{"affected":[{"ecosystem_specific":{"binaries":[{"kernel-livepatch-6_12_0-160000_5-rt":"4-160000.3.4"}]},"package":{"ecosystem":"SUSE:Linux Micro 6.2","name":"kernel-livepatch-SLE16-RT_Update_0","purl":"pkg:rpm/suse/kernel-livepatch-SLE16-RT_Update_0&distro=SUSE%20Linux%20Micro%206.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4-160000.3.4"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\nThis update for the SUSE Linux Enterprise kernel 6.12.0-160000.5.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1246019).\n- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672).\n- CVE-2025-38554: mm: fix a UAF when vma->mm is freed after vma->vm_refcnt got dropped (bsc#1248301).\n- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).\n- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).\n- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).\n- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537).\n- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208).\n- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207).\n- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631).\n- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).\n- CVE-2025-39963: io_uring: fix incorrect io_kiocb reference in io_link_skb (bsc#1251982).\n- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).\n- CVE-2025-40212: nfsd: fix refcount leak in nfsd_set_fh_dentry() (bsc#1254196).\n\nThe following non security issue was fixed:\n\n- Explicitly add module-common.c with vermagic and retpoline modinfo (bsc#1252270).\n","id":"SUSE-SU-2026:20164-1","modified":"2026-01-26T09:12:02Z","published":"2026-01-26T09:12:02Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2026/suse-su-202620164-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1246019"},{"type":"REPORT","url":"https://bugzilla.suse.com/1248301"},{"type":"REPORT","url":"https://bugzilla.suse.com/1248400"},{"type":"REPORT","url":"https://bugzilla.suse.com/1248631"},{"type":"REPORT","url":"https://bugzilla.suse.com/1248670"},{"type":"REPORT","url":"https://bugzilla.suse.com/1248672"},{"type":"REPORT","url":"https://bugzilla.suse.com/1249207"},{"type":"REPORT","url":"https://bugzilla.suse.com/1249208"},{"type":"REPORT","url":"https://bugzilla.suse.com/1249241"},{"type":"REPORT","url":"https://bugzilla.suse.com/1249537"},{"type":"REPORT","url":"https://bugzilla.suse.com/1250192"},{"type":"REPORT","url":"https://bugzilla.suse.com/1251982"},{"type":"REPORT","url":"https://bugzilla.suse.com/1252270"},{"type":"REPORT","url":"https://bugzilla.suse.com/1253437"},{"type":"REPORT","url":"https://bugzilla.suse.com/1254196"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-53164"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-38500"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-38554"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-38572"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-38588"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-38608"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-38616"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-38617"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-38618"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-38664"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-39682"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-39963"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-40204"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-40212"}],"related":["CVE-2024-53164","CVE-2025-38500","CVE-2025-38554","CVE-2025-38572","CVE-2025-38588","CVE-2025-38608","CVE-2025-38616","CVE-2025-38617","CVE-2025-38618","CVE-2025-38664","CVE-2025-39682","CVE-2025-39963","CVE-2025-40204","CVE-2025-40212"],"summary":"Security update for the Linux Kernel RT (Live Patch 0 for SUSE Linux Enterprise 16)","upstream":["CVE-2024-53164","CVE-2025-38500","CVE-2025-38554","CVE-2025-38572","CVE-2025-38588","CVE-2025-38608","CVE-2025-38616","CVE-2025-38617","CVE-2025-38618","CVE-2025-38664","CVE-2025-39682","CVE-2025-39963","CVE-2025-40204","CVE-2025-40212"]}