Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

SUSE Linux 16.0 Go1.26 Important Security Fix Advisory 2026-21356-1

suse
Calendar Grey April 28, 2026
Dist Suse Esm H88
Update for go1.26 resolves 10 vulnerabilities with important fixes. Check the details of this significant update now.
An update that solves 10 vulnerabilities and has one fix can now be installed.

Summary

## This update for go1.26 fixes the following issues: * Update to version go1.26.2 (bsc#1255111). * CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG (bsc#1261653). * CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination (bsc#1261654). * CVE-2026-27144: cmd/compile: no-op interface conversion bypasses overlap checking (bsc#1261655). * CVE-2026-32280: crypto/x509: unexpected work during chain building (bsc#1261656). * CVE-2026-32281: crypto/x509: inefficient policy validation (bsc#1261657). * CVE-2026-32282: os: Root.Chmod can follow symlinks out of the root on Linux (bsc#1261658). * CVE-2026-32283: crypto/tls: multiple key update handshake messages can cause connection to deadlock (bsc#1261659).

References

* bsc#1255111

* bsc#1261653

* bsc#1261654

* bsc#1261655

* bsc#1261656

* bsc#1261657

* bsc#1261658

* bsc#1261659

* bsc#1261660

* bsc#1261661

* bsc#1261662

Cross-

* CVE-2026-27140

* CVE-2026-27143

* CVE-2026-27144

* CVE-2026-32280

* CVE-2026-32281

* CVE-2026-32282

* CVE-2026-32283

* CVE-2026-32288

* CVE-2026-32289

* CVE-2026-33810

CVSS scores:

* CVE-2026-27140 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

* CVE-2026-27140 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

* CVE-2026-27140 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

* CVE-2026-27143 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

* CVE-2026-27143 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:21356-1
Release Date: 2026-04-20T14:07:00Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here