Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 501
Alerts This Week
Warning Icon 1 501

SUSE: Significant Security Patch Released for Eight Kernel Vulnerabilities

suse
Calendar Grey January 5, 2026
Dist Suse Esm H88
SUSE releases an important kernel update addressing eight vulnerabilities, ensuring system security and stability.
An update that solves eight vulnerabilities and has one security fix can now be installed.

Summary

## The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-50280: pnode: terminate at peers of source (bsc#1249806). * CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251786). * CVE-2025-40040: mm/ksm: fix flag-dropping behavior in ksm_madvise (bsc#1252780). * CVE-2025-40048: uio_hv_generic: Let userspace take care of interrupt mask (bsc#1252862). * CVE-2025-40121: ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping (bsc#1253367). * CVE-2025-40154: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (bsc#1253431). * CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253436).

References

* bsc#1249806

* bsc#1251786

* bsc#1252033

* bsc#1252267

* bsc#1252780

* bsc#1252862

* bsc#1253367

* bsc#1253431

* bsc#1253436

Cross-

* CVE-2022-50280

* CVE-2023-53676

* CVE-2025-39967

* CVE-2025-40040

* CVE-2025-40048

* CVE-2025-40121

* CVE-2025-40154

* CVE-2025-40204

CVSS scores:

* CVE-2022-50280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-50280 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-53676 ( SUSE ): 8.5

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2023-53676 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2025-39967 ( SUSE ): 6.9

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N

* CVE-2025-39967 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:0029-1
Release Date: 2026-01-05T12:59:55Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.