SUSE-CU-2026:6477-1: Security update of suse/sle-micro-rancher/5.4

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Sun Jun 28 07:16:30 UTC 2026


SUSE Container Update Advisory: suse/sle-micro-rancher/5.4
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2026:6477-1
Container Tags        : suse/sle-micro-rancher/5.4:5.4.4.5.136 , suse/sle-micro-rancher/5.4:latest
Container Release     : 4.5.136
Severity              : important
Type                  : security
References            : 1255416 1258538 1260531 1262663 1262993 1263769 1263879 1263880
                        1264076 1264116 1264470 1264610 1266214 1266290 1267214 1267361
                        1267369 1267381 1267387 1267621 1267640 1267652 1267697 CVE-2025-10263
                        CVE-2025-68324 CVE-2026-23392 CVE-2026-31473 CVE-2026-31500 CVE-2026-31613
                        CVE-2026-31697 CVE-2026-31698 CVE-2026-31699 CVE-2026-31759 CVE-2026-43077
                        CVE-2026-43198 CVE-2026-45984 CVE-2026-46037 CVE-2026-46116 CVE-2026-46120
                        CVE-2026-46123 CVE-2026-46150 CVE-2026-46159 CVE-2026-46197 CVE-2026-46227
-----------------------------------------------------------------

The container suse/sle-micro-rancher/5.4 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:2638-1
Released:    Fri Jun 26 08:36:59 2026
Summary:     Security update for the Linux Kernel
Type:        security
Severity:    important
References:  1255416,1258538,1260531,1262663,1262993,1263769,1263879,1263880,1264076,1264116,1264470,1264610,1266214,1266290,1267214,1267361,1267369,1267381,1267387,1267621,1267640,1267652,1267697,CVE-2025-10263,CVE-2025-68324,CVE-2026-23392,CVE-2026-31473,CVE-2026-31500,CVE-2026-31613,CVE-2026-31697,CVE-2026-31698,CVE-2026-31699,CVE-2026-31759,CVE-2026-43077,CVE-2026-43198,CVE-2026-45984,CVE-2026-46037,CVE-2026-46116,CVE-2026-46120,CVE-2026-46123,CVE-2026-46150,CVE-2026-46159,CVE-2026-46197,CVE-2026-46227

The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues

The following security issues were fixed:

- CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs (bsc#1266290).
- CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work (bsc#1255416).
- CVE-2026-23392: netfilter: nf_tables: release flowtable after rcu grace period on error (bsc#1260531).
- CVE-2026-31473: media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex (bsc#1262663).
- CVE-2026-31500: Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock (bsc#1262993).
- CVE-2026-31613: smb: client: fix OOB reads parsing symlink error response (bsc#1263769).
- CVE-2026-31697: crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed (bsc#1264116).
- CVE-2026-31698: crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed (bsc#1263880).
- CVE-2026-31699: crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed (bsc#1263879).
- CVE-2026-31759: usb: ulpi: fix double free in ulpi_register_interface() error path (bsc#1264076).
- CVE-2026-43077: crypto: algif_aead - Fix minimum RX size check for decryption (bsc#1264470).
- CVE-2026-43198: tcp: fix potential race in tcp_v6_syn_recv_sock() (bsc#1264610).
- CVE-2026-45984: gfs2: Move the inode glock locking to gfs2_file_buffered_write (bsc#1267214).
- CVE-2026-46037: ipv4: icmp: validate reply type before using icmp_pointers (bsc#1267361).
- CVE-2026-46116: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete (bsc#1267369).
- CVE-2026-46120: ip6_gre: Use cached t->net in ip6erspan_changelink() (bsc#1267640).
- CVE-2026-46123: Bluetooth: virtio_bt: clamp rx length before skb_put (bsc#1267621).
- CVE-2026-46150: fanotify: fix false positive on permission events (bsc#1267387).
- CVE-2026-46159: btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak (bsc#1267652).
- CVE-2026-46197: drm/amdkfd: validate SVM ioctl nattr against buffer size (bsc#1267381).
- CVE-2026-46227: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (bsc#1267697).

The following non security issues were fixed:

- smb: client: correctly handle ErrorContextData as a flexible array (git-fixes).


The following package changes have been done:

- kernel-default-5.14.21-150400.24.225.2 updated


More information about the sle-container-updates mailing list