## This update for libraw fixes the following issues: * CVE-2026-20911: heap-based buffer overflow in `HuffTable::initval`(bsc#1261673). * CVE-2026-21413: heap-based buffer overflow in `lossless_jpeg_load_raw` (bsc#1261674). * CVE-2026-24660: heap-based buffer overflow in `x3f_load_huffman` (bsc#1261676). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Workstation Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2026-1438=1 ## Package List: * SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64) * libraw16-debuginfo-0.18.9-150000.3.33.1 * libraw-debugsource-0.18.9-150000.3.33.1
* bsc#1261673
* bsc#1261674
* bsc#1261676
Cross-
* CVE-2026-20911
* CVE-2026-21413
* CVE-2026-24660
CVSS scores:
* CVE-2026-20911 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-20911 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-20911 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-21413 ( SUSE ): 7.7
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-21413 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-21413 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-24660 ( SUSE ): 7.5
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Get the latest Linux and open source security news straight to your inbox.