Alerts This Week
Warning Icon 1 483
Alerts This Week
Warning Icon 1 483

openSUSE Tracker-Miners Moderate Denial of Service Vulnern 2026-2751-1

opensuse
Calendar Grey July 3, 2026
Dist Opensuse Esm H88
This update addresses multiple vulnerabilities in tracker-miners for openSUSE enhancing system protection and security.
An update that solves four vulnerabilities can now be installed.

Description

This update for tracker-miners fixes the following issues:

* CVE-2026-1764: heap buffer overflow leads to denial of service or

information disclosure when parsing MP3 files (bsc#1257606).

* CVE-2026-1765: denial of service and potential information disclosure via

crafted MP3 files (bsc#1257607).

* CVE-2026-1766: denial of service and information disclosure via malformed

MP3 files (bsc#1257608).

* CVE-2026-1767: heap buffer overflow leading to denial of service or

information disclosure via malformed MP3 ID3 tags (bsc#1257609).

Patch

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like

YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4

zypper in -t patch SUSE-2026-2751=1

Package List

* openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64)

* tracker-miner-files-3.2.2-150400.3.10.1

* tracker-miner-files-debuginfo-3.2.2-150400.3.10.1

* tracker-miners-debuginfo-3.2.2-150400.3.10.1

* tracker-miners-debugsource-3.2.2-150400.3.10.1

* tracker-miners-3.2.2-150400.3.10.1

* openSUSE Leap 15.4 (noarch)

* tracker-miners-lang-3.2.2-150400.3.10.1

References

* bsc#1257606

* bsc#1257607

* bsc#1257608

* bsc#1257609

## References:

* https://www.suse.com/security/cve/CVE-2026-1764.html

* https://www.suse.com/security/cve/CVE-2026-1765.html

* https://www.suse.com/security/cve/CVE-2026-1766.html

* https://www.suse.com/security/cve/CVE-2026-1767.html

* https://bugzilla.suse.com/show_bug.cgi?id=1257606

* https://bugzilla.suse.com/show_bug.cgi?id=1257607

* https://bugzilla.suse.com/show_bug.cgi?id=1257608

* https://bugzilla.suse.com/show_bug.cgi?id=1257609

Severity
moderate
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:2751-1
Release Date: 2026-07-03T13:58:39Z
Affected Products: * openSUSE Leap 15.4

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here