{"affected":[{"ecosystem_specific":{"binaries":[{"kgraft-patch-4_12_14-122_275-default":"3-2.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Live Patching 12 SP5","name":"kgraft-patch-SLE12-SP5_Update_73","purl":"pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_73&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3-2.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\nThis update for the SUSE Linux Enterprise kernel 4.12.14-122.275 fixes one security issue\n\nThe following security issue was fixed:\n\n- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).\n\nThe following non security issue was fixed:\n\n- bsc#1250280: don't expose {file,inode}_operations with static lifetimes Fix issue with static lifetime empty_iops/no_open_fops by allocating them on the heap. Make sure previously assigned instances don't become dangling. (bsc#1250280).\n","id":"SUSE-SU-2026:0525-1","modified":"2026-02-14T17:04:03Z","published":"2026-02-14T17:04:03Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2026/suse-su-20260525-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1250280"},{"type":"REPORT","url":"https://bugzilla.suse.com/1253439"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-40186"}],"related":["CVE-2025-40186"],"summary":"Security update for the Linux Kernel (Live Patch 73 for SUSE Linux Enterprise 12 SP5)","upstream":["CVE-2025-40186"]}