Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 555
Alerts This Week
Warning Icon 1 555

SUSE: Kernel Important Security Update CVE-2024-26808 Impacting Performance

suse
Calendar Grey September 26, 2025
Dist Suse Esm H88
An essential security update for the Linux Kernel addresses critical issues found in SUSE’s Live Patch. Stay protected today!
* bsc#1231862 * bsc#1245772 * bsc#1245795 * bsc#1246001 * bsc#1246356

Summary

## This update for the Linux Kernel 5.14.21-150400_24_133 fixes several issues. The following security issues were fixed: * CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231862). * CVE-2025-38177: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356). * CVE-2025-38181: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001). * CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499). * CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298). * CVE-2024-26808: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1245772). * CVE-2025-21756: vsock: Keep the binding until socket destruction (bsc#1245795).

References

* bsc#1231862

* bsc#1245772

* bsc#1245795

* bsc#1246001

* bsc#1246356

* bsc#1247499

* bsc#1248298

Cross-

* CVE-2024-26808

* CVE-2024-49860

* CVE-2025-21755

* CVE-2025-21756

* CVE-2025-38177

* CVE-2025-38181

* CVE-2025-38498

* CVE-2025-38555

CVSS scores:

* CVE-2024-26808 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-26808 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-49860 ( SUSE ): 8.5

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2024-49860 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-49860 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

* CVE-2025-21755 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:03374-1
Release Date: 2025-09-26T12:33:43Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.