Описание
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache (bsc#1264013).
- CVE-2026-46300: net: skbuff: propagate shared-frag marker through pskb_copy() (bsc#1265209).
- CVE-2026-46333: ptrace: Logic bug in the Linux kernel's __ptrace_may_access() function (bsc#1265308).
Список пакетов
Image SLES15-SP7-Azure-3P
Image SLES15-SP7-Azure-Basic
Image SLES15-SP7-Azure-Standard
Image SLES15-SP7-BYOS-Azure
Image SLES15-SP7-BYOS-EC2
Image SLES15-SP7-BYOS-GCE
Image SLES15-SP7-CHOST-BYOS-Aliyun
Image SLES15-SP7-CHOST-BYOS-Azure
Image SLES15-SP7-CHOST-BYOS-EC2
Image SLES15-SP7-CHOST-BYOS-GCE
Image SLES15-SP7-CHOST-BYOS-GDC
Image SLES15-SP7-CHOST-BYOS-SAP-CCloud
Image SLES15-SP7-EC2
Image SLES15-SP7-EC2-ECS-HVM
Image SLES15-SP7-GCE
Image SLES15-SP7-GCE-3P
Image SLES15-SP7-HPC-Azure
Image SLES15-SP7-HPC-BYOS-Azure
Image SLES15-SP7-HPC-BYOS-EC2
Image SLES15-SP7-HPC-BYOS-GCE
Image SLES15-SP7-Hardened-BYOS-Azure
Image SLES15-SP7-Hardened-BYOS-EC2
Image SLES15-SP7-Hardened-BYOS-GCE
Image SLES15-SP7-SAP-Azure
Image SLES15-SP7-SAP-Azure-3P
Image SLES15-SP7-SAP-BYOS-Azure
Image SLES15-SP7-SAP-BYOS-EC2
Image SLES15-SP7-SAP-BYOS-GCE
Image SLES15-SP7-SAP-EC2
Image SLES15-SP7-SAP-GCE
Image SLES15-SP7-SAP-GCE-3P
Image SLES15-SP7-SAP-Hardened-Azure
Image SLES15-SP7-SAP-Hardened-BYOS-Azure
Image SLES15-SP7-SAP-Hardened-BYOS-EC2
Image SLES15-SP7-SAP-Hardened-BYOS-GCE
Image SLES15-SP7-SAP-Hardened-GCE
Image SLES15-SP7-SAPCAL-Azure
Image SLES15-SP7-SAPCAL-EC2
Image SLES15-SP7-SAPCAL-GCE
SUSE Linux Enterprise High Availability Extension 15 SP7
SUSE Linux Enterprise Live Patching 15 SP7
SUSE Linux Enterprise Module for Basesystem 15 SP7
SUSE Linux Enterprise Module for Development Tools 15 SP7
SUSE Linux Enterprise Module for Legacy 15 SP7
SUSE Linux Enterprise Module for Public Cloud 15 SP7
SUSE Linux Enterprise Workstation Extension 15 SP7
Ссылки
- Link for SUSE-SU-2026:1978-1
- E-Mail link for SUSE-SU-2026:1978-1
- SUSE Security Ratings
- SUSE Bug 1264013
- SUSE Bug 1265209
- SUSE Bug 1265308
- SUSE CVE CVE-2025-54518 page
- SUSE CVE CVE-2026-46300 page
- SUSE CVE CVE-2026-46333 page
Описание
Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level, potentially resulting in privilege escalation.
Затронутые продукты
Ссылки
- CVE-2025-54518
- SUSE Bug 1264013
- SUSE Bug 1264066
- SUSE Bug 1264096
Описание
In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backed frags, but the shared-frag marker is currently lost. That breaks the invariant relied on by later in-place writers. In particular, ESP input checks skb_has_shared_frag() before deciding whether an uncloned nonlinear skb can skip skb_cow_data(). If TCP receive coalescing has moved shared frags into an unmarked skb, ESP can see skb_has_shared_frag() as false and decrypt in place over page-cache backed frags. Propagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged frags. The tailroom copy path does not need the marker because it copies bytes into @to's linear data rather than transferring frag descriptors.
Затронутые продукты
Ссылки
- CVE-2026-46300
- SUSE Bug 1265209
- SUSE Bug 1265226
- SUSE Bug 1265312
- SUSE Bug 1265383
- SUSE Bug 1265960
Описание
In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional "drop capabilities" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached "last dumpability" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.
Затронутые продукты
Ссылки
- CVE-2026-46333
- SUSE Bug 1265308
- SUSE Bug 1265384