Security update for the Linux Kernel (Live Patch 44 for SUSE Linux Enterprise 15 SP4) SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2026:0566-1 Final 1 1 2026-02-17T06:33:40Z current 2026-02-17T06:33:40Z 2026-02-17T06:33:40Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel (Live Patch 44 for SUSE Linux Enterprise 15 SP4) This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.176 fixes various security issues The following security issues were fixed: - CVE-2023-53321: wifi: mac80211_hwsim: drop short frames (bsc#1250314). - CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455). - CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2026-566,SUSE-SLE-Module-Live-Patching-15-SP4-2026-566 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2026/suse-su-20260566-1/ Link for SUSE-SU-2026:0566-1 https://lists.suse.com/pipermail/sle-security-updates/2026-February/024330.html E-Mail link for SUSE-SU-2026:0566-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1249455 SUSE Bug 1249455 https://bugzilla.suse.com/1249480 SUSE Bug 1249480 https://bugzilla.suse.com/1250314 SUSE Bug 1250314 https://www.suse.com/security/cve/CVE-2023-53321/ SUSE CVE CVE-2023-53321 page https://www.suse.com/security/cve/CVE-2025-38111/ SUSE CVE CVE-2025-38111 page https://www.suse.com/security/cve/CVE-2025-39742/ SUSE CVE CVE-2025-39742 page SUSE Linux Enterprise Live Patching 15 SP4 kernel-livepatch-5_14_21-150400_24_176-default-7-150400.2.1 kernel-livepatch-5_14_21-150400_24_176-default-7-150400.2.1 as a component of SUSE Linux Enterprise Live Patching 15 SP4 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211_hwsim: drop short frames While technically some control frames like ACK are shorter and end after Address 1, such frames shouldn't be forwarded through wmediumd or similar userspace, so require the full 3-address header to avoid accessing invalid memory if shorter frames are passed in. CVE-2023-53321 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_176-default-7-150400.2.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260566-1/ https://www.suse.com/security/cve/CVE-2023-53321.html CVE-2023-53321 https://bugzilla.suse.com/1250313 SUSE Bug 1250313 https://bugzilla.suse.com/1250314 SUSE Bug 1250314 In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via mdiobus, there is no verification of parameters passed to the ioctl and it accepts any mdio address. Currently there is support for 32 addresses in kernel via PHY_MAX_ADDR define, but it is possible to pass higher value than that via ioctl. While read/write operation should generally fail in this case, mdiobus provides stats array, where wrong address may allow out-of-bounds read/write. Fix that by adding address verification before read/write operation. While this excludes this access from any statistics, it improves security of read/write operation. CVE-2025-38111 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_176-default-7-150400.2.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260566-1/ https://www.suse.com/security/cve/CVE-2025-38111.html CVE-2025-38111 https://bugzilla.suse.com/1245666 SUSE Bug 1245666 https://bugzilla.suse.com/1249455 SUSE Bug 1249455 In the Linux kernel, the following vulnerability has been resolved: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() The function divides number of online CPUs by num_core_siblings, and later checks the divider by zero. This implies a possibility to get and divide-by-zero runtime error. Fix it by moving the check prior to division. This also helps to save one indentation level. CVE-2025-39742 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_176-default-7-150400.2.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260566-1/ https://www.suse.com/security/cve/CVE-2025-39742.html CVE-2025-39742 https://bugzilla.suse.com/1247374 SUSE Bug 1247374 https://bugzilla.suse.com/1249479 SUSE Bug 1249479 https://bugzilla.suse.com/1249480 SUSE Bug 1249480 https://bugzilla.suse.com/1253291 SUSE Bug 1253291