SUSE Linux Micro 6.1 libsoup Important Security Update 2026-20360-1

suse

February 17, 2026

An update that solves four vulnerabilities can now be installed.

Summary

## This update for libsoup fixes the following issues: * CVE-2025-14523: flaw in HTTP header handling can lead to host header parsing discrepancy between servers and proxies and allow for request smuggling, cache poisoning and bypass of access controls (bsc#1254876). * CVE-2025-12105: heap use-after-free in message queue handling during HTTP/2 read completion can lead to undefined behavior or crash (bsc#1252555). * CVE-2026-0716: Fixed out-of-bounds read for websocket (bsc#1256418). * CVE-2026-0719: Fixed overflow for password md4sum (bsc#1256399). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1

Topics Covered

security advisory SuSE important libsoup request smuggling undefined behavior

References

* bsc#1252555

* bsc#1254876

* bsc#1256399

* bsc#1256418

Cross-

* CVE-2025-12105

* CVE-2025-14523

* CVE-2026-0716

* CVE-2026-0719

CVSS scores:

* CVE-2025-12105 ( SUSE ): 8.8

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

* CVE-2025-12105 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

* CVE-2025-12105 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2025-14523 ( SUSE ): 8.3

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

* CVE-2025-14523 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

* CVE-2025-14523 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

* CVE-2026-0716 ( SUSE ): 8.3

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2026:20360-1

Release Date: 2026-01-19T11:44:51Z

Rating: important

Topics Covered

security advisory SuSE important libsoup request smuggling undefined behavior

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

SUSE Linux Micro 6.1 libsoup Important Security Update 2026-20360-1

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

SUSE Linux Micro 6.1 libsoup Important Security Update 2026-20360-1

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!