Important Security Update for SUSE Linux Enterprise 15 SP7

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Important Security Update for SUSE Linux Enterprise 15 SP7

SUSE-SU-2026:1278-1

Summary

A security update has been released to address multiple vulnerabilities in the SUSE Linux Enterprise 15 SP7 kernel. These vulnerabilities could allow an attacker to access sensitive information or gain unauthorized access to the system. To protect your system, we recommend installing the latest kernel update as soon as possible.

What to do

Update kernel-livepatch-sle15-sp7_update_5 to version 5-150700.2.1.

Affected software

Vendor	Product	Affected versions	Fix available
–	kernel-livepatch-sle15-sp7_update_5	<= 5-150700.2.1	5-150700.2.1

Original title

Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 15 SP7)

Original description

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.19 fixes various security issues

The following security issues were fixed:

- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).

https://www.suse.com/support/update/announcement/2026/suse-su-20261278-1/ Vendor Advisory
https://bugzilla.suse.com/1252036 Third Party Advisory
https://bugzilla.suse.com/1252689 Third Party Advisory
https://bugzilla.suse.com/1253404 Third Party Advisory
https://bugzilla.suse.com/1256780 Third Party Advisory
https://bugzilla.suse.com/1257238 Third Party Advisory
https://bugzilla.suse.com/1258051 Third Party Advisory
https://bugzilla.suse.com/1258183 Third Party Advisory
https://bugzilla.suse.com/1258784 Third Party Advisory
https://www.suse.com/security/cve/CVE-2025-39973 URL
https://www.suse.com/security/cve/CVE-2025-40018 URL
https://www.suse.com/security/cve/CVE-2025-40159 URL
https://www.suse.com/security/cve/CVE-2025-71120 URL
https://www.suse.com/security/cve/CVE-2026-22999 URL
https://www.suse.com/security/cve/CVE-2026-23074 URL
https://www.suse.com/security/cve/CVE-2026-23111 URL
https://www.suse.com/security/cve/CVE-2026-23209 URL

Published: 12 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026