Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

SUSE Linux Enterprise 15 SP4 Linux Kernel Update Fixes Multiple Security Flaws

SUSE-SU-2026:1280-1
Summary

This update addresses security issues in the Linux Kernel that could allow an attacker to cause a system crash, gain unauthorized access, or disrupt network services. Affected users should apply this update to ensure their system remains secure. This update is recommended for all SUSE Linux Enterprise 15 SP4 users.

What to do
  • Update kernel-livepatch-sle15-sp4_update_41 to version 15-150400.2.1.
Affected software
VendorProductAffected versionsFix available
– kernel-livepatch-sle15-sp4_update_41 <= 15-150400.2.1 15-150400.2.1
Original title
Security update for the Linux Kernel (Live Patch 41 for SUSE Linux Enterprise 15 SP4)
Original description

This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.167 fixes various security issues

The following security issues were fixed:

- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
Published: 12 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026