Security update for the Linux Kernel SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2026:0352-1 Final 1 1 2026-01-30T14:05:23Z current 2026-01-30T14:05:23Z 2026-01-30T14:05:23Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-54168: RDMA/mlx4: Prevent shift wrapping in set_user_sq_size() (bsc#1256053). - CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1253291 bsc#1253292). - CVE-2025-40215: kABI: xfrm: delete x->tunnel as we delete x (bsc#1254959). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2026-352,SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2026-352 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2026/suse-su-20260352-1/ Link for SUSE-SU-2026:0352-1 https://lists.suse.com/pipermail/sle-security-updates/2026-January/023998.html E-Mail link for SUSE-SU-2026:0352-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1207051 SUSE Bug 1207051 https://bugzilla.suse.com/1253291 SUSE Bug 1253291 https://bugzilla.suse.com/1253292 SUSE Bug 1253292 https://bugzilla.suse.com/1254959 SUSE Bug 1254959 https://bugzilla.suse.com/1256053 SUSE Bug 1256053 https://bugzilla.suse.com/1256353 SUSE Bug 1256353 https://www.suse.com/security/cve/CVE-2023-23559/ SUSE CVE CVE-2023-23559 page https://www.suse.com/security/cve/CVE-2023-54110/ SUSE CVE CVE-2023-54110 page https://www.suse.com/security/cve/CVE-2023-54168/ SUSE CVE CVE-2023-54168 page https://www.suse.com/security/cve/CVE-2025-40018/ SUSE CVE CVE-2025-40018 page https://www.suse.com/security/cve/CVE-2025-40215/ SUSE CVE CVE-2025-40215 page SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-default-3.0.101-108.198.1 kernel-default-base-3.0.101-108.198.1 kernel-default-devel-3.0.101-108.198.1 kernel-docs-3.0.101-108.198.1 kernel-ec2-3.0.101-108.198.1 kernel-ec2-base-3.0.101-108.198.1 kernel-ec2-devel-3.0.101-108.198.1 kernel-source-3.0.101-108.198.1 kernel-syms-3.0.101-108.198.1 kernel-trace-3.0.101-108.198.1 kernel-trace-base-3.0.101-108.198.1 kernel-trace-devel-3.0.101-108.198.1 kernel-xen-3.0.101-108.198.1 kernel-xen-base-3.0.101-108.198.1 kernel-xen-devel-3.0.101-108.198.1 kernel-default-3.0.101-108.198.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-default-base-3.0.101-108.198.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-default-devel-3.0.101-108.198.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-docs-3.0.101-108.198.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-ec2-3.0.101-108.198.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-ec2-base-3.0.101-108.198.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-ec2-devel-3.0.101-108.198.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-source-3.0.101-108.198.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-syms-3.0.101-108.198.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-trace-3.0.101-108.198.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-trace-base-3.0.101-108.198.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-trace-devel-3.0.101-108.198.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-xen-3.0.101-108.198.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-xen-base-3.0.101-108.198.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE kernel-xen-devel-3.0.101-108.198.1 as a component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition. CVE-2023-23559 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-docs-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.198.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260352-1/ https://www.suse.com/security/cve/CVE-2023-23559.html CVE-2023-23559 https://bugzilla.suse.com/1207051 SUSE Bug 1207051 In the Linux kernel, the following vulnerability has been resolved: usb: rndis_host: Secure rndis_query check against int overflow Variables off and len typed as uint32 in rndis_query function are controlled by incoming RNDIS response message thus their value may be manipulated. Setting off to a unexpectetly large value will cause the sum with len and 8 to overflow and pass the implemented validation step. Consequently the response pointer will be referring to a location past the expected buffer boundaries allowing information leakage e.g. via RNDIS_OID_802_3_PERMANENT_ADDRESS OID. CVE-2023-54110 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-docs-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.198.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260352-1/ https://www.suse.com/security/cve/CVE-2023-54110.html CVE-2023-54110 https://bugzilla.suse.com/1256353 SUSE Bug 1256353 In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx4: Prevent shift wrapping in set_user_sq_size() The ucmd->log_sq_bb_count variable is controlled by the user so this shift can wrap. Fix it by using check_shl_overflow() in the same way that it was done in commit 515f60004ed9 ("RDMA/hns: Prevent undefined behavior in hns_roce_set_user_sq_size()"). CVE-2023-54168 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-docs-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.198.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260352-1/ https://www.suse.com/security/cve/CVE-2023-54168.html CVE-2023-54168 https://bugzilla.suse.com/1256053 SUSE Bug 1256053 https://bugzilla.suse.com/1256054 SUSE Bug 1256054 In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_module is false) and defer it to __ip_vs_cleanup_batch(), which unregisters all apps after all connections are flushed. If called during module exit, unregister ip_vs_ftp immediately. CVE-2025-40018 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-docs-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.198.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260352-1/ https://www.suse.com/security/cve/CVE-2025-40018.html CVE-2025-40018 https://bugzilla.suse.com/1247374 SUSE Bug 1247374 https://bugzilla.suse.com/1252688 SUSE Bug 1252688 https://bugzilla.suse.com/1252689 SUSE Bug 1252689 https://bugzilla.suse.com/1253291 SUSE Bug 1253291 In the Linux kernel, the following vulnerability has been resolved: xfrm: delete x->tunnel as we delete x The ipcomp fallback tunnels currently get deleted (from the various lists and hashtables) as the last user state that needed that fallback is destroyed (not deleted). If a reference to that user state still exists, the fallback state will remain on the hashtables/lists, triggering the WARN in xfrm_state_fini. Because of those remaining references, the fix in commit f75a2804da39 ("xfrm: destroy xfrm_state synchronously on net exit path") is not complete. We recently fixed one such situation in TCP due to defered freeing of skbs (commit 9b6412e6979f ("tcp: drop secpath at the same time as we currently drop dst")). This can also happen due to IP reassembly: skbs with a secpath remain on the reassembly queue until netns destruction. If we can't guarantee that the queues are flushed by the time xfrm_state_fini runs, there may still be references to a (user) xfrm_state, preventing the timely deletion of the corresponding fallback state. Instead of chasing each instance of skbs holding a secpath one by one, this patch fixes the issue directly within xfrm, by deleting the fallback state as soon as the last user state depending on it has been deleted. Destruction will still happen when the final reference is dropped. A separate lockdep class for the fallback state is required since we're going to lock x->tunnel while x is locked. CVE-2025-40215 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-docs-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.198.1 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.198.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260352-1/ https://www.suse.com/security/cve/CVE-2025-40215.html CVE-2025-40215 https://bugzilla.suse.com/1254959 SUSE Bug 1254959 https://bugzilla.suse.com/1255054 SUSE Bug 1255054