Back

SUSE Linux Kernel Updates Address Multiple Security Vulnerabilities

Severity: Medium (Score: 57.9)

Sources: Linuxsecurity

Published: 2026-06-02 · Updated: 2026-06-02

Keywords: security, issues, suse, kernel, linux, enterprise, update

Severity indicators: issue, security issue

Summary

SUSE released two important security updates for the Linux Enterprise 16.0 kernel, addressing a total of 206 issues. The updates include fixes for multiple CVEs, notably CVE-2023-2058, CVE-2024-14027, CVE-2025-40181, CVE-2025-68265, CVE-2025-68310, CVE-2025-71302, CVE-2026-23168, and CVE-2026-23245. These vulnerabilities affect various components of the kernel, including x86 CPUs, KVM, NVMe, and more. The updates were released on May 28, 2026, and are rated as important, indicating a significant risk to users. System administrators are advised to apply these updates promptly to mitigate potential exploitation. The vulnerabilities range from issues that could lead to denial of service to those that may allow privilege escalation. Key Points: • SUSE released important kernel updates for Linux Enterprise 16.0 on May 28, 2026. • The updates address multiple CVEs, including critical vulnerabilities in CPU and KVM components. • System administrators are urged to apply the patches to safeguard against potential exploits.

Detailed Analysis

**Impact** SUSE Linux Enterprise 16.0 users are affected by multiple security vulnerabilities in the kernel, potentially impacting systems across various sectors relying on this distribution. The vulnerabilities could lead to system instability, denial of service, or privilege escalation, affecting operational continuity. No specific geographic or sectoral data is provided in the sources. **Technical Details** The update addresses eight CVEs including CVE-2023-2058 (x86/CPU FPDSS fix on Zen1), CVE-2024-14027 (xattr CLASS(fd) switch), and CVE-2025-40181 (x86/kvm PCI hole handling for TDX/SNP). Other fixes involve nvme request queue lifetime, PCI error recovery deadlock, dma-fence access rules, hardirq safety, and net/sched parameter snapshotting. No attack vectors, TTPs, malware, or IOCs are detailed in the articles. **Recommended Response** Apply the SUSE Linux Enterprise 16.0 kernel updates identified by announcements SUSE-SU-2026:21845-1 and SUSE-SU-2026:21860-1 immediately to mitigate the vulnerabilities. Monitor kernel-related logs for unusual behavior and ensure system configurations adhere to security best practices. No additional detection signatures or indicators are provided.

Source articles (2)

  • SUSE Linux Enterprise 16.0 Security Update Kernel Important 2026-21860 — Linuxsecurity · 2026-06-01
    ## The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2023-2058: x86/CPU: Fix FPDSS on Zen1 (bsc#1243603). * CVE-2024-1402…
  • SUSE Kernel Security Update Important Fixing 206 Issues 2026-21845 — Linuxsecurity · 2026-06-01
    ## The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2023-2058: x86/CPU: Fix FPDSS on Zen1 (bsc#1243603). * CVE-2024-1402…

Timeline

  • 2023-04-14 — CVE-2023-2058 published: A vulnerability in x86/CPU affecting FPDSS on Zen1 was disclosed.
  • 2024-03-09 — CVE-2024-14027 published: A vulnerability related to xattr was disclosed, with a PoC available by March 14, 2026.
  • 2025-11-12 — CVE-2025-40181 published: Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
  • 2025-12-16 — CVE-2025-68265 published: A vulnerability affecting NVMe's admin request_queue lifetime was disclosed.
  • 2025-12-16 — CVE-2025-68310 published: A vulnerability in s390/pci that could lead to deadlock during error recovery was disclosed.
  • 2026-02-14 — CVE-2026-23168 published: A vulnerability in flex_proportions that affects hardirq safety was disclosed.
  • 2026-03-18 — CVE-2026-23245 published: A vulnerability in net/sched affecting act_gate parameters was disclosed.
  • 2026-05-08 — CVE-2025-71302 published: A vulnerability in drm/panthor affecting dma-fence safe access rules was disclosed.
  • 2026-05-28 — SUSE kernel updates released: SUSE released updates addressing multiple vulnerabilities, urging users to apply them immediately.

CVEs

  • CVE-2023-2058
  • CVE-2024-14027
  • CVE-2025-40181
  • CVE-2025-68265
  • CVE-2025-68310
  • CVE-2025-71302
  • CVE-2026-23168
  • CVE-2026-23245

Related entities

  • Cwe-362 - Race Condition (Cwe)
  • Linux (Platform)
  • SUSE Linux Enterprise (Platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed