Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Ubuntu Server 20.04.5 TLS OpenSSH Critical Patch USN-5011-1

suse
Calendar Grey May 4, 2026
Dist Suse Esm H88
SUSE releases update for libsodium addressing two moderate issues. Install to ensure system integrity through cryptographic fixes.
An update that solves two vulnerabilities can now be installed.

Summary

## This update for libsodium fixes the following issues: Security fixes: * CVE-2025-15444: Cryptographic bypass via improper elliptic curve point validation (bsc#1256070). * CVE-2025-69277: incorrect validation of elliptic curve points certain custom cryptography or untrusted data to crypto_core_ed25519_is_valid_point function (bsc#1255764). Other fixes: * Update to 1.0.21 * The new crypto_ipcrypt_* functions implement mechanisms for securely encrypting and anonymizing IP addresses. * The sodium_bin2ip and sodium_ip2bin helper functions have been added to complement the crypto_ipcrypt_* functions and easily convert addresses between bytes and strings. * XOF: the crypto_xof_shake _and crypto_xof_turboshake_ functions are

References

* bsc#1255764

* bsc#1256070

Cross-

* CVE-2025-15444

* CVE-2025-69277

CVSS scores:

* CVE-2025-15444 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

* CVE-2025-15444 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

* CVE-2025-69277 ( SUSE ): 4.8

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

* CVE-2025-69277 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

* CVE-2025-69277 ( NVD ): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

Affected Products:

* SUSE Linux Enterprise Server 16.0

* SUSE Linux Enterprise Server for SAP applications 16.0

An update that solves two vulnerabilities can now be installed.

##

* https://www.suse.com/security/cve/CVE-2025-15444.html

* https://www.suse.com/security/cve/CVE-2025-69277.html

Announcement ID: SUSE-SU-2026:21422-1
Release Date: 2026-04-28T15:27:44Z
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here