Back

Critical Kernel Vulnerabilities in SUSE Linux Affect Multiple Versions

Severity: High (Score: 72.5)

Sources: Linuxsecurity

Summary

SUSE Linux has released important kernel updates addressing two critical vulnerabilities: CVE-2026-43284 and CVE-2026-43500. CVE-2026-43284 allows for in-place decryption on shared skb fragments, while CVE-2026-43500 involves unsharing DATA/RESPONSE packets, potentially leading to data exposure. These vulnerabilities affect SUSE Linux Enterprise 15 SP6, 16.0, and Micro versions 6.0 and 6.1. The vulnerabilities were published on May 8 and May 11, 2026, respectively, with proof of concepts available shortly after. The CVSS scores for these vulnerabilities are notably high, indicating a significant risk to affected systems. Users are urged to apply the latest patches to mitigate these risks. Current advisories emphasize the importance of updating systems promptly to avoid exploitation. Key Points: • Two critical vulnerabilities (CVE-2026-43284 and CVE-2026-43500) have been identified in SUSE Linux kernels. • Affected versions include SUSE Linux Enterprise 15 SP6, 16.0, and Micro 6.0/6.1. • Patches are available, and users are advised to update their systems immediately.

Key Entities

  • CVE-2026-43284 (cve)
  • CVE-2026-43500 (cve)
  • Linux (platform)
  • OpenSUSE Leap 15.6 (platform)
  • SUSE Linux Enterprise 15 SP6 (platform)
  • SUSE Linux Enterprise Micro (platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed