Explore top 10 tips to secure your open-source projects now. Read More
×
This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.133 fixes
various security issues
The following security issues were fixed:
* CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256615).
* CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion
(bsc#1260524).
* CVE-2026-31505: iavf: fix out-of-bounds writes in iavf_get_ethtool_stats()
(bsc#1263094).
* CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of
tls_do_encryption (bsc#1262759).
* CVE-2026-31570: can: gw: fix OOB heap access in cgw_csum_crc8_rel()
(bsc#1263118).
* CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn()
(bsc#1263177).
* CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all
packets (bsc#1263670).
* CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmc_release
(bsc#1264094).
* CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new
expectations...
Read the Full Advisory## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-2890=1 SUSE-SLE-
Module-Live-Patching-15-SP5-2026-2872=1 SUSE-SLE-Module-Live-
Patching-15-SP5-2026-2873=1
* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-2872=1 SUSE-2026-2873=1 SUSE-2026-2890=1
* SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP5_Update_31-debugsource-13-150500.2.2
* kernel-livepatch-5_14_21-150500_55_130-default-10-150500.2.2
* kernel-livepatch-5_14_21-150500_55_133-default-debuginfo-10-150500.2.2
* kernel-livepatch-5_14_21-150500_55_124-default-debuginfo-13-150500.2.2
* kernel-livepatch-SLE15-SP5_Update_33-debugsource-10-150500.2.2
* kernel-livepatch-5_14_21-150500_55_124-default-13-150500.2.2
* kernel-livepatch-SLE15-SP5_Update_34-debugsource-10-150500.2.2
* kernel-livepatch-5_14_21-150500_55_130-default-debuginfo-10-150500.2.2
* kernel-livepatch-5_14_21-150500_55_133-default-10-150500.2.2
* openSUSE Leap 15.5 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP5_Update_31-debugsource-13-150500.2.2
* kernel-livepatch-5_14_21-150500_55_130-default-10-150500.2.2
* kernel-livepatch-5_14_21-150500_55_133-default-debuginfo-10-150500.2.2
* kernel-livepatch-5_14_21-150500_55_124-default-debuginfo-13-150500.2.2
*...
Read the Full Advisory* bsc#1256615
* bsc#1260524
* bsc#1262759
* bsc#1263094
* bsc#1263118
* bsc#1263177
* bsc#1263670
* bsc#1264094
* bsc#1264252
* bsc#1264253
* bsc#1264849
* bsc#1265117
* bsc#1265127
* bsc#1265197
* bsc#1265945
* bsc#1266015
* bsc#1266265
* bsc#1267206
* bsc#1267698
* bsc#1267723
* bsc#1267893
* bsc#1268662
* bsc#1269023
## References:
* https://www.suse.com/security/cve/CVE-2025-71089.html
* https://www.suse.com/security/cve/CVE-2026-23393.html
* https://www.suse.com/security/cve/CVE-2026-31505.html
* https://www.suse.com/security/cve/CVE-2026-31533.html
* https://www.suse.com/security/cve/CVE-2026-31570.html
* https://www.suse.com/security/cve/CVE-2026-31586.html
* https://www.suse.com/security/cve/CVE-2026-31685.html
* https://www.suse.com/security/cve/CVE-2026-31758.html
* https://www.suse.com/security/cve/CVE-2026-43025.html
* https://www.suse.com/security/cve/CVE-2026-43027.html
* https://www.suse.com/security/cve/CVE-2026-43037.html
* https://www.suse.com/security/cve/CVE-2026-43190.html
*...
Read the Full AdvisoryGet the latest Linux and open source security news straight to your inbox.