Alerts This Week
Warning Icon 1 1,153
Alerts This Week
Warning Icon 1 1,153

openSUSE Leap 16.0 util-linux Moderate Access Control Heap Buffer Issue

opensuse
Calendar Grey April 21, 2026
Dist Opensuse Esm H88
This update resolves 2 vulnerabilities in util-linux for openSUSE, addressing security and bug issues. Immediate installation recommended.
An update that solves 2 vulnerabilities and has 3 bug fixes can now be installed.

Description

This update for util-linux fixes the following issues:

Security issues:

- CVE-2025-14104: heap buffer overread in setpwnam() when processing 256-byte usernames (bsc#1254666).

- CVE-2026-3184: access control bypass due to improper hostname canonicalization in `login` (bsc#1258859).

Non security issues:

- fdisk: Fix possible partition overlay and data corruption if EBR gap is missing (bsc#1222465).

- lscpu: Add support for NVIDIA Olympus arm64 core (jsc#PED-13682).

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-510=1

Patch

Package List

- openSUSE Leap 16.0:

lastlog2-2.41.1-160000.3.1

libblkid-devel-2.41.1-160000.3.1

libblkid-devel-static-2.41.1-160000.3.1

libblkid1-2.41.1-160000.3.1

libfdisk-devel-2.41.1-160000.3.1

libfdisk-devel-static-2.41.1-160000.3.1

libfdisk1-2.41.1-160000.3.1

liblastlog2-2-2.41.1-160000.3.1

liblastlog2-devel-2.41.1-160000.3.1

libmount-devel-2.41.1-160000.3.1

libmount-devel-static-2.41.1-160000.3.1

libmount1-2.41.1-160000.3.1

libsmartcols-devel-2.41.1-160000.3.1

libsmartcols-devel-static-2.41.1-160000.3.1

libsmartcols1-2.41.1-160000.3.1

libuuid-devel-2.41.1-160000.3.1

libuuid-devel-static-2.41.1-160000.3.1

libuuid1-2.41.1-160000.3.1

python313-libmount-2.41.1-160000.3.1

util-linux-2.41.1-160000.3.1

util-linux-extra-2.41.1-160000.3.1

util-linux-lang-2.41.1-160000.3.1

util-linux-systemd-2.41.1-160000.3.1

util-linux-tty-tools-2.41.1-160000.3.1

uuidd-2.41.1-160000.3.1

References

* bsc#1222465

* bsc#1254666

* bsc#1258859

References:

* https://www.suse.com/security/cve/CVE-2025-14104.html

* https://www.suse.com/security/cve/CVE-2026-3184.html

Announcement ID: openSUSE-SU-2026:20495-1
Rating: moderate
Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here