openSUSE Leap 16.0 nebula Important Update DoS CVE-2025-22869 20581-1
opensuse
April 21, 2026
An update that solves one vulnerability can now be installed.
Description
This update for nebula fixes the following issues:
Changes in nebula:
- Update to version 1.10.3:
* Fix an issue where blocklist bypass is possible when using curve P256
Any newly issued P256 based certificates will have their signature clamped
to the low-s form. Nebula will assert the low-s signature form when
validating certificates in a future version
- Update to version 1.10.2:
* Fix panic when using use_system_route_table
- Update to version 1.10.1:
* Fix a bug where an unsafe route derived from the system route table could
be lost on a config reload
* Fix the PEM banner for ECDSA P256 public keys
* Fix a bug in handshake processing when a peer sends an unexpected public key
* Add a config option to control accepting recv_error packets which defaults
to always
- Update to version 1.10.0:
* Support for ipv6 and multiple ipv4/6 addresses in the overlay
* Add the ability to mark packets on linux to better target nebula packets in
...
Read the Full Advisory
Topics Covered
Patch
Package List
- openSUSE Leap 16.0:
nebula-1.10.3-bp160.1.1
nebula-cert-1.10.3-bp160.1.1
References
* https://www.suse.com/security/cve/CVE-2025-22869.html
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2026:20581-1
Rating: important
Affected Products:
openSUSE Leap 16.0
-------------------------------------------------------------
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!