Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 461
Alerts This Week
Warning Icon 1 461

SUSE Kernel Important Security Update Live Patch 72 Vuln 2026-2909-1

suse
Calendar Grey July 13, 2026
Dist Suse Esm H88
Update for SUSE Linux Enterprise Kernel 4.12.14-122.272 fixes seven security issues, addressing critical threats effectively.
An update that solves seven vulnerabilities can now be installed.

Summary

## This update for the SUSE Linux Enterprise Kernel 4.12.14-122.272 fixes various security issues The following security issues were fixed: * CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263670). * CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new expectations (bsc#1264253). * CVE-2026-43037: ip6_tunnel: clear skb2->cb[] in ip4ip6_err() (bsc#1265197). * CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264849). * CVE-2026-43437: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (bsc#1265127). * CVE-2026-45970: bonding: alb: fix UAF in rlb_arp_recv during bond up/down (bsc#1267206). * CVE-2026-46243: smb: client: reject userspace cifs.spnego descriptions

References

* bsc#1263670

* bsc#1264253

* bsc#1264849

* bsc#1265127

* bsc#1265197

* bsc#1266265

* bsc#1267206

Cross-

* CVE-2026-31685

* CVE-2026-43025

* CVE-2026-43037

* CVE-2026-43190

* CVE-2026-43437

* CVE-2026-45970

* CVE-2026-46243

CVSS scores:

* CVE-2026-31685 ( SUSE ): 8.3

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2026-31685 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H

* CVE-2026-31685 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

* CVE-2026-43025 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2026-43025 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H

* CVE-2026-43037 ( SUSE ): 7.7

CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:2909-1
Release Date: 2026-07-13T14:16:52Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.