{"affected":[{"ecosystem_specific":{"binaries":[{"kernel-rt":"5.14.21-150400.15.139.2","kernel-source-rt":"5.14.21-150400.15.139.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.3","name":"kernel-rt","purl":"pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.14.21-150400.15.139.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-rt":"5.14.21-150400.15.139.2","kernel-source-rt":"5.14.21-150400.15.139.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.3","name":"kernel-source-rt","purl":"pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.14.21-150400.15.139.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-rt":"5.14.21-150400.15.139.2","kernel-source-rt":"5.14.21-150400.15.139.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.4","name":"kernel-rt","purl":"pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.14.21-150400.15.139.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-rt":"5.14.21-150400.15.139.2","kernel-source-rt":"5.14.21-150400.15.139.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.4","name":"kernel-source-rt","purl":"pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.14.21-150400.15.139.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2022-50280: pnode: terminate at peers of source (bsc#1249806).\n- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251786).\n- CVE-2025-39967: fbcon: fix integer overflow in fbcon_do_set_font (bsc#1252033).\n- CVE-2025-40040: mm/ksm: fix flag-dropping behavior in ksm_madvise (bsc#1252780).\n- CVE-2025-40048: uio_hv_generic: Let userspace take care of interrupt mask (bsc#1252862).\n- CVE-2025-40121: ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping (bsc#1253367).\n- CVE-2025-40154: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (bsc#1253431).\n- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253436).\n\nThe following non-security bugs were fixed:\n\n- scsi: storvsc: Prefer returning channel with the same CPU as on the I/O issuing CPU (bsc#1252267).\n","id":"SUSE-SU-2026:0033-1","modified":"2026-01-05T19:26:53Z","published":"2026-01-05T19:26:53Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2026/suse-su-20260033-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1249806"},{"type":"REPORT","url":"https://bugzilla.suse.com/1251786"},{"type":"REPORT","url":"https://bugzilla.suse.com/1252033"},{"type":"REPORT","url":"https://bugzilla.suse.com/1252267"},{"type":"REPORT","url":"https://bugzilla.suse.com/1252780"},{"type":"REPORT","url":"https://bugzilla.suse.com/1252862"},{"type":"REPORT","url":"https://bugzilla.suse.com/1253367"},{"type":"REPORT","url":"https://bugzilla.suse.com/1253431"},{"type":"REPORT","url":"https://bugzilla.suse.com/1253436"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-50280"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-53676"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-39967"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-40040"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-40048"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-40121"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-40154"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-40204"}],"related":["CVE-2022-50280","CVE-2023-53676","CVE-2025-39967","CVE-2025-40040","CVE-2025-40048","CVE-2025-40121","CVE-2025-40154","CVE-2025-40204"],"summary":"Security update for the Linux Kernel","upstream":["CVE-2022-50280","CVE-2023-53676","CVE-2025-39967","CVE-2025-40040","CVE-2025-40048","CVE-2025-40121","CVE-2025-40154","CVE-2025-40204"]}