Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2026:20388-1 Final 1 1 2026-01-29T10:37:57Z current 2026-01-29T10:37:57Z 2026-01-29T10:37:57Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) This update for the SUSE Linux Enterprise kernel 6.4.0-30.1 fixes one security issue The following security issue was fixed: - CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241). The following non security issue was fixed: - fix addr_bit_set() issue on big-endian machines (bsc#1256928). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-Micro-6.1-kernel-257 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2026/suse-su-202620388-1/ Link for SUSE-SU-2026:20388-1 https://lists.suse.com/pipermail/sle-security-updates/2026-February/024304.html E-Mail link for SUSE-SU-2026:20388-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1249241 SUSE Bug 1249241 https://bugzilla.suse.com/1256928 SUSE Bug 1256928 https://www.suse.com/security/cve/CVE-2025-38588/ SUSE CVE CVE-2025-38588 page SUSE Linux Micro 6.1 kernel-livepatch-6_4_0-30-default-11-1.2 kernel-livepatch-6_4_0-30-default-11-1.2 as a component of SUSE Linux Micro 6.1 In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent infinite loop in rt6_nlmsg_size() While testing prior patch, I was able to trigger an infinite loop in rt6_nlmsg_size() in the following place: list_for_each_entry_rcu(sibling, &f6i->fib6_siblings, fib6_siblings) { rt6_nh_nlmsg_size(sibling->fib6_nh, &nexthop_len); } This is because fib6_del_route() and fib6_add_rt2node() uses list_del_rcu(), which can confuse rcu readers, because they might no longer see the head of the list. Restart the loop if f6i->fib6_nsiblings is zero. CVE-2025-38588 SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-default-11-1.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-202620388-1/ https://www.suse.com/security/cve/CVE-2025-38588.html CVE-2025-38588 https://bugzilla.suse.com/1248368 SUSE Bug 1248368 https://bugzilla.suse.com/1249241 SUSE Bug 1249241