SUSE 16.0 Opensc Low Stack Overflow Out of Bounds Vuln 2026-22126-1

suse

June 16, 2026

An update that solves four vulnerabilities can now be installed.

Summary

## This update for opensc fixes the following issues: * CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses (bsc#1261214). * CVE-2025-66037: crafted input can cause an out-of-bounds read (bsc#1261218). * CVE-2025-66038: improper compact-TLV length validation can lead to crash or unexpected behavior (bsc#1261219). * CVE-2025-66215: crafted smart card or USB device can cause a stack-buffer- overflow write (bsc#1261220). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-932=1 * SUSE Linux Enterprise Server for SAP applications 16.0

Topics Covered

security advisory SuSE stack overflow low out-of-bounds opensc

References

* bsc#1261214

* bsc#1261218

* bsc#1261219

* bsc#1261220

Cross-

* CVE-2025-49010

* CVE-2025-66037

* CVE-2025-66038

* CVE-2025-66215

CVSS scores:

* CVE-2025-49010 ( SUSE ): 1.0

CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

* CVE-2025-49010 ( SUSE ): 3.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

* CVE-2025-49010 ( NVD ): 3.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

* CVE-2025-49010 ( NVD ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

* CVE-2025-66037 ( SUSE ): 1.0

CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

* CVE-2025-66037 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

* CVE-2025-66037 ( NVD ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity

low

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2026:22126-1

Release Date: 2026-06-15T11:47:03Z

Rating: low

Topics Covered

security advisory SuSE stack overflow low out-of-bounds opensc

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

SUSE 16.0 Opensc Low Stack Overflow Out of Bounds Vuln 2026-22126-1

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

SUSE 16.0 Opensc Low Stack Overflow Out of Bounds Vuln 2026-22126-1

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!