SUSE-IU-2026:977-1: Security update of suse/sle-micro/rt-5.5

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Fri Feb 13 17:36:21 UTC 2026 

SUSE Image Update Advisory: suse/sle-micro/rt-5.5
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:977-1
Image Tags        : suse/sle-micro/rt-5.5:2.0.4 , suse/sle-micro/rt-5.5:2.0.4-4.5.558 , suse/sle-micro/rt-5.5:latest
Image Release     : 4.5.558
Severity          : important
Type              : security
References        : 1220137 1220144 1222323 1223007 1225049 1233038 1235905 1236104
                        1236208 1237885 1237906 1238414 1238754 1238763 1244758 1244904
                        1245110 1245210 1245723 1245751 1247177 1247483 1248306 1248377
                        1249156 1249158 1249827 1252785 1253028 1253087 1253409 1253702
                        1254447 1254462 1254463 1254464 1254465 1254767 1254842 1255171
                        1255251 1255377 1255401 1255594 1255908 1256095 1256582 1256612
                        1256623 1256641 1256726 1256744 1256779 1256792 1257232 1257236
                        1257296 1257473 CVE-2022-49604 CVE-2022-49943 CVE-2022-49980
                        CVE-2022-50232 CVE-2022-50697 CVE-2023-52433 CVE-2023-52874 CVE-2023-52923
                        CVE-2023-53178 CVE-2023-53407 CVE-2023-53412 CVE-2023-53417 CVE-2023-53418
                        CVE-2023-53714 CVE-2023-54142 CVE-2023-54243 CVE-2024-26581 CVE-2024-26661
                        CVE-2024-26832 CVE-2024-50143 CVE-2024-54031 CVE-2025-21658 CVE-2025-21760
                        CVE-2025-21764 CVE-2025-21765 CVE-2025-21766 CVE-2025-38068 CVE-2025-38129
                        CVE-2025-38159 CVE-2025-38375 CVE-2025-38563 CVE-2025-38565 CVE-2025-38684
                        CVE-2025-40044 CVE-2025-40139 CVE-2025-40257 CVE-2025-40300 CVE-2025-68183
                        CVE-2025-68284 CVE-2025-68285 CVE-2025-68312 CVE-2025-68771 CVE-2025-68813
                        CVE-2025-71085 CVE-2025-71089 CVE-2025-71112 CVE-2025-71116 CVE-2025-71120
                        CVE-2026-22999 CVE-2026-23001 
-----------------------------------------------------------------

The container suse/sle-micro/rt-5.5 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:496-1
Released:    Fri Feb 13 11:52:17 2026
Summary:     Security update for the Linux Kernel
Type:        security
Severity:    important
References:  1220137,1220144,1222323,1223007,1225049,1233038,1235905,1236104,1236208,1237885,1237906,1238414,1238754,1238763,1244758,1244904,1245110,1245210,1245723,1245751,1247177,1247483,1248306,1248377,1249156,1249158,1249827,1252785,1253028,1253087,1253409,1253702,1254447,1254462,1254463,1254464,1254465,1254767,1254842,1255171,1255251,1255377,1255401,1255594,1255908,1256095,1256582,1256612,1256623,1256641,1256726,1256744,1256779,1256792,1257232,1257236,1257296,1257473,CVE-2022-49604,CVE-2022-49943,CVE-2022-49980,CVE-2022-50232,CVE-2022-50697,CVE-2023-52433,CVE-2023-52874,CVE-2023-52923,CVE-2023-53178,CVE-2023-53407,CVE-2023-53412,CVE-2023-53417,CVE-2023-53418,CVE-2023-53714,CVE-2023-54142,CVE-2023-54243,CVE-2024-26581,CVE-2024-26661,CVE-2024-26832,CVE-2024-50143,CVE-2024-54031,CVE-2025-21658,CVE-2025-21760,CVE-2025-21764,CVE-2025-21765,CVE-2025-21766,CVE-2025-38068,CVE-2025-38129,CVE-2025-38159,CVE-2025-38375,CVE-2025-38563,CVE-2025-38565,CVE-2025-38684,CVE-2025-40044,CVE-2025-40
 139,CVE-2025-40257,CVE-2025-40300,CVE-2025-68183,CVE-2025-68284,CVE-2025-68285,CVE-2025-68312,CVE-2025-68771,CVE-2025-68813,CVE-2025-71085,CVE-2025-71089,CVE-2025-71112,CVE-2025-71116,CVE-2025-71120,CVE-2026-22999,CVE-2026-23001

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues

The following security issues were fixed:

- CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit (bsc#1255594).
- CVE-2023-54142: gtp: Fix use-after-free in __gtp_encap_destroy() (bsc#1256095).
- CVE-2023-54243: netfilter: ebtables: fix table blob use-after-free (bsc#1255908).
- CVE-2025-38068: crypto: lzo - Fix compression buffer overrun (bsc#1245210).
- CVE-2025-38129: page_pool: fix inconsistency for page_pool_ring_lock() (bsc#1245723).
- CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (bsc#1245751).
- CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177).
- CVE-2025-40257: mptcp: fix a race in mptcp_pm_del_add_timer() (bsc#1254842).
- CVE-2025-40300: Documentation/hw-vuln: Add VMSCAPE documentation (bsc#1247483).
- CVE-2025-68183: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr (bsc#1255251).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255377).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255401).
- CVE-2025-68312: usbnet: Prevents free active kevent (bsc#1255171).
- CVE-2025-68771: ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256623).
- CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256612).
- CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc#1256726).
- CVE-2025-71116: libceph: make decode_pool() more resilient against corrupted osdmaps (bsc#1256744).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256779).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257236).
- CVE-2026-23001: macvlan: fix possible UAF in macvlan_forward_source() (bsc#1257232).
- CVE-2023-53215: sched/fair: Don't balance task to its current running CPU (bsc#1250397).
- CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).

The following non security issues were fixed:

- Revert 'ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582)'.
- mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (bsc#1253087 bsc#1254447).
- net: hv_netvsc: reject RSS hash key programming without RX indirection table (bsc#1257473).
- net: tcp: allow zero-window ACK update the window (bsc#1254767).
- net: tcp: send zero-window ACK when no memory (bsc#1254767).
- scsi: storvsc: Process unsupported MODE_SENSE_10 (bsc#1257296).
- tcp: correct handling of extreme memory squeeze (bsc#1254767).
- x86: make page fault handling disable interrupts properly (git-fixes).


The following package changes have been done:

- kernel-rt-5.14.21-150500.13.121.1 updated

More information about the sle-container-updates mailing list