Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 719 articles for you...
100
security advisorybuffer overflowimportantopenSUSE 2026-2328-1 Xen Important Buffer Overflow Patch
An update that solves four vulnerabilities can now be installed.. # Security update for xen Announcement ID: SUSE-SU-2026:2328-1 Release Date: 2026-06-10T07:39:28Z Rating: important References: * bsc#1266952 * bsc#1266953 * bsc#1266955 Cross-References: * CVE-2026-42487 * CVE-2026-42488 * CVE-2026-42489 * CVE-2026-42490 CVSS scores: * CVE-2026-42487 ( SUSE ): 8.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-42487 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-42488 ( SUSE ): 8.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-42488 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-42489 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2026-42489 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2026-42490 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2026-42490 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2026-42487: x86 HVM I/O port list traversal (bsc#1266952). * CVE-2026-42488: x86: mismatched mapcache metadata (bsc#1266955). * CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse (bsc#1266953). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommendedinstallation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2328=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2328=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2328=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2328=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2328=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2328=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64 i586) * xen-tools-domU-4.17.6_12-150500.3.73.1 * xen-libs-debuginfo-4.17.6_12-150500.3.73.1 * xen-tools-domU-debuginfo-4.17.6_12-150500.3.73.1 * xen-debugsource-4.17.6_12-150500.3.73.1 * xen-libs-4.17.6_12-150500.3.73.1 * xen-devel-4.17.6_12-150500.3.73.1 * openSUSE Leap 15.5 (x86_64) * xen-libs-32bit-4.17.6_12-150500.3.73.1 * xen-libs-32bit-debuginfo-4.17.6_12-150500.3.73.1 * openSUSE Leap 15.5 (aarch64 x86_64) * xen-4.17.6_12-150500.3.73.1 * xen-tools-debuginfo-4.17.6_12-150500.3.73.1 * xen-doc-html-4.17.6_12-150500.3.73.1 * xen-tools-4.17.6_12-150500.3.73.1 * openSUSE Leap 15.5 (noarch) * xen-tools-xendomains-wait-disk-4.17.6_12-150500.3.73.1 * openSUSE Leap 15.5 (aarch64_ilp32) * xen-libs-64bit-debuginfo-4.17.6_12-150500.3.73.1 * xen-libs-64bit-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * xen-libs-debuginfo-4.17.6_12-150500.3.73.1 * xen-debugsource-4.17.6_12-150500.3.73.1 * xen-libs-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * xen-tools-domU-4.17.6_12-150500.3.73.1 *xen-tools-debuginfo-4.17.6_12-150500.3.73.1 * xen-libs-debuginfo-4.17.6_12-150500.3.73.1 * xen-tools-domU-debuginfo-4.17.6_12-150500.3.73.1 * xen-4.17.6_12-150500.3.73.1 * xen-debugsource-4.17.6_12-150500.3.73.1 * xen-libs-4.17.6_12-150500.3.73.1 * xen-tools-4.17.6_12-150500.3.73.1 * xen-devel-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * xen-tools-xendomains-wait-disk-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * xen-tools-domU-4.17.6_12-150500.3.73.1 * xen-tools-debuginfo-4.17.6_12-150500.3.73.1 * xen-libs-debuginfo-4.17.6_12-150500.3.73.1 * xen-tools-domU-debuginfo-4.17.6_12-150500.3.73.1 * xen-4.17.6_12-150500.3.73.1 * xen-debugsource-4.17.6_12-150500.3.73.1 * xen-libs-4.17.6_12-150500.3.73.1 * xen-tools-4.17.6_12-150500.3.73.1 * xen-devel-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * xen-tools-xendomains-wait-disk-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * xen-tools-domU-4.17.6_12-150500.3.73.1 * xen-tools-debuginfo-4.17.6_12-150500.3.73.1 * xen-libs-debuginfo-4.17.6_12-150500.3.73.1 * xen-tools-domU-debuginfo-4.17.6_12-150500.3.73.1 * xen-4.17.6_12-150500.3.73.1 * xen-debugsource-4.17.6_12-150500.3.73.1 * xen-libs-4.17.6_12-150500.3.73.1 * xen-tools-4.17.6_12-150500.3.73.1 * xen-devel-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * xen-tools-xendomains-wait-disk-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * xen-tools-domU-4.17.6_12-150500.3.73.1 * xen-tools-debuginfo-4.17.6_12-150500.3.73.1 * xen-libs-debuginfo-4.17.6_12-150500.3.73.1 * xen-tools-domU-debuginfo-4.17.6_12-150500.3.73.1 * xen-4.17.6_12-150500.3.73.1 * xen-debugsource-4.17.6_12-150500.3.73.1 *xen-libs-4.17.6_12-150500.3.73.1 * xen-tools-4.17.6_12-150500.3.73.1 * xen-devel-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * xen-tools-xendomains-wait-disk-4.17.6_12-150500.3.73.1 ## References: * https://www.suse.com/security/cve/CVE-2026-42487.html * https://www.suse.com/security/cve/CVE-2026-42488.html * https://www.suse.com/security/cve/CVE-2026-42489.html * https://www.suse.com/security/cve/CVE-2026-42490.html * https://bugzilla.suse.com/show_bug.cgi?id=1266952 * https://bugzilla.suse.com/show_bug.cgi?id=1266953 * https://bugzilla.suse.com/show_bug.cgi?id=1266955 . This important update for openSUSE addresses multiple security issues in xen. Immediate installation is recommended.. openSUSE security, xen update, important fixes, Linux vulnerabilities. . Severity: Important. LinuxSecurity.com Team
Jun 10, 2026
•Important
SuSE
202
security advisoryupdatethreatopenSUSE Security Notice 2026-2328-1 Significant Updates on Four Xen Risks
An update that solves four vulnerabilities can now be installed.. # Security update for xen Announcement ID: SUSE-SU-2026:2328-1 Release Date: 2026-06-10T07:39:28Z Rating: important References: * bsc#1266952 * bsc#1266953 * bsc#1266955 Cross-References: * CVE-2026-42487 * CVE-2026-42488 * CVE-2026-42489 * CVE-2026-42490 CVSS scores: * CVE-2026-42487 ( SUSE ): 8.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-42487 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-42488 ( SUSE ): 8.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-42488 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-42489 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2026-42489 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2026-42490 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2026-42490 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2026-42487: x86 HVM I/O port list traversal (bsc#1266952). * CVE-2026-42488: x86: mismatched mapcache metadata (bsc#1266955). * CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse (bsc#1266953). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommendedinstallation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2328=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2328=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2328=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2328=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2328=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2328=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64 i586) * xen-tools-domU-4.17.6_12-150500.3.73.1 * xen-libs-debuginfo-4.17.6_12-150500.3.73.1 * xen-tools-domU-debuginfo-4.17.6_12-150500.3.73.1 * xen-debugsource-4.17.6_12-150500.3.73.1 * xen-libs-4.17.6_12-150500.3.73.1 * xen-devel-4.17.6_12-150500.3.73.1 * openSUSE Leap 15.5 (x86_64) * xen-libs-32bit-4.17.6_12-150500.3.73.1 * xen-libs-32bit-debuginfo-4.17.6_12-150500.3.73.1 * openSUSE Leap 15.5 (aarch64 x86_64) * xen-4.17.6_12-150500.3.73.1 * xen-tools-debuginfo-4.17.6_12-150500.3.73.1 * xen-doc-html-4.17.6_12-150500.3.73.1 * xen-tools-4.17.6_12-150500.3.73.1 * openSUSE Leap 15.5 (noarch) * xen-tools-xendomains-wait-disk-4.17.6_12-150500.3.73.1 * openSUSE Leap 15.5 (aarch64_ilp32) * xen-libs-64bit-debuginfo-4.17.6_12-150500.3.73.1 * xen-libs-64bit-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * xen-libs-debuginfo-4.17.6_12-150500.3.73.1 * xen-debugsource-4.17.6_12-150500.3.73.1 * xen-libs-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * xen-tools-domU-4.17.6_12-150500.3.73.1 *xen-tools-debuginfo-4.17.6_12-150500.3.73.1 * xen-libs-debuginfo-4.17.6_12-150500.3.73.1 * xen-tools-domU-debuginfo-4.17.6_12-150500.3.73.1 * xen-4.17.6_12-150500.3.73.1 * xen-debugsource-4.17.6_12-150500.3.73.1 * xen-libs-4.17.6_12-150500.3.73.1 * xen-tools-4.17.6_12-150500.3.73.1 * xen-devel-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * xen-tools-xendomains-wait-disk-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * xen-tools-domU-4.17.6_12-150500.3.73.1 * xen-tools-debuginfo-4.17.6_12-150500.3.73.1 * xen-libs-debuginfo-4.17.6_12-150500.3.73.1 * xen-tools-domU-debuginfo-4.17.6_12-150500.3.73.1 * xen-4.17.6_12-150500.3.73.1 * xen-debugsource-4.17.6_12-150500.3.73.1 * xen-libs-4.17.6_12-150500.3.73.1 * xen-tools-4.17.6_12-150500.3.73.1 * xen-devel-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * xen-tools-xendomains-wait-disk-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * xen-tools-domU-4.17.6_12-150500.3.73.1 * xen-tools-debuginfo-4.17.6_12-150500.3.73.1 * xen-libs-debuginfo-4.17.6_12-150500.3.73.1 * xen-tools-domU-debuginfo-4.17.6_12-150500.3.73.1 * xen-4.17.6_12-150500.3.73.1 * xen-debugsource-4.17.6_12-150500.3.73.1 * xen-libs-4.17.6_12-150500.3.73.1 * xen-tools-4.17.6_12-150500.3.73.1 * xen-devel-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * xen-tools-xendomains-wait-disk-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * xen-tools-domU-4.17.6_12-150500.3.73.1 * xen-tools-debuginfo-4.17.6_12-150500.3.73.1 * xen-libs-debuginfo-4.17.6_12-150500.3.73.1 * xen-tools-domU-debuginfo-4.17.6_12-150500.3.73.1 * xen-4.17.6_12-150500.3.73.1 * xen-debugsource-4.17.6_12-150500.3.73.1 *xen-libs-4.17.6_12-150500.3.73.1 * xen-tools-4.17.6_12-150500.3.73.1 * xen-devel-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * xen-tools-xendomains-wait-disk-4.17.6_12-150500.3.73.1 ## References: * https://www.suse.com/security/cve/CVE-2026-42487.html * https://www.suse.com/security/cve/CVE-2026-42488.html * https://www.suse.com/security/cve/CVE-2026-42489.html * https://www.suse.com/security/cve/CVE-2026-42490.html * https://bugzilla.suse.com/show_bug.cgi?id=1266952 * https://bugzilla.suse.com/show_bug.cgi?id=1266953 * https://bugzilla.suse.com/show_bug.cgi?id=1266955 . Install the latest openSUSE xen update for important fixes addressing four vulnerabilities promptly.. xen security advisory, openSUSE update, important vulnerabilities. . Severity: Important. LinuxSecurity.com Team
Jun 10, 2026
•Important
OpenSUSE
202
security advisorydenial of servicesecurity issueopenSUSE Leap 15.6 Important Xen Denial of Service Fix SUSE-SU-2026-2329-1
An update that solves four vulnerabilities can now be installed.. # Security update for xen Announcement ID: SUSE-SU-2026:2329-1 Release Date: 2026-06-10T07:39:36Z Rating: important References: * bsc#1266952 * bsc#1266953 * bsc#1266955 Cross-References: * CVE-2026-42487 * CVE-2026-42488 * CVE-2026-42489 * CVE-2026-42490 CVSS scores: * CVE-2026-42487 ( SUSE ): 8.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-42487 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-42488 ( SUSE ): 8.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-42488 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-42489 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2026-42489 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2026-42490 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2026-42490 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2026-42487: x86 HVM I/O port list traversal (bsc#1266952). * CVE-2026-42488: x86: mismatched mapcache metadata (bsc#1266955). * CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse (bsc#1266953). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2329=1 * SUSE Linux Enterprise Server 15 SP6LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2329=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2329=1 ## Package List: * openSUSE Leap 15.6 (aarch64 x86_64 i586) * xen-devel-4.18.5_18-150600.3.50.1 * xen-libs-debuginfo-4.18.5_18-150600.3.50.1 * xen-libs-4.18.5_18-150600.3.50.1 * xen-tools-domU-4.18.5_18-150600.3.50.1 * xen-debugsource-4.18.5_18-150600.3.50.1 * xen-tools-domU-debuginfo-4.18.5_18-150600.3.50.1 * openSUSE Leap 15.6 (x86_64) * xen-libs-32bit-4.18.5_18-150600.3.50.1 * xen-libs-32bit-debuginfo-4.18.5_18-150600.3.50.1 * openSUSE Leap 15.6 (aarch64 x86_64) * xen-tools-4.18.5_18-150600.3.50.1 * xen-4.18.5_18-150600.3.50.1 * xen-doc-html-4.18.5_18-150600.3.50.1 * xen-tools-debuginfo-4.18.5_18-150600.3.50.1 * openSUSE Leap 15.6 (noarch) * xen-tools-xendomains-wait-disk-4.18.5_18-150600.3.50.1 * openSUSE Leap 15.6 (aarch64_ilp32) * xen-libs-64bit-4.18.5_18-150600.3.50.1 * xen-libs-64bit-debuginfo-4.18.5_18-150600.3.50.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (x86_64) * xen-devel-4.18.5_18-150600.3.50.1 * xen-tools-debuginfo-4.18.5_18-150600.3.50.1 * xen-tools-4.18.5_18-150600.3.50.1 * xen-tools-domU-debuginfo-4.18.5_18-150600.3.50.1 * xen-libs-debuginfo-4.18.5_18-150600.3.50.1 * xen-libs-4.18.5_18-150600.3.50.1 * xen-tools-domU-4.18.5_18-150600.3.50.1 * xen-debugsource-4.18.5_18-150600.3.50.1 * xen-4.18.5_18-150600.3.50.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * xen-tools-xendomains-wait-disk-4.18.5_18-150600.3.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64) * xen-devel-4.18.5_18-150600.3.50.1 * xen-tools-debuginfo-4.18.5_18-150600.3.50.1 * xen-tools-4.18.5_18-150600.3.50.1 * xen-tools-domU-debuginfo-4.18.5_18-150600.3.50.1 * xen-libs-debuginfo-4.18.5_18-150600.3.50.1 * xen-libs-4.18.5_18-150600.3.50.1 *xen-tools-domU-4.18.5_18-150600.3.50.1 * xen-debugsource-4.18.5_18-150600.3.50.1 * xen-4.18.5_18-150600.3.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * xen-tools-xendomains-wait-disk-4.18.5_18-150600.3.50.1 ## References: * https://www.suse.com/security/cve/CVE-2026-42487.html * https://www.suse.com/security/cve/CVE-2026-42488.html * https://www.suse.com/security/cve/CVE-2026-42489.html * https://www.suse.com/security/cve/CVE-2026-42490.html * https://bugzilla.suse.com/show_bug.cgi?id=1266952 * https://bugzilla.suse.com/show_bug.cgi?id=1266953 * https://bugzilla.suse.com/show_bug.cgi?id=1266955 . Critical vulnerabilities in xen require immediate attention for openSUSE users to ensure system security and functionality.. openSUSE xen security important patches vulnerabilities. . Severity: Important. LinuxSecurity.com Team
Jun 10, 2026
•Important
OpenSUSE
100
security advisoryupdatethreatopenSUSE Important xen Patch for Multiple Threats SUSE-2026-2329-1
An update that solves four vulnerabilities can now be installed.. # Security update for xen Announcement ID: SUSE-SU-2026:2329-1 Release Date: 2026-06-10T07:39:36Z Rating: important References: * bsc#1266952 * bsc#1266953 * bsc#1266955 Cross-References: * CVE-2026-42487 * CVE-2026-42488 * CVE-2026-42489 * CVE-2026-42490 CVSS scores: * CVE-2026-42487 ( SUSE ): 8.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-42487 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-42488 ( SUSE ): 8.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-42488 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-42489 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2026-42489 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2026-42490 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2026-42490 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2026-42487: x86 HVM I/O port list traversal (bsc#1266952). * CVE-2026-42488: x86: mismatched mapcache metadata (bsc#1266955). * CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse (bsc#1266953). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2329=1 * SUSE Linux Enterprise Server 15 SP6LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2329=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2329=1 ## Package List: * openSUSE Leap 15.6 (aarch64 x86_64 i586) * xen-devel-4.18.5_18-150600.3.50.1 * xen-libs-debuginfo-4.18.5_18-150600.3.50.1 * xen-libs-4.18.5_18-150600.3.50.1 * xen-tools-domU-4.18.5_18-150600.3.50.1 * xen-debugsource-4.18.5_18-150600.3.50.1 * xen-tools-domU-debuginfo-4.18.5_18-150600.3.50.1 * openSUSE Leap 15.6 (x86_64) * xen-libs-32bit-4.18.5_18-150600.3.50.1 * xen-libs-32bit-debuginfo-4.18.5_18-150600.3.50.1 * openSUSE Leap 15.6 (aarch64 x86_64) * xen-tools-4.18.5_18-150600.3.50.1 * xen-4.18.5_18-150600.3.50.1 * xen-doc-html-4.18.5_18-150600.3.50.1 * xen-tools-debuginfo-4.18.5_18-150600.3.50.1 * openSUSE Leap 15.6 (noarch) * xen-tools-xendomains-wait-disk-4.18.5_18-150600.3.50.1 * openSUSE Leap 15.6 (aarch64_ilp32) * xen-libs-64bit-4.18.5_18-150600.3.50.1 * xen-libs-64bit-debuginfo-4.18.5_18-150600.3.50.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (x86_64) * xen-devel-4.18.5_18-150600.3.50.1 * xen-tools-debuginfo-4.18.5_18-150600.3.50.1 * xen-tools-4.18.5_18-150600.3.50.1 * xen-tools-domU-debuginfo-4.18.5_18-150600.3.50.1 * xen-libs-debuginfo-4.18.5_18-150600.3.50.1 * xen-libs-4.18.5_18-150600.3.50.1 * xen-tools-domU-4.18.5_18-150600.3.50.1 * xen-debugsource-4.18.5_18-150600.3.50.1 * xen-4.18.5_18-150600.3.50.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * xen-tools-xendomains-wait-disk-4.18.5_18-150600.3.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64) * xen-devel-4.18.5_18-150600.3.50.1 * xen-tools-debuginfo-4.18.5_18-150600.3.50.1 * xen-tools-4.18.5_18-150600.3.50.1 * xen-tools-domU-debuginfo-4.18.5_18-150600.3.50.1 * xen-libs-debuginfo-4.18.5_18-150600.3.50.1 * xen-libs-4.18.5_18-150600.3.50.1 *xen-tools-domU-4.18.5_18-150600.3.50.1 * xen-debugsource-4.18.5_18-150600.3.50.1 * xen-4.18.5_18-150600.3.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * xen-tools-xendomains-wait-disk-4.18.5_18-150600.3.50.1 ## References: * https://www.suse.com/security/cve/CVE-2026-42487.html * https://www.suse.com/security/cve/CVE-2026-42488.html * https://www.suse.com/security/cve/CVE-2026-42489.html * https://www.suse.com/security/cve/CVE-2026-42490.html * https://bugzilla.suse.com/show_bug.cgi?id=1266952 * https://bugzilla.suse.com/show_bug.cgi?id=1266953 * https://bugzilla.suse.com/show_bug.cgi?id=1266955 . Critical update for SUSE addressing multiple threats in xen with important patches to enhance security and stability.. SUSE Linux,xen security patch,openSUSE update,system vulnerabilities. . Severity: Important. LinuxSecurity.com Team
Jun 10, 2026
•Important
SuSE
100
security advisorycriticalSuSESUSE MariaDB Critical Security Fix 12 Vulnerabilities 2026-2330-1
An update that solves 12 vulnerabilities can now be installed.. # Security update for mariadb Announcement ID: SUSE-SU-2026:2330-1 Release Date: 2026-06-10T07:39:59Z Rating: critical References: * bsc#1259176 * bsc#1261413 * bsc#1266435 * bsc#1266437 * bsc#1266438 * bsc#1266439 * bsc#1266440 * bsc#1266441 * bsc#1266442 * bsc#1266814 * bsc#1266815 * bsc#1267542 Cross-References: * CVE-2026-34303 * CVE-2026-3494 * CVE-2026-35549 * CVE-2026-44168 * CVE-2026-44169 * CVE-2026-44170 * CVE-2026-44171 * CVE-2026-44172 * CVE-2026-44173 * CVE-2026-48163 * CVE-2026-48165 * CVE-2026-49261 CVSS scores: * CVE-2026-34303 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3494 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-3494 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2026-3494 ( NVD ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-3494 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2026-35549 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-35549 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35549 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-44168 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-44168 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-44169 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-44169 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-44170 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-44171 ( SUSE ): 5.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-44171 ( SUSE ): 6.3CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2026-44172 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-44173 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L * CVE-2026-44173 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L * CVE-2026-48163 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-48163 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-48165 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-48165 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-49261 ( SUSE ): 9.4 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-49261 ( SUSE ): 9.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * Galera for Ericsson 15 SP7 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves 12 vulnerabilities can now be installed. ## Description: This update for mariadb fixes the following issues: * CVE-2026-3494: audit plugin comment handling bypass (bsc#1259176). * CVE-2026-34303: mysql: optimizer unspecified vulnerability (bsc#1266435). * CVE-2026-35549: SHA2 auth plugin crash on large packets (bsc#1261413). * CVE-2026-44168: wsrep SST unsafe parameter handling on the donor side (bsc#1266442). * CVE-2026-44169: authorization bypass in role-based routine-level privilege check exposes stored routine definitions (bsc#1266441). * CVE-2026-44170: argument injection in CONNECT REST Xcurl on Windows via unsanitized URL (bsc#1266440). * CVE-2026-44171: path traversal in mbstream (bsc#1266439). * CVE-2026-44172: mysql_real_escape_string() incorrectly handled big5 (bsc#1266438). * CVE-2026-44173: FILEprivilege was not checked for subqueries in the FROM clause (bsc#1266437). * CVE-2026-48163: wsrep SST unsafe parameter handling on the donor side (bsc#1266815). * CVE-2026-48165: unsafe usage of `wsrep_sst_receive_address` values on the joiner side (bsc#1266814). * CVE-2026-49261: unsafe parameter handling in `wsrep_notify_cmd` (bsc#1267542). Changes for mariadb: * Update to 11.8.8: https://mariadb.com/docs/release-notes/community- server/11.8/11.8.8 https://mariadb.com/docs/release-notes/community- server/changelogs/11.8/11.8.8 * Update to 11.8.7: https://mariadb.com/docs/release-notes/community- server/11.8/11.8.7 https://mariadb.com/docs/release-notes/community- server/changelogs/11.8/11.8.7 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-2330=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2330=1 * Galera for Ericsson 15 SP7 zypper in -t patch SUSE-SLE-Product-SLES-15-SP7-ERICSSON-2026-2330=1 ## Package List: * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libmariadbd-devel-11.8.8-150700.3.15.1 * mariadb-debugsource-11.8.8-150700.3.15.1 * libmariadbd19-debuginfo-11.8.8-150700.3.15.1 * mariadb-11.8.8-150700.3.15.1 * mariadb-client-11.8.8-150700.3.15.1 * libmariadbd19-11.8.8-150700.3.15.1 * mariadb-client-debuginfo-11.8.8-150700.3.15.1 * mariadb-debuginfo-11.8.8-150700.3.15.1 * mariadb-tools-11.8.8-150700.3.15.1 * mariadb-tools-debuginfo-11.8.8-150700.3.15.1 * Server Applications Module 15-SP7 (noarch) * mariadb-errormessages-11.8.8-150700.3.15.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * mariadb-debuginfo-11.8.8-150700.3.15.1 *mariadb-debugsource-11.8.8-150700.3.15.1 * mariadb-galera-11.8.8-150700.3.15.1 * Galera for Ericsson 15 SP7 (x86_64) * mariadb-debuginfo-11.8.8-150700.3.15.1 * mariadb-debugsource-11.8.8-150700.3.15.1 * mariadb-galera-11.8.8-150700.3.15.1 ## References: * https://www.suse.com/security/cve/CVE-2026-34303.html * https://www.suse.com/security/cve/CVE-2026-3494.html * https://www.suse.com/security/cve/CVE-2026-35549.html * https://www.suse.com/security/cve/CVE-2026-44168.html * https://www.suse.com/security/cve/CVE-2026-44169.html * https://www.suse.com/security/cve/CVE-2026-44170.html * https://www.suse.com/security/cve/CVE-2026-44171.html * https://www.suse.com/security/cve/CVE-2026-44172.html * https://www.suse.com/security/cve/CVE-2026-44173.html * https://www.suse.com/security/cve/CVE-2026-48163.html * https://www.suse.com/security/cve/CVE-2026-48165.html * https://www.suse.com/security/cve/CVE-2026-49261.html * https://bugzilla.suse.com/show_bug.cgi?id=1259176 * https://bugzilla.suse.com/show_bug.cgi?id=1261413 * https://bugzilla.suse.com/show_bug.cgi?id=1266435 * https://bugzilla.suse.com/show_bug.cgi?id=1266437 * https://bugzilla.suse.com/show_bug.cgi?id=1266438 * https://bugzilla.suse.com/show_bug.cgi?id=1266439 * https://bugzilla.suse.com/show_bug.cgi?id=1266440 * https://bugzilla.suse.com/show_bug.cgi?id=1266441 * https://bugzilla.suse.com/show_bug.cgi?id=1266442 * https://bugzilla.suse.com/show_bug.cgi?id=1266814 * https://bugzilla.suse.com/show_bug.cgi?id=1266815 * https://bugzilla.suse.com/show_bug.cgi?id=1267542 . Critical security update for MariaDB on SUSE resolves 12 vulnerabilities. Install recommended patches immediately.. MariaDB security patch, SUSE Linux vulnerabilities, critical update. . Severity: Critical. LinuxSecurity.com Team
Jun 10, 2026
•Critical
SuSE
172
security advisorymemory corruptionremote attackUbuntu 22.04 LTS Exim4 Moderate Regression CVE-2023-42117
USN-6455-1 introduced a regression in Exim. ========================================================================== Ubuntu Security Notice USN-6455-2 June 10, 2026 exim4 regression ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS Summary: USN-6455-1 introduced a regression in Exim Software Description: - exim4: Exim is a mail transport agent Details: USN-6455-1 fixed vulnerabilities in Exim. The fix for CVE-2023-42117 introduced a regression on Ubuntu 22.04 LTS that resulted in certain connections logging a Taint mismatch error. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Exim incorrectly handled validation of user-supplied data, which could lead to memory corruption. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2023-42117) It was discovered that Exim incorrectly handled validation of user-supplied data, which could lead to an out-of-bounds read. An attacker could possibly use this issue to expose sensitive information. (CVE-2023-42119) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS exim4 4.95-4ubuntu2.10 exim4-daemon-heavy 4.95-4ubuntu2.10 exim4-daemon-light 4.95-4ubuntu2.10 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6455-2 https://ubuntu.com/security/notices/USN-6455-1 https://launchpad.net/bugs/2152830 Package Information: https://launchpad.net/ubuntu/+source/exim4/4.95-4ubuntu2.10 . Exim on Ubuntu 22.04 LTS had a regression after security fix USN-6455-1, affecting stability when handling user data.. Ubuntu Security, Exim4 Malware, Memory Corruption Fix, Remote Attack Vulnerability, Exim Regression Update. . Severity: Important.LinuxSecurity.com Team
Jun 10, 2026
•Important
Ubuntu
100
security advisorySuSEimportantSUSE StrongSwan Important Double-Free CVE-2026-47895 Advisory 2026-2312-1
An update that solves one vulnerability can now be installed.. # Security update for strongswan Announcement ID: SUSE-SU-2026:2312-1 Release Date: 2026-06-09T12:49:40Z Rating: important References: * bsc#1266360 Cross-References: * CVE-2026-47895 CVSS scores: * CVE-2026-47895 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-47895 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for strongswan fixes the following issue * CVE-2026-47895: double-free when destroying certain cloned identities (bsc#1266360). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-2312=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2312=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * strongswan-debugsource-5.1.3-26.38.1 * strongswan-ipsec-5.1.3-26.38.1 * strongswan-5.1.3-26.38.1 * strongswan-libs0-debuginfo-5.1.3-26.38.1 * strongswan-libs0-5.1.3-26.38.1 * strongswan-hmac-5.1.3-26.38.1 * strongswan-ipsec-debuginfo-5.1.3-26.38.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * strongswan-doc-5.1.3-26.38.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * strongswan-debugsource-5.1.3-26.38.1 *strongswan-ipsec-5.1.3-26.38.1 * strongswan-5.1.3-26.38.1 * strongswan-libs0-debuginfo-5.1.3-26.38.1 * strongswan-libs0-5.1.3-26.38.1 * strongswan-hmac-5.1.3-26.38.1 * strongswan-ipsec-debuginfo-5.1.3-26.38.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * strongswan-doc-5.1.3-26.38.1 ## References: * https://www.suse.com/security/cve/CVE-2026-47895.html * https://bugzilla.suse.com/show_bug.cgi?id=1266360 . SUSE releases important security update for strongswan addressing double-free vulnerability CVE-2026-47895. Update now available!. SUSE strongswan security CVE-2026-47895 double-free. . Severity: Important. LinuxSecurity.com Team
Jun 10, 2026
•Important
SuSE
100
security advisorySuSEimportantSUSE vim Important Command Injection Buffer Overflow Update 2026-2313-1
An update that solves six vulnerabilities and has one security fix can now be installed.. # Security update for vim Announcement ID: SUSE-SU-2026:2313-1 Release Date: 2026-06-09T12:51:12Z Rating: important References: * bsc#1261833 * bsc#1262395 * bsc#1264706 * bsc#1264707 * bsc#1264708 * bsc#1265349 * bsc#1265360 Cross-References: * CVE-2026-39881 * CVE-2026-42307 * CVE-2026-43961 * CVE-2026-44656 * CVE-2026-45130 * CVE-2026-46483 CVSS scores: * CVE-2026-39881 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39881 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N * CVE-2026-39881 ( NVD ): 5.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:N * CVE-2026-39881 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-42307 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-43961 ( SUSE ): 5.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43961 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2026-44656 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-44656 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-44656 ( NVD ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-44656 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-45130 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2026-45130 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-45130 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2026-46483 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46483 ( SUSE ): 7.8CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-46483 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-46483 ( NVD ): 3.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves six vulnerabilities and has one security fix can now be installed. ## Description: This update for vim fixes the following issues * CVE-2026-39881: command injection in NetBeans interface can lead to arbitrary file reads and writes (bsc#1261833). * CVE-2026-42307: Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim (bsc#1264706). * CVE-2026-43961: Vimscript Code Injection in netrw NetrwMarkFile() via crafted filename (bsc#1265349). * CVE-2026-44656: Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's: find command-line completion (bsc#1264707). * CVE-2026-45130: Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 encoding active (bsc#1264708). * CVE-2026-46483: command injection via `tar#Vimuntar()` in `runtime/autoload/tar.vim` when decompressing `.tgz` archives on Unix-like systems (bsc#1265360). Changes for vim: * Update to v9.2.0530. * Fix for incorrectly detecting scientific parameter files as bitbake recipies. (bsc#1262395) ## Patch Instructions: To install this SUSE update use the SUSE recommended installationmethods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2313=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2313=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2313=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2313=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2313=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2313=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2313=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2313=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * vim-data-common-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * vim-small-debuginfo-9.2.0530-150000.5.94.1 * vim-debugsource-9.2.0530-150000.5.94.1 * vim-small-9.2.0530-150000.5.94.1 * vim-debuginfo-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * vim-data-common-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * vim-small-debuginfo-9.2.0530-150000.5.94.1 * vim-debugsource-9.2.0530-150000.5.94.1 * vim-small-9.2.0530-150000.5.94.1 * vim-debuginfo-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * vim-data-common-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * vim-small-debuginfo-9.2.0530-150000.5.94.1 * vim-debugsource-9.2.0530-150000.5.94.1 * vim-small-9.2.0530-150000.5.94.1 *vim-debuginfo-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * vim-data-common-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * vim-small-debuginfo-9.2.0530-150000.5.94.1 * vim-debugsource-9.2.0530-150000.5.94.1 * vim-small-9.2.0530-150000.5.94.1 * vim-debuginfo-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * vim-small-debuginfo-9.2.0530-150000.5.94.1 * gvim-9.2.0530-150000.5.94.1 * gvim-debuginfo-9.2.0530-150000.5.94.1 * vim-debugsource-9.2.0530-150000.5.94.1 * vim-debuginfo-9.2.0530-150000.5.94.1 * vim-9.2.0530-150000.5.94.1 * vim-small-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * vim-data-common-9.2.0530-150000.5.94.1 * vim-data-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * vim-small-debuginfo-9.2.0530-150000.5.94.1 * gvim-9.2.0530-150000.5.94.1 * gvim-debuginfo-9.2.0530-150000.5.94.1 * vim-debugsource-9.2.0530-150000.5.94.1 * vim-debuginfo-9.2.0530-150000.5.94.1 * vim-9.2.0530-150000.5.94.1 * vim-small-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * vim-data-common-9.2.0530-150000.5.94.1 * vim-data-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * vim-small-debuginfo-9.2.0530-150000.5.94.1 * gvim-9.2.0530-150000.5.94.1 * gvim-debuginfo-9.2.0530-150000.5.94.1 * vim-debugsource-9.2.0530-150000.5.94.1 * vim-debuginfo-9.2.0530-150000.5.94.1 * vim-9.2.0530-150000.5.94.1 * vim-small-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * vim-data-common-9.2.0530-150000.5.94.1 * vim-data-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) *vim-small-debuginfo-9.2.0530-150000.5.94.1 * gvim-9.2.0530-150000.5.94.1 * gvim-debuginfo-9.2.0530-150000.5.94.1 * vim-debugsource-9.2.0530-150000.5.94.1 * vim-debuginfo-9.2.0530-150000.5.94.1 * vim-9.2.0530-150000.5.94.1 * vim-small-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * vim-data-common-9.2.0530-150000.5.94.1 * vim-data-9.2.0530-150000.5.94.1 ## References: * https://www.suse.com/security/cve/CVE-2026-39881.html * https://www.suse.com/security/cve/CVE-2026-42307.html * https://www.suse.com/security/cve/CVE-2026-43961.html * https://www.suse.com/security/cve/CVE-2026-44656.html * https://www.suse.com/security/cve/CVE-2026-45130.html * https://www.suse.com/security/cve/CVE-2026-46483.html * https://bugzilla.suse.com/show_bug.cgi?id=1261833 * https://bugzilla.suse.com/show_bug.cgi?id=1262395 * https://bugzilla.suse.com/show_bug.cgi?id=1264706 * https://bugzilla.suse.com/show_bug.cgi?id=1264707 * https://bugzilla.suse.com/show_bug.cgi?id=1264708 * https://bugzilla.suse.com/show_bug.cgi?id=1265349 * https://bugzilla.suse.com/show_bug.cgi?id=1265360 . SUSE releases important security update for vim, addressing six vulnerabilities including command injection and buffer overflow.. vim update importance, SUSE security, command injection risks, heap overflow issues, important patches. . Severity: Important. LinuxSecurity.com Team
Jun 10, 2026
•Important
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!