Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

SUSE Linux Enterprise 12 SP5 Kernel Update Fixes Multiple Security Risks

SUSE-SU-2026:1221-1
Summary

This update fixes 7 security issues in the SUSE Linux Enterprise 12 SP5 kernel. These issues, if left unaddressed, could allow an attacker to take control of or disrupt Linux system services. To ensure system security, apply this update as soon as possible.

What to do
  • Update kgraft-patch-sle12-sp5_update_67 to version 15-2.1.
Affected software
VendorProductAffected versionsFix available
– kgraft-patch-sle12-sp5_update_67 <= 15-2.1 15-2.1
Original title
Security update for the Linux Kernel (Live Patch 67 for SUSE Linux Enterprise 12 SP5)
Original description

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.255 fixes various security issues

The following security issues were fixed:

- CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue (bsc#1255235).
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
Published: 8 Apr 2026 · Updated: 10 Apr 2026 · First seen: 10 Apr 2026