SB2026032424 - SUSE update for the Linux Kernel (Live Patch 37 for SUSE Linux Enterprise 15 SP4)

Description

This security bulletin contains information about 10 secuirty vulnerabilities.

1) Use-after-free (CVE-ID: CVE-2022-50697)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mrp_join_timer(), mrp_periodic_timer(), mrp_init_applicant() and mrp_uninit_applicant() functions in net/802/mrp.c. A local user can escalate privileges on the system.

2) Use-after-free (CVE-ID: CVE-2023-53781)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __smc_create() function in net/smc/af_smc.c. A local user can escalate privileges on the system.

3) Buffer overflow (CVE-ID: CVE-2025-21738)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the ata_pio_sector() function in drivers/ata/libata-sff.c. A local user can perform a denial of service (DoS) attack.

4) Out-of-bounds read (CVE-ID: CVE-2025-38159)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the rtw_coex_tdma_timer_base() function in drivers/net/wireless/realtek/rtw88/coex.c. A local user can perform a denial of service (DoS) attack.

5) Use-after-free (CVE-ID: CVE-2025-38488)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the crypt_message() function in fs/smb/client/smb2ops.c. A local user can escalate privileges on the system.

6) Use-after-free (CVE-ID: CVE-2025-40258)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mptcp_reset_rtx_timer() function in net/mptcp/protocol.c. A local user can escalate privileges on the system.

7) Out-of-bounds read (CVE-ID: CVE-2025-68284)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the handle_auth_session_key() function in net/ceph/auth_x.c. A local user can perform a denial of service (DoS) attack.

8) Use-after-free (CVE-ID: CVE-2025-68285)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the monmap_show() and osdmap_show() functions in net/ceph/debugfs.c. A local user can escalate privileges on the system.

9) NULL pointer dereference (CVE-ID: CVE-2025-68813)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the __ip_vs_get_out_rt() function in net/netfilter/ipvs/ip_vs_xmit.c. A local user can perform a denial of service (DoS) attack.

10) Resource management error (CVE-ID: CVE-2025-71085)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the calipso_skbuff_setattr() function in net/ipv6/calipso.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://www.suse.com/support/update/announcement/2026/suse-su-20260983-1/