Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

SUSE 2026 Google Cloud SAP Agent Severe Authorization Bypass CVE-2026-33186

suse
Calendar Grey April 7, 2026
Dist Suse Esm H88
Critical update for google-cloud-sap-agent in SUSE addressing significant authorization bypass issue that requires immediate action.
An update that solves one vulnerability and has one security fix can now be installed.

Summary

## This update for google-cloud-sap-agent fixes the following issue: Update to google-cloud-sap-agent 3.12 (bsc#1259816): * CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header (bsc#1260265). Changelog: * Collect WLM metric `saphanasr_angi_installed` for all OS types. * Failure handling: Remove attached disks from CG * OTE Status checks for Parameter Manager (SAP Agent) * Log command-line arguments in configureinstance. * Minor multiple reliability checks and fixes * Support custom names for restored disks in hanadiskrestore * Add newAttachedDisks to Restorer and detach them on restore failure. * Improve unit test coverage for hanadiskbackup and hanadiskrestore * Add support for refresh point tests.

References

* bsc#1259816

* bsc#1260265

Cross-

* CVE-2026-33186

CVSS scores:

* CVE-2026-33186 ( SUSE ): 8.6

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

* CVE-2026-33186 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

* CVE-2026-33186 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected Products:

* Public Cloud Module 12

* SUSE Linux Enterprise High Performance Computing 12 SP2

* SUSE Linux Enterprise High Performance Computing 12 SP3

* SUSE Linux Enterprise High Performance Computing 12 SP4

* SUSE Linux Enterprise High Performance Computing 12 SP5

* SUSE Linux Enterprise Server 12

* SUSE Linux Enterprise Server 12 SP1

* SUSE Linux Enterprise Server 12 SP2

* SUSE Linux Enterprise Server 12 SP3

* SUSE Linux Enterprise Server 12 SP4

* SUSE Linux Enterprise Server 12 SP5

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:1195-1
Release Date: 2026-04-07T09:25:22Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here