SUSE Linux kernel updates fix dozens of flaws across enterprise and openSUSE releases
SUSE issued a series of important Linux kernel security updates across SUSE Linux Enterprise 12 SP5, SUSE Linux Enterprise 15 SP6, SUSE Linux Enterprise Micro 5.5, openSUSE Leap 15.5, and openSUSE Leap 15.6, remediating large batches of vulnerabilities in core subsystems including networking, netfilter, Bluetooth, KVM, NFSD, filesystems, USB, Xen, ALSA, and Wi-Fi drivers. The advisories reported fixes for 62 to 74 vulnerabilities per release, plus additional security fixes, and included multiple high-severity CVEs with CVSS 9.8 ratings such as CVE-2026-23240, CVE-2026-31402, CVE-2026-31533, CVE-2026-31669, and CVE-2026-43044. The patched flaws included use-after-free, double-free, heap overflow, out-of-bounds access, race conditions, integer underflow, NULL dereference, and information disclosure bugs.
SUSE also published follow-on live patch advisories for several supported branches, including SUSE Linux Enterprise 12 SP5, 15 SP4, 15 SP5, 15 SP6, and 15 SP7, extending kernel protections without requiring immediate downtime on some systems. One tracked issue, CVE-2026-23403, affected AppArmor and caused a memory leak and namespace consistency problems during profile unpacking; SUSE rated it moderate and marked it resolved across numerous product lines. Customers were directed to apply updates through YaST or zypper, and SUSE said systems should be rebooted after installation where standard kernel packages were updated.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
57 events from the most recent confirmed update back to the earliest known activity.
SUSE releases kernel update SUSE-SU-2026:2658-1 for Leap 15.5 and SLE 15 SP5
On 2026-06-26, SUSE published Linux kernel security update SUSE-SU-2026:2658-1 with an important severity rating for openSUSE Leap 15.5 and multiple SUSE Linux Enterprise 15 SP5 product lines. The update resolves 29 vulnerabilities and four additional security fixes, and SUSE instructed customers to reboot after applying the patch.
SUSE updates CVE-2026-23403 page
On 2026-06-26, SUSE last modified its CVE-2026-23403 page, reflecting an update to the vendor advisory record for the Linux kernel AppArmor issue. The page continued to show the vulnerability as resolved for multiple product lines.
SUSE publishes kernel live patch SUSE-SU-2026:2601-1 for SLE 15 SP5
On 2026-06-23, SUSE published advisory SUSE-SU-2026:2601-1, an important Linux kernel live patch identified as Live Patch 38 for SUSE Linux Enterprise 15 SP5. The reference confirms an additional distinct SP5 live patch release.
SUSE publishes kernel live patch SUSE-SU-2026:2594-1 for SLE 15 SP7
On 2026-06-23, SUSE published advisory SUSE-SU-2026:2594-1, an important Linux kernel live patch identified as Live Patch 14 for SUSE Linux Enterprise 15 SP7. This represents another distinct live patch release for the SP7 branch.
SUSE publishes kernel live patch SUSE-SU-2026:2592-1 for SLE 12 SP5
On 2026-06-23, SUSE published advisory SUSE-SU-2026:2592-1, an important Linux kernel live patch identified as Live Patch 79 for SUSE Linux Enterprise 12 SP5. This is a separate live patch release from the earlier SLE 12 SP5 advisory.
SUSE publishes kernel live patch SUSE-SU-2026:2588-1 for SLE 15 SP6
On 2026-06-23, SUSE published advisory SUSE-SU-2026:2588-1, an important Linux kernel live patch identified as Live Patch 18 for SUSE Linux Enterprise 15 SP6. The advisory marks a distinct live patch release for the SP6 branch.
SUSE publishes kernel live patch SUSE-SU-2026:2571-1 for SLE 15 SP5
On 2026-06-23, SUSE published advisory SUSE-SU-2026:2571-1, an important Linux kernel live patch identified as Live Patch 39 for SUSE Linux Enterprise 15 SP5. This is a separate SP5 live patch release from SUSE-SU-2026:2567-1.
SUSE publishes kernel live patch SUSE-SU-2026:2567-1 for SLE 15 SP5
On 2026-06-23, SUSE published advisory SUSE-SU-2026:2567-1, an important Linux kernel live patch identified as Live Patch 31 for SUSE Linux Enterprise 15 SP5. This establishes a new live patch release for the SP5 branch.
SUSE publishes kernel live patch SUSE-SU-2026:2520-1 for SLE 15 SP7
On 2026-06-23, SUSE published advisory SUSE-SU-2026:2520-1, an important Linux kernel live patch identified as Live Patch 13 for SUSE Linux Enterprise 15 SP7. The reference shows another distinct live patch release for the SP7 branch.
SUSE publishes kernel live patch SUSE-SU-2026:2549-1 for SLE 12 SP5
On 2026-06-23, SUSE published advisory SUSE-SU-2026:2549-1, an important Linux kernel live patch identified as Live Patch 78 for SUSE Linux Enterprise 12 SP5. This establishes another distinct live patch release for the SLE 12 SP5 branch.
SUSE publishes kernel live patch SUSE-SU-2026:2518-1 for SLE 12 SP5
On 2026-06-23, SUSE published advisory SUSE-SU-2026:2518-1, an important Linux kernel live patch identified as Live Patch 77 for SUSE Linux Enterprise 12 SP5. This establishes another distinct live patch release for the SLE 12 SP5 branch.
SUSE publishes kernel live patch SUSE-SU-2026:2511-1 for SLE 15 SP4
On 2026-06-23, SUSE published advisory SUSE-SU-2026:2511-1, an important Linux kernel live patch identified as Live Patch 53 for SUSE Linux Enterprise 15 SP4. This is a separate live patch release from the earlier SP4 advisory.
SUSE publishes kernel live patch SUSE-SU-2026:2500-1 for SLE 15 SP7
On 2026-06-22, SUSE published advisory SUSE-SU-2026:2500-1, an important Linux kernel live patch identified as Live Patch 9 for SUSE Linux Enterprise 15 SP7. The advisory indicates a distinct live patch release for the SP7 branch.
SUSE publishes kernel live patch SUSE-SU-2026:2496-1 for SLE 15 SP4
On 2026-06-22, SUSE published advisory SUSE-SU-2026:2496-1, an important Linux kernel live patch identified as Live Patch 52 for SUSE Linux Enterprise 15 SP4. This marks a separate live patch release for the SLE 15 SP4 branch.
SUSE publishes kernel live patch SUSE-SU-2026:2494-1 for SLE 12 SP5
On 2026-06-22, SUSE published advisory SUSE-SU-2026:2494-1, an important Linux kernel live patch identified as Live Patch 69 for SUSE Linux Enterprise 12 SP5. The reference establishes a new live patch release for that product line.
SUSE releases kernel update SUSE-SU-2026:2310-1 for SLE 15 SP6 and Leap 15.6
On 2026-06-09, SUSE published Linux kernel security update SUSE-SU-2026:2310-1 with an important severity rating for openSUSE Leap 15.6 and multiple SUSE Linux Enterprise 15 SP6 product lines. The update addresses 22 vulnerabilities and five additional security fixes, and SUSE instructed customers to reboot after applying the patch.
SUSE announces kernel update SUSE-SU-2026:2317-1
On 2026-06-09, SUSE published advisory SUSE-SU-2026:2317-1 for an important Linux kernel security update. The reference provides the advisory identifier and confirms it as a distinct kernel update event.
SUSE releases kernel update SUSE-SU-2026:2216-1 for Leap 15.5 and SLE Micro 5.5
On 2026-06-02, SUSE published security update SUSE-SU-2026:2216-1 for openSUSE Leap 15.5 and SUSE Linux Enterprise Micro 5.5. Rated important, the update addresses 62 vulnerabilities and two additional security fixes in the SUSE Linux Enterprise 15 SP5 RT kernel.
SUSE publishes kernel live patch SUSE-SU-2026:2199-1 for SLE 15 SP6
On 2026-06-01, SUSE published advisory SUSE-SU-2026:2199-1, an important Linux kernel live patch identified as Live Patch 17 for SUSE Linux Enterprise 15 SP6. This establishes a distinct live patch release for the SLE 15 SP6 branch.
SUSE releases kernel update SUSE-SU-2026:2195-1 for SLE 15 SP6 and Leap 15.6
On 2026-06-01, SUSE published Linux kernel security update SUSE-SU-2026:2195-1 with an important severity rating for openSUSE Leap 15.6 and multiple SUSE Linux Enterprise 15 SP6 product lines. The update fixes 68 vulnerabilities, adds one feature, and includes 10 additional security fixes.
SUSE publishes kernel live patch SUSE-SU-2026:2172-1 for SLE 15 SP6
On 2026-05-31, SUSE published advisory SUSE-SU-2026:2172-1, an important Linux kernel live patch identified as Live Patch 21 for SUSE Linux Enterprise 15 SP6. This establishes a distinct live patch release for the SLE 15 SP6 branch.
SUSE publishes CVE-2026-23403 advisory and marks issue resolved
On 2026-05-26, SUSE published its CVE page for CVE-2026-23403, describing an AppArmor verify_header memory leak and namespace consistency bug in the Linux kernel. SUSE rated the issue moderate severity and stated that fixes had been released across multiple SUSE and openSUSE product lines.
SUSE releases kernel update SUSE-SU-2026:2068-1 for SLE 12 SP5
On 2026-05-26, SUSE published Linux kernel security update SUSE-SU-2026:2068-1 with an important severity rating for SUSE Linux Enterprise 12 SP5 product lines. The advisory fixes 74 vulnerabilities and four additional security issues, and SUSE instructed customers to reboot after installation.
SUSE publishes kernel live patch SUSE-SU-2026:21532-1 for SLE 16
On 2026-05-06, SUSE published advisory SUSE-SU-2026:21532-1, an important Linux kernel live patch identified as Live Patch 1 for SUSE Linux Enterprise 16. This establishes a distinct live patch release for the SLE 16 branch.
SUSE releases kernel update SUSE-SU-2026:1668-1 for SLE 12 SP5
On 2026-05-01, SUSE published Linux kernel security update SUSE-SU-2026:1668-1 with an important severity rating for SUSE Linux Enterprise 12 SP5 product lines. The update fixes 17 vulnerabilities and includes two additional non-security fixes, and SUSE instructed customers to reboot after installation.
SUSE releases kernel update SUSE-SU-2026:1643-1 for SLE 15 SP6 and Leap 15.6
On 2026-04-28, SUSE published Linux kernel security update SUSE-SU-2026:1643-1 with an important severity rating for openSUSE Leap 15.6 and multiple SUSE Linux Enterprise 15 SP6 product lines. The update fixes 14 vulnerabilities and five additional security fixes, and SUSE instructed customers to reboot after applying the patch.
SUSE releases kernel update SUSE-SU-2026:1563-1
On 2026-04-23, SUSE published advisory SUSE-SU-2026:1563-1, an important security update for the Linux kernel. The reference establishes a distinct kernel update event not yet captured in the timeline.
SUSE releases kernel update SUSE-SU-2026:1557-1
On 2026-04-22, SUSE published advisory SUSE-SU-2026:1557-1, an important security update for the Linux kernel. The reference establishes a distinct kernel update event preceding the other April 2026 SUSE kernel advisories already in the timeline.
SUSE releases kernel update SUSE-SU-2026:1130-1
On 2026-03-27, SUSE published advisory SUSE-SU-2026:1130-1, an important security update for the Linux kernel. This establishes a distinct kernel update event following the March 26 SUSE kernel advisories already in the timeline.
SUSE publishes kernel live patch SUSE-SU-2026:1083-1 for SLE 15 SP6
On 2026-03-26, SUSE published advisory SUSE-SU-2026:1083-1, an important Linux kernel live patch identified as Live Patch 13 for SUSE Linux Enterprise 15 SP6. This establishes a distinct live patch release for the SLE 15 SP6 branch separate from other March and later SP6 live patch advisories.
SUSE publishes kernel live patch SUSE-SU-2026:1073-1 for SLE 15 SP6
On 2026-03-26, SUSE published advisory SUSE-SU-2026:1073-1, an important Linux kernel live patch identified as Live Patch 9 for SUSE Linux Enterprise 15 SP6. This establishes an earlier distinct live patch release for the SLE 15 SP6 branch.
SUSE releases kernel update SUSE-SU-2026:1078-1 for SLE 12 SP5
On 2026-03-26, SUSE published Linux kernel security update SUSE-SU-2026:1078-1 with an important severity rating for SUSE Linux Enterprise 12 SP5 product lines. The update resolves 68 vulnerabilities and eight additional security fixes, and SUSE instructed customers to reboot after applying the patch.
SUSE releases kernel update SUSE-SU-2026:1077-1
On 2026-03-26, SUSE published advisory SUSE-SU-2026:1077-1, an important security update for the Linux kernel. The reference establishes a distinct kernel update event earlier than the other SUSE advisories already in the timeline.
SUSE releases kernel update SUSE-SU-2026:1041-1
On 2026-03-25, SUSE published advisory SUSE-SU-2026:1041-1, an important security update for the Linux kernel. The reference establishes a distinct kernel update event separate from the other March 2026 SUSE kernel advisories already in the timeline.
SUSE releases kernel update SUSE-SU-2026:1003-1
On 2026-03-25, SUSE published advisory SUSE-SU-2026:1003-1, an important security update for the Linux kernel. The reference establishes a distinct kernel update event preceding the other March 2026 SUSE kernel advisory already in the timeline.
SUSE releases kernel update SUSE-SU-2026:20876-1
On 2026-03-24, SUSE published advisory SUSE-SU-2026:20876-1, an important security update for the Linux kernel. The reference establishes a distinct kernel update event separate from the other March 2026 SUSE kernel advisories already in the timeline.
SUSE releases kernel update SUSE-SU-2026:20845-1
On 2026-03-24, SUSE published advisory SUSE-SU-2026:20845-1, an important security update for the Linux kernel. The reference establishes a distinct kernel update event between the March 23 and March 25 SUSE kernel advisories already in the timeline.
SUSE releases kernel update SUSE-SU-2026:20819-1
On 2026-03-23, SUSE published advisory SUSE-SU-2026:20819-1, an important security update for the Linux kernel. The reference establishes a distinct kernel update event separate from the other March 23, 2026 SUSE kernel advisories already in the timeline.
SUSE releases kernel update SUSE-SU-2026:20772-1
On 2026-03-23, SUSE published advisory SUSE-SU-2026:20772-1, an important security update for the Linux kernel. The reference establishes a distinct kernel update event separate from the other March 2026 SUSE kernel advisories already in the timeline.
SUSE releases kernel update SUSE-SU-2026:0962-1
On 2026-03-23, SUSE published advisory SUSE-SU-2026:0962-1, an important security update for the Linux kernel. The reference establishes a distinct kernel update event earlier than the other March 2026 SUSE kernel advisories already in the timeline.
SUSE releases kernel update SUSE-SU-2026:0943-1
On 2026-03-20, SUSE published advisory SUSE-SU-2026:0943-1, an important security update for the Linux kernel. This establishes a distinct kernel update event separate from SUSE-SU-2026:0941-1 and the other March 2026 SUSE kernel advisories already in the timeline.
SUSE releases kernel update SUSE-SU-2026:0941-1
On 2026-03-20, SUSE published advisory SUSE-SU-2026:0941-1, an important security update for the Linux kernel. This establishes a distinct kernel update event preceding the other March 2026 SUSE kernel advisories already in the timeline.
SUSE releases kernel update SUSE-SU-2026:0940-1
On 2026-03-20, SUSE published advisory SUSE-SU-2026:0940-1, an important security update for the Linux kernel. This establishes a distinct kernel update event separate from the other March 20, 2026 SUSE kernel advisories already in the timeline.
SUSE releases kernel update SUSE-SU-2026:0496-1
On 2026-02-13, SUSE published Linux kernel security update SUSE-SU-2026:0496-1 with an important severity rating for openSUSE Leap 15.5 and SUSE Linux Enterprise Micro 5.5. The update resolves 50 vulnerabilities and eight additional security fixes in the SLE 15 SP5 RT kernel, and SUSE instructed customers to reboot after applying the patch.
SUSE releases kernel update SUSE-SU-2026:0495-1
On 2026-02-13, SUSE published advisory SUSE-SU-2026:0495-1, an important security update for the Linux kernel. This establishes a distinct kernel update event separate from SUSE-SU-2026:0496-1 and the other February 2026 SUSE kernel advisories already in the timeline.
SUSE releases kernel update SUSE-SU-2026:0475-1
On 2026-02-12, SUSE published advisory SUSE-SU-2026:0475-1, an important security update for the Linux kernel. This establishes a distinct kernel update event separate from the other February 12, 2026 SUSE kernel advisories already in the timeline.
SUSE releases kernel update SUSE-SU-2026:0474-1
On 2026-02-12, SUSE published advisory SUSE-SU-2026:0474-1, an important security update for the Linux kernel. The reference establishes a distinct kernel update event separate from the other February 12, 2026 SUSE kernel advisories already in the timeline.
SUSE releases kernel update SUSE-SU-2026:0473-1 for SLE 12 SP5
On 2026-02-12, SUSE published Linux kernel security update SUSE-SU-2026:0473-1 with an important severity rating for SUSE Linux Enterprise 12 SP5 product lines. The update fixes 145 vulnerabilities and eight additional security issues, and SUSE instructed customers to reboot after applying the patch.
SUSE releases kernel update SUSE-SU-2026:0471-1
On 2026-02-12, SUSE published advisory SUSE-SU-2026:0471-1, an important security update for the Linux kernel. This establishes a distinct kernel update event earlier than the March 2026 SUSE kernel advisories already in the timeline.
SUSE releases kernel update SUSE-SU-2026:0316-1 for SLE 12 SP5
On 2026-01-28, SUSE published Linux kernel security update SUSE-SU-2026:0316-1 with an important severity rating for multiple SUSE Linux Enterprise 12 SP5 product lines. The update resolves 143 vulnerabilities, includes two features and 25 security fixes, updates kernel packages to version 4.12.14-122.290.1, and SUSE instructed customers to reboot after applying the patch.
SUSE Liberty Linux publishes kernel update RHSA-2026:27789
SUSE published RHSA-2026:27789, an important security update for the kernel under SUSE Liberty Linux. This is a separate vendor advisory event from the other SUSE Liberty Linux and SUSE Linux Enterprise/openSUSE kernel advisories already in the timeline.
SUSE Liberty Linux publishes kernel update RHSA-2026:6153
SUSE published RHSA-2026:6153, a moderate security update for the kernel under SUSE Liberty Linux. This is a separate vendor advisory event from the other SUSE Liberty Linux and SUSE Linux Enterprise/openSUSE kernel advisories already in the timeline.
SUSE Liberty Linux publishes kernel update RHSA-2026:6632
SUSE published RHSA-2026:6632, a moderate security update for the kernel under SUSE Liberty Linux. This is a separate vendor advisory event from the existing SUSE Linux Enterprise, openSUSE, and earlier Liberty Linux kernel advisories already in the timeline.
SUSE Liberty Linux publishes kernel update RHSA-2026:25217
SUSE published RHSA-2026:25217, an important security update for the kernel under SUSE Liberty Linux. This is a separate vendor advisory event from the existing SUSE Linux Enterprise and openSUSE kernel advisories already in the timeline.
SUSE releases kernel update SUSE-SU-2025:03634-1
On 2025-10-17, SUSE published advisory SUSE-SU-2025:03634-1, an important security update for the Linux kernel. The reference establishes a distinct kernel update event separate from SUSE-SU-2025:03633-1 published the same day.
SUSE releases kernel update SUSE-SU-2025:03633-1
On 2025-10-17, SUSE published advisory SUSE-SU-2025:03633-1, an important security update for the Linux kernel. The reference establishes a distinct kernel update event not already captured in the timeline.
SUSE Liberty Linux publishes kernel update RHSA-2026:1690
SUSE published RHSA-2026:1690, an important security update for the kernel under SUSE Liberty Linux. This is a separate vendor advisory event from the existing SUSE Linux Enterprise, openSUSE, and other Liberty Linux kernel advisories already in the timeline.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
50 references tracked. Mallory keeps watching after this page renders.
Security update for the Linux Kernel | SUSE Support | SUSE
suse.com
Open sourceSUSE-SU-2026:2592-1: important: Security update for the Linux Kernel (Live Patch 79 for SUSE Linux Enterprise 12 SP5)
lists.suse.com
Open sourceSUSE-SU-2026:2518-1: important: Security update for the Linux Kernel (Live Patch 77 for SUSE Linux Enterprise 12 SP5)
lists.suse.com
Open sourceSUSE-SU-2026:2549-1: important: Security update for the Linux Kernel (Live Patch 78 for SUSE Linux Enterprise 12 SP5)
lists.suse.com
Open sourceSUSE-SU-2026:0475-1: important: Security update for the Linux Kernel
lists.suse.com
Open sourceSUSE-SU-2026:0471-1: important: Security update for the Linux Kernel
lists.suse.com
Open sourceSecurity update for the Linux Kernel | SUSE Support | SUSE
suse.com
Open sourceSUSE-SU-2026:0474-1: important: Security update for the Linux Kernel
lists.suse.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
SUSE Ships Broad Linux Kernel Security Updates Across Enterprise Product Lines
SUSE released a wave of **important** Linux kernel security updates across multiple product families, including **SUSE Linux Enterprise 15 SP4, 15 SP5, 15 SP7, 16.0**, **SUSE Linux Micro 6.x**, **Real Time**, **High Availability**, and related openSUSE and SAP offerings. The advisories cover very large fix sets ranging from roughly **60 vulnerabilities** in some 15.x branches to more than **200 vulnerabilities** in newer 16.0 and 15 SP7 kernels, with updates touching networking, **netfilter**, **KVM**, **Bluetooth**, **Wi-Fi**, filesystems, USB, graphics, Xen, and AppArmor. SUSE said administrators should apply the patches through YaST or `zypper` and **reboot** affected systems after installation, while noting that some live patch packages are only initial deliveries and that additional livepatch fixes may follow separately. The updates address a mix of high- and moderate-severity flaws, including network-reachable issues such as **`CVE-2026-23455`** in `nf_conntrack_h323`, **`CVE-2026-31417`** in `net/x25`, and several bugs SUSE highlighted with NVD scores up to **9.8**, alongside numerous local memory-safety and race-condition defects. Referenced fixes include AppArmor issues such as **`CVE-2026-23268`**, Wi-Fi and NFC flaws including **`CVE-2026-23246`** and **`CVE-2026-31622`**, and many use-after-free, double-free, heap overflow, out-of-bounds access, and denial-of-service conditions spread across drivers and core kernel subsystems. SUSE’s CVE pages show a mixed remediation state by branch, with many supported releases marked fixed while some newer package streams remain in progress and older or end-of-life lines remain affected or unsupported.
Jun 27, 2026
SUSE Ships Linux Kernel Fixes for Netfilter and RDS Flaws
SUSE released security updates for multiple Linux kernel vulnerabilities affecting the `netfilter` and RDS networking subsystems, including **CVE-2026-23412**, **CVE-2026-23278**, and **CVE-2026-23419**. The most severe issues were rated **Important** and include a `netfilter`/BPF use-after-free bug in `nfnetlink_hooks` that could occur when hooks were dumped concurrently, and an `nf_tables` transaction-processing flaw that failed to walk all pending catchall elements during map removal, leading to kernel warnings and improper cleanup. SUSE said the `CVE-2026-23412` fix defers hook memory release until RCU readers complete, while `CVE-2026-23278` addresses cleanup handling involving `nft_data_release` and `nf_tables_abort`. SUSE also resolved **CVE-2026-23419**, a moderate-severity Linux kernel bug in `rds_tcp_tune()` caused by a circular locking dependency that could affect system availability; the fix moves `sk_net_refcnt_upgrade()` outside the socket-lock critical section. The updates were issued across a broad range of products, including **SLES 15 SP6/SP7**, **SLES 16.0**, **SLE Micro**, **SUSE Linux Micro 6.x**, **openSUSE Leap 15.6/16.0**, live patching, real-time kernels, and public cloud images, although some package branches such as certain `kernel-source-azure`, RT source, and newer 16.x components remained marked affected, unsupported, or in progress on SUSE tracking pages and Bugzilla.
Jun 4, 2026
SUSE Ships Linux Kernel Fixes for Multiple Local DoS Flaws
SUSE published and updated fixes for several **moderate-severity Linux kernel vulnerabilities** that could let local, low-privileged users trigger crashes, hangs, warnings, or other availability issues across graphics, accelerator, and media subsystems. The flaws include `CVE-2025-40332` in `drm/amdkfd`, where retry-fault draining could leave the `mmap` write lock unreleased and cause deadlocks; `CVE-2025-40340` in `drm/xe`, tied to a NULL dereference in `xe_gem_fault` that could lead to a kernel panic; `CVE-2025-68207` in `drm/xe/guc`, where a Dead CT worker needed synchronization with device unbind operations to avoid use-after-free conditions; `CVE-2025-68749` in `accel/ivpu`, caused by a race when unbinding buffer objects; and `CVE-2025-40302` in `media/videobuf2`, where `vb2_ioctl_remove_bufs()` could corrupt internal queue state during legacy file I/O. SUSE marked the issues as resolved for many **SUSE Linux Enterprise**, **SLE Micro**, **openSUSE Leap 16.0**, **Tumbleweed**, SAP, HPC, Real Time, HA, and public cloud image builds, with advisories issued across January and February 2026 and later bug-tracker updates confirming package coverage for affected kernel lines. The vendor said fixes included measures such as downgrading a write lock to a read lock in `drm/amdkfd`, adding `bo_list_lock` protection in `accel/ivpu`, blocking the `remove_bufs` ioctl during legacy file I/O in `videobuf2`, and cherry-picking upstream kernel changes for the `drm/xe` bugs; however, some newer branches, including several `16.1` `kernel-source` packages, were still listed as affected or in progress on certain pages.
Jun 11, 2026