Skip to main content

Mondoo

Vulnerability Management
Technology
Services

Solutions

Financial Services
Manufacturing
Healthcare

Resources

Blog
Vulnerability Database
Documentation
GitHub

Company

About
Careers
Partners
Contact

Legal

Privacy
Terms
Imprint

© 2026 Mondoo, Inc.

Log in Get Assessment

Vulnerability IntelligenceSUSE-SU-2026:1900-1

SUSE-SU-2026:1900-1

HIGH8.8

Security update for the Linux Kernel

Published May 17, 2026

Modified 1 weeks ago

Fix available

Details

Description of the patch:

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues

The following security issues were fixed:

CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache (bsc#1264013).
CVE-2026-46300: net: skbuff: propagate shared-frag marker through pskb_copy() (bsc#1265209).
CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags (bsc#1264449).
CVE-2026-43500: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present (aka Dirty Frag) (bsc#1264450)
CVE-2026-46333: ptrace: Logic bug in the Linux kernel's __ptrace_may_access() function (bsc#1265308).

The following non security issues were fixed:

io-wq: check that the predecessor is hashed in io_wq_remove_pending() (git-fixes).

Affected Packages

kernel-rt

SUSE Linux Enterprise Micro 5.3SUSE Linux Enterprise Micro 5.4

Fixed in:

5.14.21-150400.15.164.1

kernel-source-rt

SUSE Linux Enterprise Micro 5.3SUSE Linux Enterprise Micro 5.4

Fixed in:

5.14.21-150400.15.164.1

References

https://bugzilla.suse.com/1264013

https://bugzilla.suse.com/1264449

https://bugzilla.suse.com/1264450

https://bugzilla.suse.com/1265209

https://bugzilla.suse.com/1265308

https://lists.suse.com/pipermail/sle-updates/2026-May/046516.html

https://www.suse.com/security/cve/CVE-2025-54518/

https://www.suse.com/security/cve/CVE-2026-43284/

https://www.suse.com/security/cve/CVE-2026-43500/

https://www.suse.com/security/cve/CVE-2026-46300/

https://www.suse.com/security/cve/CVE-2026-46333/

https://www.suse.com/support/security/rating/

https://www.suse.com/support/update/announcement/2026/suse-su-20261900-1/

CVSS Analysis

CVSS v3.1

8.8

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

Scope

ChangedS:C

Impact

Confidentiality

HighC:H

Integrity

HighI:H

Availability

HighA:H

8.8/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Upstream

CVE-2025-54518 CVE-2026-43284 CVE-2026-43500 CVE-2026-46300 CVE-2026-46333

Ecosystems

SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Micro 5.4

Timeline

PublishedMay 17, 2026

ModifiedMay 17, 2026

SUSE-SU-2026:1900-1 | Mondoo Vulnerability Intelligence