Security update for the Linux Kernel (Live Patch 24 for SUSE Linux Enterprise 15 SP5) SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2026:0090-1 Final 1 1 2026-01-12T10:34:10Z current 2026-01-12T10:34:10Z 2026-01-12T10:34:10Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel (Live Patch 24 for SUSE Linux Enterprise 15 SP5) This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.97 fixes various security issues The following security issues were fixed: - CVE-2023-53574: wifi: rtw88: delete timer and free skb queue when unloading (bsc#1251984). - CVE-2025-38257: s390/pkey: prevent overflow in size calculation for memdup_user() (bsc#1246189). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2026-106,SUSE-2026-90,SUSE-2026-93,SUSE-2026-94,SUSE-2026-95,SUSE-SLE-Module-Live-Patching-15-SP5-2026-93 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2026/suse-su-20260090-1/ Link for SUSE-SU-2026:0090-1 https://lists.suse.com/pipermail/sle-security-updates/2026-January/023732.html E-Mail link for SUSE-SU-2026:0090-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1246189 SUSE Bug 1246189 https://bugzilla.suse.com/1251984 SUSE Bug 1251984 https://www.suse.com/security/cve/CVE-2023-53574/ SUSE CVE CVE-2023-53574 page https://www.suse.com/security/cve/CVE-2025-38257/ SUSE CVE CVE-2025-38257 page SUSE Linux Enterprise Live Patching 15 SP5 kernel-livepatch-5_14_21-150500_55_103-default-11-150500.2.1 kernel-livepatch-5_14_21-150500_55_88-default-16-150500.2.1 kernel-livepatch-5_14_21-150500_55_97-default-12-150500.2.1 kernel-livepatch-5_14_21-150500_55_100-default-11-150500.2.1 kernel-livepatch-5_14_21-150500_55_110-default-10-150500.2.1 kernel-livepatch-5_14_21-150500_55_97-default-12-150500.2.1 as a component of SUSE Linux Enterprise Live Patching 15 SP5 In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: delete timer and free skb queue when unloading Fix possible crash and memory leak on driver unload by deleting TX purge timer and freeing C2H queue in 'rtw_core_deinit()', shrink critical section in the latter by freeing COEX queue out of TX report lock scope. CVE-2023-53574 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_97-default-12-150500.2.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260090-1/ https://www.suse.com/security/cve/CVE-2023-53574.html CVE-2023-53574 https://bugzilla.suse.com/1251222 SUSE Bug 1251222 https://bugzilla.suse.com/1251984 SUSE Bug 1251984 In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Prevent overflow in size calculation for memdup_user() Number of apqn target list entries contained in 'nr_apqns' variable is determined by userspace via an ioctl call so the result of the product in calculation of size passed to memdup_user() may overflow. In this case the actual size of the allocated area and the value describing it won't be in sync leading to various types of unpredictable behaviour later. Use a proper memdup_array_user() helper which returns an error if an overflow is detected. Note that it is different from when nr_apqns is initially zero - that case is considered valid and should be handled in subsequent pkey_handler implementations. Found by Linux Verification Center (linuxtesting.org). CVE-2025-38257 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_97-default-12-150500.2.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260090-1/ https://www.suse.com/security/cve/CVE-2025-38257.html CVE-2025-38257 https://bugzilla.suse.com/1246186 SUSE Bug 1246186 https://bugzilla.suse.com/1246189 SUSE Bug 1246189