Alerts This Week
Warning Icon 1 1,111
Alerts This Week
Warning Icon 1 1,111

SUSE OpenSSL Important Fix for Buffer Overflow CVE-2026-28388 2026-1291-1

suse
Calendar Grey April 13, 2026
Dist Suse Esm H88
Critical security update for SUSE OpenSSL addressing multiple vulnerabilities. Ensure your systems are protected.
An update that solves five vulnerabilities can now be installed.

Summary

## This update for openssl-1_0_0 fixes the following issues: * CVE-2026-28387: Potential use-after-free in DANE client code (bsc#1260441). * CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL (bsc#1260442). * CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientInfo (bsc#1260443). * CVE-2026-31789: Heap buffer overflow in hexadecimal conversion (bsc#1260444). * CVE-2026-31790: Incorrect failure handling in RSA KEM RSASVE encapsulation (bsc#1260445). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Legacy Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP7-2026-1291=1

References

* bsc#1260441

* bsc#1260442

* bsc#1260443

* bsc#1260444

* bsc#1260445

Cross-

* CVE-2026-28387

* CVE-2026-28388

* CVE-2026-28389

* CVE-2026-31789

* CVE-2026-31790

CVSS scores:

* CVE-2026-28387 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

* CVE-2026-28388 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2026-28389 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

* CVE-2026-28389 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2026-31789 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

* CVE-2026-31790 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

* CVE-2026-31790 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* Legacy Module 15-SP7

* openSUSE Leap 15.6

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:1291-1
Release Date: 2026-04-13T08:10:19Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here