Explore top 10 tips to secure your open-source projects now. Read More
×
This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.179 fixes
various security issues
The following security issues were fixed:
* CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256615).
* CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion
(bsc#1260524).
* CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of
tls_do_encryption (bsc#1262759).
* CVE-2026-31570: can: gw: fix OOB heap access in cgw_csum_crc8_rel()
(bsc#1263118).
* CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn()
(bsc#1263177).
* CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all
packets (bsc#1263670).
* CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmc_release
(bsc#1264094).
* CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new
expectations (bsc#1264253).
* CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect
cleanup...
Read the Full Advisory## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-2864=1 SUSE-2026-2865=1
* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-2865=1 SUSE-SLE-
Module-Live-Patching-15-SP4-2026-2864=1
* SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_170-default-debuginfo-20-150400.2.1
* kernel-livepatch-5_14_21-150400_24_179-default-debuginfo-14-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_45-debugsource-14-150400.2.1
* kernel-livepatch-5_14_21-150400_24_170-default-20-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_42-debugsource-20-150400.2.1
* kernel-livepatch-5_14_21-150400_24_179-default-14-150400.2.1
* openSUSE Leap 15.4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_170-default-debuginfo-20-150400.2.1
* kernel-livepatch-5_14_21-150400_24_179-default-debuginfo-14-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_45-debugsource-14-150400.2.1
* kernel-livepatch-5_14_21-150400_24_170-default-20-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_42-debugsource-20-150400.2.1
* kernel-livepatch-5_14_21-150400_24_179-default-14-150400.2.1
* bsc#1256615
* bsc#1260524
* bsc#1262759
* bsc#1263118
* bsc#1263177
* bsc#1263670
* bsc#1264094
* bsc#1264252
* bsc#1264253
* bsc#1264849
* bsc#1265127
* bsc#1265197
* bsc#1265945
* bsc#1266015
* bsc#1266265
* bsc#1267206
* bsc#1267698
* bsc#1267723
* bsc#1267893
* bsc#1268662
* bsc#1269023
## References:
* https://www.suse.com/security/cve/CVE-2025-71089.html
* https://www.suse.com/security/cve/CVE-2026-23393.html
* https://www.suse.com/security/cve/CVE-2026-31533.html
* https://www.suse.com/security/cve/CVE-2026-31570.html
* https://www.suse.com/security/cve/CVE-2026-31586.html
* https://www.suse.com/security/cve/CVE-2026-31685.html
* https://www.suse.com/security/cve/CVE-2026-31758.html
* https://www.suse.com/security/cve/CVE-2026-43025.html
* https://www.suse.com/security/cve/CVE-2026-43027.html
* https://www.suse.com/security/cve/CVE-2026-43037.html
* https://www.suse.com/security/cve/CVE-2026-43190.html
* https://www.suse.com/security/cve/CVE-2026-43437.html
*...
Read the Full AdvisoryGet the latest Linux and open source security news straight to your inbox.