Security update for the Linux Kernel (Live Patch 79 for SUSE Linux Enterprise 12 SP5)
This security update for the SUSE Linux Enterprise Kernel 4.12.14-122.299 addresses multiple vulnerabilities including a heap overflow in the NFSv4.0 LOCK replay cache, a use-after-free in network packet handling, fixes related to dirty.frag, and an issue in generic receive offload (GRO) merging. These vulnerabilities were fixed in this update to improve kernel security.
AI Analysis
Technical Summary
The SUSE Product Security Team released a security update (Live Patch 79) for SUSE Linux Enterprise Kernel version 4.12.14-122.299 that fixes four distinct security issues: CVE-2026-31402 addresses a heap overflow in the NFSv4.0 LOCK replay cache; CVE-2026-31504 fixes a use-after-free in packet_release() triggered by a NETDEV_UP race condition; CVE-2026-43503 includes final fixes related to dirty.frag handling; and CVE-2026-46323 prevents merging of zero-copy skbs in the generic receive offload (GRO) code. These fixes mitigate potential kernel-level vulnerabilities that could impact system stability or security.
Potential Impact
The vulnerabilities fixed include a heap overflow, use-after-free, and other kernel memory handling issues that could lead to system crashes or potential privilege escalation if exploited. No known exploits in the wild have been reported. The update improves kernel security by addressing these memory corruption and network packet handling flaws.
Mitigation Recommendations
A security update (Live Patch 79) is available from the SUSE Product Security Team that fixes these vulnerabilities in the SUSE Linux Enterprise Kernel 4.12.14-122.299. Applying this official patch is the recommended remediation. Patch status is confirmed by the vendor advisory SUSE-SU-2026:2592-1. No additional mitigations are indicated.
Security update for the Linux Kernel (Live Patch 79 for SUSE Linux Enterprise 12 SP5)
Description
This security update for the SUSE Linux Enterprise Kernel 4.12.14-122.299 addresses multiple vulnerabilities including a heap overflow in the NFSv4.0 LOCK replay cache, a use-after-free in network packet handling, fixes related to dirty.frag, and an issue in generic receive offload (GRO) merging. These vulnerabilities were fixed in this update to improve kernel security.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The SUSE Product Security Team released a security update (Live Patch 79) for SUSE Linux Enterprise Kernel version 4.12.14-122.299 that fixes four distinct security issues: CVE-2026-31402 addresses a heap overflow in the NFSv4.0 LOCK replay cache; CVE-2026-31504 fixes a use-after-free in packet_release() triggered by a NETDEV_UP race condition; CVE-2026-43503 includes final fixes related to dirty.frag handling; and CVE-2026-46323 prevents merging of zero-copy skbs in the generic receive offload (GRO) code. These fixes mitigate potential kernel-level vulnerabilities that could impact system stability or security.
Potential Impact
The vulnerabilities fixed include a heap overflow, use-after-free, and other kernel memory handling issues that could lead to system crashes or potential privilege escalation if exploited. No known exploits in the wild have been reported. The update improves kernel security by addressing these memory corruption and network packet handling flaws.
Mitigation Recommendations
A security update (Live Patch 79) is available from the SUSE Product Security Team that fixes these vulnerabilities in the SUSE Linux Enterprise Kernel 4.12.14-122.299. Applying this official patch is the recommended remediation. Patch status is confirmed by the vendor advisory SUSE-SU-2026:2592-1. No additional mitigations are indicated.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- SUSE Product Security Team
- Advisory Id
- SUSE-SU-2026:2592-1
- Cve Count
- 4
- Additional Cves
- ["CVE-2026-31504","CVE-2026-43503","CVE-2026-46323"]
- Cvss Version
- null
Threat ID: 6a3c0d23eed863c81e23eb75
Added to database: 06/24/2026, 17:00:19 UTC
Last enriched: 06/24/2026, 17:17:40 UTC
Last updated: 06/24/2026, 19:03:31 UTC
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.