch nosrc)

* kernel-docs-6.4.0-150600.23.92.1

* openSUSE Leap 15.6 (noarch)

* kernel-docs-html-6.4.0-150600.23.92.1

* kernel-source-vanilla-6.4.0-150600.23.92.1

* kernel-source-6.4.0-150600.23.92.1

* kernel-macros-6.4.0-150600.23.92.1

* kernel-devel-6.4.0-150600.23.92.1

* openSUSE Leap 15.6 (nosrc ppc64le x86_64)

* kernel-debug-6.4.0-150600.23.92.1

* openSUSE Leap 15.6 (ppc64le x86_64)

* kernel-debug-debuginfo-6.4.0-150600.23.92.1

* kernel-debug-devel-debuginfo-6.4.0-150600.23.92.1

* kernel-debug-debugsource-6.4.0-150600.23.92.1

* kernel-debug-devel-6.4.0-150600.23.92.1

* openSUSE Leap 15.6 (x86_64)

* kernel-default-vdso-debuginfo-6.4.0-150600.23.92.1

*...

Read the Full Advisory

References

* bsc#1226591

* bsc#1241345

* bsc#1243055

* bsc#1245728

* bsc#1249998

* bsc#1251135

* bsc#1251186

* bsc#1251966

* bsc#1251971

* bsc#1252266

* bsc#1252911

* bsc#1252924

* bsc#1253049

* bsc#1254306

* bsc#1254992

* bsc#1255084

* bsc#1256564

* bsc#1256645

* bsc#1256690

* bsc#1256716

* bsc#1257231

* bsc#1257466

* bsc#1257472

* bsc#1257473

* bsc#1257732

* bsc#1257735

* bsc#1257749

* bsc#1257790

* bsc#1257891

* bsc#1257952

* bsc#1258181

* bsc#1258338

* bsc#1258340

* bsc#1258376

* bsc#1258377

* bsc#1258395

* bsc#1258424

* bsc#1258464

* bsc#1258518

* bsc#1258524

* bsc#1258832

* bsc#1258849

* bsc#1258850

* bsc#1258928

* bsc#1259070

* bsc#1259857

## References:

* https://www.suse.com/security/cve/CVE-2023-53817.html

* https://www.suse.com/security/cve/CVE-2024-38542.html

* https://www.suse.com/security/cve/CVE-2025-37861.html

* https://www.suse.com/security/cve/CVE-2025-39817.html

* https://www.suse.com/security/cve/CVE-2025-39964.html

* https://www.suse.com/security/cve/CVE-2025-40099.html

* https://www.suse.com/security/cve/CVE-2025-40103.html

*...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:1041-1
Release Date: 2026-03-25T14:13:36Z
Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP6

Topics%20covered

Topics Covered

security advisory security issue important kernel system patch OpenSUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here