Alerts This Week
Warning Icon 1 1,153
Alerts This Week
Warning Icon 1 1,153

openSUSE Leap 16.0 SNPGuest Memory Exhaustion Patch 20380-1 CVE-2026-25727

opensuse
Calendar Grey March 25, 2026
Dist Opensuse Esm H88
Critical openSUSE update for snpguest addresses important vulnerabilities along with bug fixes. Learn more!
An update that solves one vulnerability and has 2 bug fixes can now be installed.

Description

This update for snpguest fixes the following issues:

- CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion (bsc#1257927).

- Update to version 0.10.0 (bsc#1257877):

* chore: updating tool version to 0.10.0

* refactor(certs): remove redundant branch in file-write logic

* Docs: Adding verify measure, host-data, report-data to docs

* verify: verify measurent, host data, and report data attributes from the attestation report.

* library: Updating sev library to 7.1.0

* ci: replace deprecated gh actions

* feat: multi-format integer parsing for key subcommand arguments

* chore(main): remove unused import `clap::arg`

* feat(fetch): add fetch crl subcommand

* .github/lint: Bump toolchain version to 1.86

* Bump rust version to 1.86

* feat: bumping tool to version 0.9.2

* fix(verify): silence mismatched_lifetime_syntaxes in SnpOid::oid

* feat: support SEV-SNP ABI Spec 1.58 (bump sev to v6.3.0)

* docs:...

Read the Full Advisory

Patch

Package List

- openSUSE Leap 16.0:

snpguest-0.10.0-160000.1.1

References

* bsc#1257877

* bsc#1257927

References:

* https://www.suse.com/security/cve/CVE-2026-25727.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2026:20380-1
Rating: important
Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here