Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 558 articles for you...
100
security advisorybuffer overflowSuSESUSE Xwayland Important Use-After-Free Buffer Overflow Vuln 2026-2426-1
# Security update for xwayland Announcement ID: SUSE-SU-2026:2426-1 Release Date: 2026-06-17T09:50:05Z Rating: important References:. # Security update for xwayland Announcement ID: SUSE-SU-2026:2426-1 Release Date: 2026-06-17T09:50:05Z Rating: important References: * bsc#1266294 * bsc#1266295 * bsc#1266296 * bsc#1266297 * bsc#1266298 * bsc#1266299 * bsc#1266300 * bsc#1266301 Affected Products: * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Linux Enterprise Workstation Extension 15 SP7 An update that has eight security fixes can now be installed. ## Description: This update for xwayland fixes the following issues: * CreateSaverWindow Use-After-Free Information Disclosure. (bsc#1266301) * Font Alias Stack-based Buffer Overflow. (bsc#1266294) * GLX ChangeDrawableAttributes Out-Of-Bounds Read/Write. (bsc#1266300) * XKB Key Types Stack-based Buffer Overflow. (bsc#1266296) * XKB SetMap Request Stack-based Buffer Overflow. (bsc#1266297) * XSYNC Use-After-Free in FreeCounter(). (bsc#1266298) * XSYNC Use-After-Free in miSyncDestroyFence(). (bsc#1266295) * XSYNC Use-After-Free in SyncChangeCounter(). (bsc#1266299) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Workstation Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2026-2426=1 ## Package List: * SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64) * xwayland-24.1.5-150700.3.19.1 * xwayland-debuginfo-24.1.5-150700.3.19.1 * xwayland-debugsource-24.1.5-150700.3.19.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1266294 * https://bugzilla.suse.com/show_bug.cgi?id=1266295 * https://bugzilla.suse.com/show_bug.cgi?id=1266296 *https://bugzilla.suse.com/show_bug.cgi?id=1266297 * https://bugzilla.suse.com/show_bug.cgi?id=1266298 * https://bugzilla.suse.com/show_bug.cgi?id=1266299 * https://bugzilla.suse.com/show_bug.cgi?id=1266300 * https://bugzilla.suse.com/show_bug.cgi?id=1266301 . Important security update for xwayland addresses multiple critical issues in SUSE systems. Install patch promptly.. SUSE Security Update Xwayland Critical Issues Patch. . Severity: Important. LinuxSecurity.com Team
Jun 17, 2026 •Important SuSE 202
security advisorybuffer overflowimportantopenSUSE LibVNCServer Important Buffer Overflow Fix SUSE-SU-2026-2427-1
An update that solves one vulnerability can now be installed.. # Security update for LibVNCServer Announcement ID: SUSE-SU-2026:2427-1 Release Date: 2026-06-17T09:50:23Z Rating: important References: * bsc#1266459 Cross-References: * CVE-2026-44988 CVSS scores: * CVE-2026-44988 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-44988 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-44988 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Linux Enterprise Workstation Extension 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for LibVNCServer fixes the following issues: * CVE-2026-44988: Fixed missing validation of rectangle width in tight gradient decoding can lead to server-triggered out-of-bounds write (bsc#1266459). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2427=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2427=1 * SUSE Linux Enterprise Workstation Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2026-2427=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * LibVNCServer-devel-0.9.14-150600.3.9.1 * libvncserver1-debuginfo-0.9.14-150600.3.9.1 * libvncclient1-0.9.14-150600.3.9.1 * libvncserver1-0.9.14-150600.3.9.1 * libvncclient1-debuginfo-0.9.14-150600.3.9.1 * LibVNCServer-debugsource-0.9.14-150600.3.9.1 * SUSEPackage Hub 15 15-SP7 (aarch64 ppc64le s390x) * LibVNCServer-devel-0.9.14-150600.3.9.1 * libvncserver1-debuginfo-0.9.14-150600.3.9.1 * libvncclient1-0.9.14-150600.3.9.1 * libvncserver1-0.9.14-150600.3.9.1 * libvncclient1-debuginfo-0.9.14-150600.3.9.1 * LibVNCServer-debugsource-0.9.14-150600.3.9.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64) * libvncserver1-debuginfo-0.9.14-150600.3.9.1 * libvncclient1-0.9.14-150600.3.9.1 * libvncserver1-0.9.14-150600.3.9.1 * libvncclient1-debuginfo-0.9.14-150600.3.9.1 * LibVNCServer-debugsource-0.9.14-150600.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2026-44988.html * https://bugzilla.suse.com/show_bug.cgi?id=1266459 . Important update for openSUSE addresses CVE-2026-44988 in LibVNCServer to prevent potential server-triggered issues.. openSUSE update, LibVNCServer patch, important security fix. . Severity: Important. LinuxSecurity.com Team
Jun 17, 2026 •Important OpenSUSE 
100
security advisorybuffer overflowSuSESUSE LibVNCServer Important Buffer Overflow Vuln 2026-2427-1
An update that solves one vulnerability can now be installed.. # Security update for LibVNCServer Announcement ID: SUSE-SU-2026:2427-1 Release Date: 2026-06-17T09:50:23Z Rating: important References: * bsc#1266459 Cross-References: * CVE-2026-44988 CVSS scores: * CVE-2026-44988 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-44988 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-44988 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Linux Enterprise Workstation Extension 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for LibVNCServer fixes the following issues: * CVE-2026-44988: Fixed missing validation of rectangle width in tight gradient decoding can lead to server-triggered out-of-bounds write (bsc#1266459). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2427=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2427=1 * SUSE Linux Enterprise Workstation Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2026-2427=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * LibVNCServer-devel-0.9.14-150600.3.9.1 * libvncserver1-debuginfo-0.9.14-150600.3.9.1 * libvncclient1-0.9.14-150600.3.9.1 * libvncserver1-0.9.14-150600.3.9.1 * libvncclient1-debuginfo-0.9.14-150600.3.9.1 * LibVNCServer-debugsource-0.9.14-150600.3.9.1 * SUSEPackage Hub 15 15-SP7 (aarch64 ppc64le s390x) * LibVNCServer-devel-0.9.14-150600.3.9.1 * libvncserver1-debuginfo-0.9.14-150600.3.9.1 * libvncclient1-0.9.14-150600.3.9.1 * libvncserver1-0.9.14-150600.3.9.1 * libvncclient1-debuginfo-0.9.14-150600.3.9.1 * LibVNCServer-debugsource-0.9.14-150600.3.9.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64) * libvncserver1-debuginfo-0.9.14-150600.3.9.1 * libvncclient1-0.9.14-150600.3.9.1 * libvncserver1-0.9.14-150600.3.9.1 * libvncclient1-debuginfo-0.9.14-150600.3.9.1 * LibVNCServer-debugsource-0.9.14-150600.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2026-44988.html * https://bugzilla.suse.com/show_bug.cgi?id=1266459 . An important SUSE update for LibVNCServer fixes a critical out-of-bounds write issue to enhance system security.. LibVNCServer security update,SUSE important advisory,buffer overflow CVE-2026-44988. . Severity: Important. LinuxSecurity.com Team
Jun 17, 2026 •Important SuSE 100
security advisorySuSEvulnerabilitySUSE LibVNCServer Important Out-of-Bounds Issue Fix Advisory 2026-2428-1
An update that solves one vulnerability can now be installed.. # Security update for LibVNCServer Announcement ID: SUSE-SU-2026:2428-1 Release Date: 2026-06-17T09:50:36Z Rating: important References: * bsc#1266459 Cross-References: * CVE-2026-44988 CVSS scores: * CVE-2026-44988 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-44988 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-44988 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for LibVNCServer fixes the following issues: * CVE-2026-44988: Fixed missing validation of rectangle width in tight gradient decoding can lead to server-triggered out-of-bounds write (bsc#1266459). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-2428=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2428=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libvncclient0-0.9.9-17.47.1 * libvncserver0-debuginfo-0.9.9-17.47.1 * LibVNCServer-devel-0.9.9-17.47.1 * libvncclient0-debuginfo-0.9.9-17.47.1 * libvncserver0-0.9.9-17.47.1 * LibVNCServer-debugsource-0.9.9-17.47.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) *libvncclient0-0.9.9-17.47.1 * libvncserver0-debuginfo-0.9.9-17.47.1 * LibVNCServer-devel-0.9.9-17.47.1 * libvncclient0-debuginfo-0.9.9-17.47.1 * libvncserver0-0.9.9-17.47.1 * LibVNCServer-debugsource-0.9.9-17.47.1 ## References: * https://www.suse.com/security/cve/CVE-2026-44988.html * https://bugzilla.suse.com/show_bug.cgi?id=1266459 . Update for LibVNCServer addresses a critical out-of-bounds vulnerability with important fixes. Ensure systems are patched.. SUSE security update, LibVNCServer patch, important vulnerability fix. . Severity: Important. LinuxSecurity.com Team
Jun 17, 2026 •Important SuSE 100
security advisoryupdateSuSESUSE Docker Significant Security Alert Regarding CVE-2025-58181 Update
An update that solves one vulnerability can now be installed.. # Security update for docker Announcement ID: SUSE-SU-2026:2429-1 Release Date: 2026-06-17T09:52:58Z Rating: important References: Cross-References: * CVE-2025-58181 CVSS scores: * CVE-2025-58181 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-58181 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-58181 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP7 * Containers Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for docker fixes the following issues: * Update to Docker 29.4.0. See upstream changelog online at * Update to buildx0.33.0. See upstream changelog online at ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2429=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2429=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2429=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2429=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2429=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2429=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2429=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2429=1 * Containers Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2026-2429=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2429=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2429=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2429=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2429=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2429=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2429=1 * SUSE Linux Enterprise Server 15 SP4LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2429=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2429=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * docker-rootless-extras-29.4.0_ce-150000.250.1 * docker-bash-completion-29.4.0_ce-150000.250.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * docker-buildx-0.33.0-150000.250.1 * docker-debuginfo-29.4.0_ce-150000.250.1 * docker-29.4.0_ce-150000.250.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * docker-29.4.0_ce-150000.250.1 * docker-buildx-0.33.0-150000.250.1 * docker-debuginfo-29.4.0_ce-150000.250.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * docker-rootless-extras-29.4.0_ce-150000.250.1 * docker-bash-completion-29.4.0_ce-150000.250.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * docker-29.4.0_ce-150000.250.1 * docker-buildx-0.33.0-150000.250.1 * docker-debuginfo-29.4.0_ce-150000.250.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * docker-29.4.0_ce-150000.250.1 * docker-buildx-0.33.0-150000.250.1 * docker-debuginfo-29.4.0_ce-150000.250.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * docker-29.4.0_ce-150000.250.1 * docker-buildx-0.33.0-150000.250.1 * docker-debuginfo-29.4.0_ce-150000.250.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * docker-29.4.0_ce-150000.250.1 * docker-buildx-0.33.0-150000.250.1 * docker-debuginfo-29.4.0_ce-150000.250.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * docker-29.4.0_ce-150000.250.1 * docker-buildx-0.33.0-150000.250.1 * docker-debuginfo-29.4.0_ce-150000.250.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * docker-29.4.0_ce-150000.250.1 *docker-buildx-0.33.0-150000.250.1 * docker-debuginfo-29.4.0_ce-150000.250.1 * Containers Module 15-SP7 (noarch) * docker-rootless-extras-29.4.0_ce-150000.250.1 * docker-zsh-completion-29.4.0_ce-150000.250.1 * docker-bash-completion-29.4.0_ce-150000.250.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * docker-29.4.0_ce-150000.250.1 * docker-buildx-0.33.0-150000.250.1 * docker-debuginfo-29.4.0_ce-150000.250.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * docker-rootless-extras-29.4.0_ce-150000.250.1 * docker-zsh-completion-29.4.0_ce-150000.250.1 * docker-bash-completion-29.4.0_ce-150000.250.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * docker-29.4.0_ce-150000.250.1 * docker-buildx-0.33.0-150000.250.1 * docker-debuginfo-29.4.0_ce-150000.250.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * docker-rootless-extras-29.4.0_ce-150000.250.1 * docker-bash-completion-29.4.0_ce-150000.250.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * docker-29.4.0_ce-150000.250.1 * docker-buildx-0.33.0-150000.250.1 * docker-debuginfo-29.4.0_ce-150000.250.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * docker-rootless-extras-29.4.0_ce-150000.250.1 * docker-bash-completion-29.4.0_ce-150000.250.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * docker-29.4.0_ce-150000.250.1 * docker-buildx-0.33.0-150000.250.1 * docker-debuginfo-29.4.0_ce-150000.250.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * docker-rootless-extras-29.4.0_ce-150000.250.1 * docker-zsh-completion-29.4.0_ce-150000.250.1 * docker-bash-completion-29.4.0_ce-150000.250.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * docker-29.4.0_ce-150000.250.1 * docker-buildx-0.33.0-150000.250.1 *docker-debuginfo-29.4.0_ce-150000.250.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * docker-rootless-extras-29.4.0_ce-150000.250.1 * docker-bash-completion-29.4.0_ce-150000.250.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * docker-29.4.0_ce-150000.250.1 * docker-buildx-0.33.0-150000.250.1 * docker-debuginfo-29.4.0_ce-150000.250.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * docker-rootless-extras-29.4.0_ce-150000.250.1 * docker-bash-completion-29.4.0_ce-150000.250.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * docker-29.4.0_ce-150000.250.1 * docker-buildx-0.33.0-150000.250.1 * docker-debuginfo-29.4.0_ce-150000.250.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * docker-rootless-extras-29.4.0_ce-150000.250.1 * docker-bash-completion-29.4.0_ce-150000.250.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * docker-29.4.0_ce-150000.250.1 * docker-buildx-0.33.0-150000.250.1 * docker-debuginfo-29.4.0_ce-150000.250.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * docker-rootless-extras-29.4.0_ce-150000.250.1 * docker-bash-completion-29.4.0_ce-150000.250.1 ## References: * https://www.suse.com/security/cve/CVE-2025-58181.html . Update for SUSE addresses an important security issue in Docker. Install to enhance system protection.. SUSE Docker Update Security. . Severity: Important. LinuxSecurity.com Team
Jun 17, 2026 •Important SuSE 100
security advisorydenial of serviceSuSESUSE OpenSSH Important Issues Resolved Info Disclosure DoS 2026-2430-1
An update that solves four vulnerabilities and has one security fix can now be installed.. # Security update for openssh8.4 Announcement ID: SUSE-SU-2026:2430-1 Release Date: 2026-06-17T10:51:18Z Rating: important References: * bsc#1259642 * bsc#1261427 * bsc#1261430 * bsc#1261441 * bsc#1264568 Cross-References: * CVE-2026-3497 * CVE-2026-35385 * CVE-2026-35388 * CVE-2026-35414 CVSS scores: * CVE-2026-3497 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-3497 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-3497 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-3497 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35385 ( SUSE ): 7.5 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-35385 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-35385 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-35385 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-35388 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-35388 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2026-35388 ( NVD ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2026-35388 ( NVD ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2026-35414 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-35414 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-35414 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-35414 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSELinux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for openssh8.4 fixes the following issues * CVE-2026-3497: Information disclosure or denial of service due to uninitialized variables (bsc#1259642). * CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid (bsc#1261427). * CVE-2026-35388: omitted connection multiplexing confirmation for proxy-mode multiplexing sessions (bsc#1261441). * CVE-2026-35414: mishandling of authorized_keys principals option (bsc#1261430). * potential security issue in validating mac (bsc#1264568). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-2430=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2430=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * openssh8.4-clients-debuginfo-8.4p1-8.24.1 * openssh8.4-common-8.4p1-8.24.1 * openssh8.4-helpers-debuginfo-8.4p1-8.24.1 * openssh8.4-server-8.4p1-8.24.1 * openssh8.4-8.4p1-8.24.1 * openssh8.4-clients-8.4p1-8.24.1 * openssh8.4-debugsource-8.4p1-8.24.1 * openssh8.4-fips-8.4p1-8.24.1 * openssh8.4-helpers-8.4p1-8.24.1 * openssh8.4-server-debuginfo-8.4p1-8.24.1 * openssh8.4-common-debuginfo-8.4p1-8.24.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * openssh8.4-clients-debuginfo-8.4p1-8.24.1 * openssh8.4-common-8.4p1-8.24.1 * openssh8.4-helpers-debuginfo-8.4p1-8.24.1 *openssh8.4-server-8.4p1-8.24.1 * openssh8.4-8.4p1-8.24.1 * openssh8.4-clients-8.4p1-8.24.1 * openssh8.4-debugsource-8.4p1-8.24.1 * openssh8.4-fips-8.4p1-8.24.1 * openssh8.4-helpers-8.4p1-8.24.1 * openssh8.4-server-debuginfo-8.4p1-8.24.1 * openssh8.4-common-debuginfo-8.4p1-8.24.1 ## References: * https://www.suse.com/security/cve/CVE-2026-3497.html * https://www.suse.com/security/cve/CVE-2026-35385.html * https://www.suse.com/security/cve/CVE-2026-35388.html * https://www.suse.com/security/cve/CVE-2026-35414.html * https://bugzilla.suse.com/show_bug.cgi?id=1259642 * https://bugzilla.suse.com/show_bug.cgi?id=1261427 * https://bugzilla.suse.com/show_bug.cgi?id=1261430 * https://bugzilla.suse.com/show_bug.cgi?id=1261441 * https://bugzilla.suse.com/show_bug.cgi?id=1264568 . Update for OpenSSH 8.4 addresses multiple issues, enhancing security measures; critical for maintaining system integrity.. SUSE updates, openssh vulnerabilities, security patches, Linux system security. . Severity: Important. LinuxSecurity.com Team
Jun 17, 2026 •Important SuSE 100
security advisorySuSEthreatSUSE elemental-system-agent Important Authorization Fix CVE-2026-33186
An update that solves one vulnerability can now be installed.. # Security update for elemental-system-agent Announcement ID: SUSE-SU-2026:22141-1 Release Date: 2026-06-11T09:43:01Z Rating: important References: * bsc#1260277 Cross-References: * CVE-2026-33186 CVSS scores: * CVE-2026-33186 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-33186 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33186 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for elemental-system-agent fixes the following issue * CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2 :path pseudo- header (bsc#1260277). Changes for elemental-system-agent: * Update to version 0.3.16: * setup for immutable releases (#274) * align system-agent image publishing for signed releases (#270) * Bumo github.com/docker/cli to v29.2.0 and go.opentelemetry.io/otel to v1.43.0 * run go mod tidy in /test folder * Bump google.golang.org/grpc from 1.75.0 to 1.79.3 (bsc#1260277 CVE-2026-33186) * Bump github.com/docker/cli in /test * export CATTLE_NODE_NAME if SYSTEM_UPGRADE_NODE_NAME is set * use correct prefix for system-agent binary (#273) * checksum validation (#271) * Add `validate` subcommand for configuration validation (#250) * Update CODEOWNERS * Pin GH Actions to commit sha * chore: bump sles to 15.7 * Extend remote plan e2e tests * Fix agent restart issue and introduce constants * chore: bump go to v1.25 * Setup e2e test infrastructure * chores(deps): Bump k8s dependencies * Define linter rules * Fix CI failures * Introduce an extended Makefile * Switch workflows to use name makefile * Replace dapper with multi stage builds * Remove dapper scripts * Add multiple improvements for ignorefiles * fix: remove umask command from the system-agent unit-file * fix-system-agent-umask * [1.34] bumped dependencies for 1.34 support (#242) * Bump K8s patch level to 1.33.5 and Go patch level to 1.24.6 * fix: properly handle traps after unsuccessful SUC job execution * fix: do not unconditionally reset failure-counts * fix: remove resetFailureCountOnStartup, always reset failure counts on first start * un-rc wrangler and lasso * drop windows 2019 when running PR CI * Update to version 0.3.13: * Bumped dependencies for k8s v1.33 * Add delete for plan.File * fix dispatch * fix: add retry logic for one time instruction * Get UID/GID for current user in write file_test.go * Update secrets for dispatch * fix golangci * support k8s 1.32.2 * Add GitHub App token generation and dispatch job for System Agent Upgrade workflow. * Add ResetFailureCountOnServiceRestart, if true reset plan failure count after each restart of the system-agent * Bump wharfie to v0.6.7 * Add tests and update CI * Windows updates ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-574=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 x86_64) * elemental-system-agent-0.3.16-slfo.1.1_1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33186.html * https://bugzilla.suse.com/show_bug.cgi?id=1260277 . Critical update for SUSE addressing authorization bypass in elemental system agent due to improper HTTP/2 path validation issues.. SUSE security update, elemental system agent, authorization bypass fix, vulnerability patch. . Severity: Important. LinuxSecurity.com Team
Jun 17, 2026 •Important SuSE 100
security advisorybuffer overflowSuSESUSE OpenSSL Important Buffer Overflow Heap Use Advisory 2026-22143-1
An update that solves four vulnerabilities and has one fix can now be installed.. # Security update for openssl-3-livepatches Announcement ID: SUSE-SU-2026:22143-1 Release Date: 2026-06-11T12:51:17Z Rating: important References: * bsc#1256876 * bsc#1256878 * bsc#1256880 * bsc#1266357 * bsc#1266389 Cross-References: * CVE-2025-11187 * CVE-2025-15467 * CVE-2025-15468 * CVE-2026-45447 CVSS scores: * CVE-2025-11187 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-11187 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-11187 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H * CVE-2025-15467 ( SUSE ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-15467 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-15467 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-15468 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-15468 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-15468 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-45447 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45447 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45447 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves four vulnerabilities and has one fix can now be installed. ## Description: This update for openssl-3-livepatches fixes the following issues * CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS#12 MAC verification (bsc#1256878). * CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing (bsc#1256876). * CVE-2025-15468: NULL dereference in SSL_CIPHER_find() function on unknown cipher ID (bsc#1256880). * CVE-2026-45447: Heap Use-After-Free inOpenSSL PKCS7_verify() (bsc#1266389, bsc#1266357). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-575=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * openssl-3-livepatches-debugsource-0.4-slfo.1.1_1.1 * openssl-3-livepatches-0.4-slfo.1.1_1.1 * openssl-3-livepatches-debuginfo-0.4-slfo.1.1_1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-11187.html * https://www.suse.com/security/cve/CVE-2025-15467.html * https://www.suse.com/security/cve/CVE-2025-15468.html * https://www.suse.com/security/cve/CVE-2026-45447.html * https://bugzilla.suse.com/show_bug.cgi?id=1256876 * https://bugzilla.suse.com/show_bug.cgi?id=1256878 * https://bugzilla.suse.com/show_bug.cgi?id=1256880 * https://bugzilla.suse.com/show_bug.cgi?id=1266357 * https://bugzilla.suse.com/show_bug.cgi?id=1266389 . Critical update for SUSE fixes multiple issues in openssl-3-livepatches, enhancing security and preventing exploits.. SUSE update, OpenSSL buffer overflow, Linux security patches. . Severity: Important. LinuxSecurity.com Team
Jun 17, 2026 •Important SuSE 
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!