Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
Does sandboxing completely stop hackers?
Loading...
Explore Latest Linux Security advisories
We found 1,385 articles for you...
100
security advisorySuSEDoSSUSE Python-PyJWT Critical SSRF DoS Security Update 2026-2627-1
An update that solves four vulnerabilities can now be installed.. # Security update for python-PyJWT Announcement ID: SUSE-SU-2026:2627-1 Release Date: 2026-06-25T08:13:21Z Rating: important References: * bsc#1266798 * bsc#1266799 * bsc#1266801 * bsc#1266802 Cross-References: * CVE-2026-48522 * CVE-2026-48523 * CVE-2026-48525 * CVE-2026-48526 CVSS scores: * CVE-2026-48522 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-48522 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-48522 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-48523 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-48523 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-48523 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-48525 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-48525 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-48526 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-48526 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-48526 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * Basesystem Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves four vulnerabilities can now be installed. ## Description: This update for python-PyJWT fixes the following issues * CVE-2026-48522: `PyJWKClient` passes URI arguments directly to `urllib.request.urlopen()` and allows for SSRF and token forgery (bsc#1266798). * CVE-2026-48523: verifier-side algorithm allow-list bypass when `jwt.decode()` or `jwt.decode_complete()` are called with a PyJWK key (bsc#1266799). * CVE-2026-48525: unbounded Base64URL decoding of unused payload segment in `b64=false` detached JWS allows for DoS (bsc#1266801). * CVE-2026-48526: no validation of use of JSON Web Keys in HMAC algorithm when decoding JSON Web Tokens allows for forged HS256 tokens (bsc#1266802). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2627=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2627=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2627=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2627=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2627=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patchSUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2627=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2627=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2627=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2627=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2627=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2627=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2627=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * python3-PyJWT-2.4.0-150200.3.14.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * python3-PyJWT-2.4.0-150200.3.14.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * python3-PyJWT-2.4.0-150200.3.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * python3-PyJWT-2.4.0-150200.3.14.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * python3-PyJWT-2.4.0-150200.3.14.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * python3-PyJWT-2.4.0-150200.3.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * python3-PyJWT-2.4.0-150200.3.14.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * python3-PyJWT-2.4.0-150200.3.14.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * python3-PyJWT-2.4.0-150200.3.14.1 * Basesystem Module 15-SP7 (noarch) * python3-PyJWT-2.4.0-150200.3.14.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * python3-PyJWT-2.4.0-150200.3.14.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) *python3-PyJWT-2.4.0-150200.3.14.1 ## References: * https://www.suse.com/security/cve/CVE-2026-48522.html * https://www.suse.com/security/cve/CVE-2026-48523.html * https://www.suse.com/security/cve/CVE-2026-48525.html * https://www.suse.com/security/cve/CVE-2026-48526.html * https://bugzilla.suse.com/show_bug.cgi?id=1266798 * https://bugzilla.suse.com/show_bug.cgi?id=1266799 * https://bugzilla.suse.com/show_bug.cgi?id=1266801 * https://bugzilla.suse.com/show_bug.cgi?id=1266802 . Install a crucial security update for python-PyJWT addressing multiple issues including unvalidated JSON Web Keys and SSRF risks.. python security update, SUSE advisory, token forgery risk, DoS threat, PyJWT vulnerabilities. . Severity: Important. LinuxSecurity.com Team
Jun 25, 2026
•Important
SuSE
100
security advisorymoderateSuSESUSE Libzypp Moderate Path Traversal Local Overwrite Issue 2026-2628-1
An update that solves two vulnerabilities can now be installed.. # Security update for libzypp Announcement ID: SUSE-SU-2026:2628-1 Release Date: 2026-06-25T08:25:22Z Rating: moderate References: * bsc#1259802 * bsc#1267874 Cross-References: * CVE-2026-25707 * CVE-2026-44942 CVSS scores: * CVE-2026-25707 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-44942 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-44942 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-44942 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for libzypp fixes the following issue * CVE-2026-25707: Handcrafted repo metadata may cause arbitrary local files to be overwritten (bsc#1259802). * CVE-2026-44942: Fixed possible path traversal attacks via .repo files 'path=' entries (bsc#1267874). ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-2628=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2628=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libzypp-debugsource-16.22.19-82.1 * libzypp-debuginfo-16.22.19-82.1 * libzypp-devel-doc-16.22.19-82.1 *libzypp-16.22.19-82.1 * libzypp-devel-16.22.19-82.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libzypp-debugsource-16.22.19-82.1 * libzypp-debuginfo-16.22.19-82.1 * libzypp-devel-doc-16.22.19-82.1 * libzypp-16.22.19-82.1 * libzypp-devel-16.22.19-82.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25707.html * https://www.suse.com/security/cve/CVE-2026-44942.html * https://bugzilla.suse.com/show_bug.cgi?id=1259802 * https://bugzilla.suse.com/show_bug.cgi?id=1267874 . This update fixes two security issues in libzypp, addressing local file overwrites and path traversal attacks.. SUSE libzypp update security patch path traversal. . Severity: moderate. LinuxSecurity.com Team
Jun 25, 2026
•moderate
SuSE
100
security advisorysecurity issueSuSESUSE Linux Kernel Important Security Update 2026-2630-1
An update that solves 29 vulnerabilities and has four security fixes can now be installed.. # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:2630-1 Release Date: 2026-06-25T11:55:03Z Rating: important References: * bsc#1247954 * bsc#1255416 * bsc#1258538 * bsc#1260531 * bsc#1261700 * bsc#1262663 * bsc#1262993 * bsc#1263769 * bsc#1263879 * bsc#1263880 * bsc#1264076 * bsc#1264093 * bsc#1264116 * bsc#1264470 * bsc#1264610 * bsc#1265116 * bsc#1265211 * bsc#1265960 * bsc#1266214 * bsc#1266290 * bsc#1266810 * bsc#1266969 * bsc#1267205 * bsc#1267214 * bsc#1267220 * bsc#1267361 * bsc#1267369 * bsc#1267387 * bsc#1267621 * bsc#1267640 * bsc#1267651 * bsc#1267652 * bsc#1267697 Cross-References: * CVE-2025-10263 * CVE-2025-68324 * CVE-2026-23392 * CVE-2026-31405 * CVE-2026-31473 * CVE-2026-31500 * CVE-2026-31613 * CVE-2026-31697 * CVE-2026-31698 * CVE-2026-31699 * CVE-2026-31758 * CVE-2026-31759 * CVE-2026-43077 * CVE-2026-43198 * CVE-2026-43366 * CVE-2026-43503 * CVE-2026-45886 * CVE-2026-45970 * CVE-2026-45984 * CVE-2026-46021 * CVE-2026-46037 * CVE-2026-46113 * CVE-2026-46116 * CVE-2026-46120 * CVE-2026-46123 * CVE-2026-46150 * CVE-2026-46159 * CVE-2026-46227 * CVE-2026-46273 CVSS scores: * CVE-2025-10263 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-68324 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23392 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31405 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31405 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H *CVE-2026-31473 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31473 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31473 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31500 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31500 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31500 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31613 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31613 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31613 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2026-31697 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31697 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31698 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31698 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31699 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31699 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31758 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31758 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31758 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31759 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31759 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-31759 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43077 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43077 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43198 ( SUSE): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43198 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43198 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43366 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43366 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43366 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43503 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43503 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43503 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-45886 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45886 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45970 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45984 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45984 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45984 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46021 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46021 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46021 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46037 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46037 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-46037 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-46113 ( SUSE ): 9.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-46113 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46113 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46116 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46116 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46116 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46120 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46123 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46123 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-46123 ( NVD ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-46150 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-46150 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46150 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46159 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46159 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46227 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46227 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46273 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46273 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Micro 5.5 An update that solves 29 vulnerabilities and has four security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issueswere fixed: * CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs (bsc#1266290). * CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work (bsc#1255416). * CVE-2026-23392: netfilter: nf_tables: release flowtable after rcu grace period on error (bsc#1260531). * CVE-2026-31405: media: dvb-net: fix OOB access in ULE extension header tables (bsc#1261700). * CVE-2026-31473: media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex (bsc#1262663). * CVE-2026-31500: Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock (bsc#1262993). * CVE-2026-31613: smb: client: fix OOB reads parsing symlink error response (bsc#1263769). * CVE-2026-31697: crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed (bsc#1264116). * CVE-2026-31698: crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed (bsc#1263880). * CVE-2026-31699: crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed (bsc#1263879). * CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmc_release (bsc#1264093). * CVE-2026-31759: usb: ulpi: fix double free in ulpi_register_interface() error path (bsc#1264076). * CVE-2026-43077: crypto: algif_aead - Fix minimum RX size check for decryption (bsc#1264470). * CVE-2026-43198: tcp: fix potential race in tcp_v6_syn_recv_sock() (bsc#1264610). * CVE-2026-43366: io_uring/kbuf: check if target buffer list is still legacy on recycle (bsc#1265116). * CVE-2026-45886: bpf: Fix bpf_xdp_store_bytes proto for read-only arg (bsc#1266810). * CVE-2026-45970: bonding: alb: fix UAF in rlb_arp_recv during bond up/down (bsc#1267205). * CVE-2026-45984: gfs2: Move the inode glock locking to gfs2_file_buffered_write (bsc#1267214). * CVE-2026-46021: thermal: core: Fix thermal zone governor cleanup issues (bsc#1267220). * CVE-2026-46037: ipv4: icmp: validate reply type before using icmp_pointers (bsc#1267361). * CVE-2026-46113: KVM: x86/mmu: Add helper to convert SPTE value to its shadow page (bsc#1266969). * CVE-2026-46116: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete (bsc#1267369). * CVE-2026-46120: ip6_gre: Use cached t-> net in ip6erspan_changelink() (bsc#1267640). * CVE-2026-46123: Bluetooth: virtio_bt: clamp rx length before skb_put (bsc#1267621). * CVE-2026-46150: fanotify: fix false positive on permission events (bsc#1267387). * CVE-2026-46159: btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak (bsc#1267652). * CVE-2026-46227: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (bsc#1267697). * CVE-2026-46273: ibmveth: Disable GSO for packets with small MSS (bsc#1265211 bsc#1267651). The following non security issues were fixed: * arm64: tlb: Allow XZR argument to TLBI ops (git-fixes). * arm64: tlb: Optimize ARM64_WORKAROUND_REPEAT_TLBI (git-fixes). * KVM: x86: Constrain guest-supported xfeatures only at KVM_GET_XSAVE{2} (bsc#1247954). * KVM: x86: Remove 'return void' expression for 'void function' (bsc#1247954). * smb: client: correctly handle ErrorContextData as a flexible array (git- fixes). * x86/fpu: Allow caller to constrain xfeatures when copying to uabi buffer (bsc#1247954). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2630=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2630=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-rt-devel-debuginfo-5.14.21-150500.13.146.1 * kernel-rt-livepatch-5.14.21-150500.13.146.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.146.1 *dlm-kmp-rt-5.14.21-150500.13.146.1 * kernel-rt-livepatch-devel-5.14.21-150500.13.146.1 * kernel-syms-rt-5.14.21-150500.13.146.1 * kernel-rt-debuginfo-5.14.21-150500.13.146.1 * kernel-rt-extra-5.14.21-150500.13.146.1 * kernel-rt_debug-vdso-5.14.21-150500.13.146.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.146.1 * kernel-rt-vdso-5.14.21-150500.13.146.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.146.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.146.1 * ocfs2-kmp-rt-5.14.21-150500.13.146.1 * reiserfs-kmp-rt-5.14.21-150500.13.146.1 * kernel-rt-optional-5.14.21-150500.13.146.1 * gfs2-kmp-rt-5.14.21-150500.13.146.1 * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.146.1 * cluster-md-kmp-rt-5.14.21-150500.13.146.1 * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.146.1 * kernel-rt-extra-debuginfo-5.14.21-150500.13.146.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.146.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.146.1 * kernel-rt-devel-5.14.21-150500.13.146.1 * kernel-rt-debugsource-5.14.21-150500.13.146.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.146.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.146.1 * kernel-rt-optional-debuginfo-5.14.21-150500.13.146.1 * kselftests-kmp-rt-5.14.21-150500.13.146.1 * kernel-rt_debug-devel-5.14.21-150500.13.146.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.146.1 * openSUSE Leap 15.5 (noarch) * kernel-devel-rt-5.14.21-150500.13.146.1 * kernel-source-rt-5.14.21-150500.13.146.1 * openSUSE Leap 15.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.146.1 * kernel-rt_debug-5.14.21-150500.13.146.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-devel-rt-5.14.21-150500.13.146.1 * kernel-source-rt-5.14.21-150500.13.146.1 * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.146.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kernel-rt-debugsource-5.14.21-150500.13.146.1 *kernel-rt-debuginfo-5.14.21-150500.13.146.1 ## References: * https://www.suse.com/security/cve/CVE-2025-10263.html * https://www.suse.com/security/cve/CVE-2025-68324.html * https://www.suse.com/security/cve/CVE-2026-23392.html * https://www.suse.com/security/cve/CVE-2026-31405.html * https://www.suse.com/security/cve/CVE-2026-31473.html * https://www.suse.com/security/cve/CVE-2026-31500.html * https://www.suse.com/security/cve/CVE-2026-31613.html * https://www.suse.com/security/cve/CVE-2026-31697.html * https://www.suse.com/security/cve/CVE-2026-31698.html * https://www.suse.com/security/cve/CVE-2026-31699.html * https://www.suse.com/security/cve/CVE-2026-31758.html * https://www.suse.com/security/cve/CVE-2026-31759.html * https://www.suse.com/security/cve/CVE-2026-43077.html * https://www.suse.com/security/cve/CVE-2026-43198.html * https://www.suse.com/security/cve/CVE-2026-43366.html * https://www.suse.com/security/cve/CVE-2026-43503.html * https://www.suse.com/security/cve/CVE-2026-45886.html * https://www.suse.com/security/cve/CVE-2026-45970.html * https://www.suse.com/security/cve/CVE-2026-45984.html * https://www.suse.com/security/cve/CVE-2026-46021.html * https://www.suse.com/security/cve/CVE-2026-46037.html * https://www.suse.com/security/cve/CVE-2026-46113.html * https://www.suse.com/security/cve/CVE-2026-46116.html * https://www.suse.com/security/cve/CVE-2026-46120.html * https://www.suse.com/security/cve/CVE-2026-46123.html * https://www.suse.com/security/cve/CVE-2026-46150.html * https://www.suse.com/security/cve/CVE-2026-46159.html * https://www.suse.com/security/cve/CVE-2026-46227.html * https://www.suse.com/security/cve/CVE-2026-46273.html * https://bugzilla.suse.com/show_bug.cgi?id=1247954 * https://bugzilla.suse.com/show_bug.cgi?id=1255416 * https://bugzilla.suse.com/show_bug.cgi?id=1258538 * https://bugzilla.suse.com/show_bug.cgi?id=1260531 * https://bugzilla.suse.com/show_bug.cgi?id=1261700 *https://bugzilla.suse.com/show_bug.cgi?id=1262663 * https://bugzilla.suse.com/show_bug.cgi?id=1262993 * https://bugzilla.suse.com/show_bug.cgi?id=1263769 * https://bugzilla.suse.com/show_bug.cgi?id=1263879 * https://bugzilla.suse.com/show_bug.cgi?id=1263880 * https://bugzilla.suse.com/show_bug.cgi?id=1264076 * https://bugzilla.suse.com/show_bug.cgi?id=1264093 * https://bugzilla.suse.com/show_bug.cgi?id=1264116 * https://bugzilla.suse.com/show_bug.cgi?id=1264470 * https://bugzilla.suse.com/show_bug.cgi?id=1264610 * https://bugzilla.suse.com/show_bug.cgi?id=1265116 * https://bugzilla.suse.com/show_bug.cgi?id=1265211 * https://bugzilla.suse.com/show_bug.cgi?id=1265960 * https://bugzilla.suse.com/show_bug.cgi?id=1266214 * https://bugzilla.suse.com/show_bug.cgi?id=1266290 * https://bugzilla.suse.com/show_bug.cgi?id=1266810 * https://bugzilla.suse.com/show_bug.cgi?id=1266969 * https://bugzilla.suse.com/show_bug.cgi?id=1267205 * https://bugzilla.suse.com/show_bug.cgi?id=1267214 * https://bugzilla.suse.com/show_bug.cgi?id=1267220 * https://bugzilla.suse.com/show_bug.cgi?id=1267361 * https://bugzilla.suse.com/show_bug.cgi?id=1267369 * https://bugzilla.suse.com/show_bug.cgi?id=1267387 * https://bugzilla.suse.com/show_bug.cgi?id=1267621 * https://bugzilla.suse.com/show_bug.cgi?id=1267640 * https://bugzilla.suse.com/show_bug.cgi?id=1267651 * https://bugzilla.suse.com/show_bug.cgi?id=1267652 * https://bugzilla.suse.com/show_bug.cgi?id=1267697 . Important security update for SUSE kernel addresses 29 issues, requiring immediate action to safeguard systems against potential risks.. SUSE Kernel Important Security Fix Open Source System Update. . Severity: Important. LinuxSecurity.com Team
Jun 25, 2026
•Important
SuSE
202
security advisoryimportantkernelopenSUSE Kernel Releases Critical Security Update 2026-2630-1 Now
An update that solves 29 vulnerabilities and has four security fixes can now be installed.. # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:2630-1 Release Date: 2026-06-25T11:55:03Z Rating: important References: * bsc#1247954 * bsc#1255416 * bsc#1258538 * bsc#1260531 * bsc#1261700 * bsc#1262663 * bsc#1262993 * bsc#1263769 * bsc#1263879 * bsc#1263880 * bsc#1264076 * bsc#1264093 * bsc#1264116 * bsc#1264470 * bsc#1264610 * bsc#1265116 * bsc#1265211 * bsc#1265960 * bsc#1266214 * bsc#1266290 * bsc#1266810 * bsc#1266969 * bsc#1267205 * bsc#1267214 * bsc#1267220 * bsc#1267361 * bsc#1267369 * bsc#1267387 * bsc#1267621 * bsc#1267640 * bsc#1267651 * bsc#1267652 * bsc#1267697 Cross-References: * CVE-2025-10263 * CVE-2025-68324 * CVE-2026-23392 * CVE-2026-31405 * CVE-2026-31473 * CVE-2026-31500 * CVE-2026-31613 * CVE-2026-31697 * CVE-2026-31698 * CVE-2026-31699 * CVE-2026-31758 * CVE-2026-31759 * CVE-2026-43077 * CVE-2026-43198 * CVE-2026-43366 * CVE-2026-43503 * CVE-2026-45886 * CVE-2026-45970 * CVE-2026-45984 * CVE-2026-46021 * CVE-2026-46037 * CVE-2026-46113 * CVE-2026-46116 * CVE-2026-46120 * CVE-2026-46123 * CVE-2026-46150 * CVE-2026-46159 * CVE-2026-46227 * CVE-2026-46273 CVSS scores: * CVE-2025-10263 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-68324 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23392 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31405 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31405 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H *CVE-2026-31473 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31473 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31473 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31500 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31500 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31500 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31613 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31613 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31613 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2026-31697 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31697 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31698 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31698 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31699 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31699 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31758 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31758 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31758 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31759 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31759 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-31759 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43077 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43077 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43198 ( SUSE): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43198 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43198 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43366 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43366 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43366 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43503 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43503 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43503 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-45886 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45886 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45970 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45984 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45984 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45984 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46021 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46021 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46021 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46037 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46037 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-46037 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-46113 ( SUSE ): 9.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-46113 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46113 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46116 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46116 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46116 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46120 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46123 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46123 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-46123 ( NVD ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-46150 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-46150 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46150 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46159 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46159 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46227 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46227 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46273 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46273 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Micro 5.5 An update that solves 29 vulnerabilities and has four security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issueswere fixed: * CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs (bsc#1266290). * CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work (bsc#1255416). * CVE-2026-23392: netfilter: nf_tables: release flowtable after rcu grace period on error (bsc#1260531). * CVE-2026-31405: media: dvb-net: fix OOB access in ULE extension header tables (bsc#1261700). * CVE-2026-31473: media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex (bsc#1262663). * CVE-2026-31500: Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock (bsc#1262993). * CVE-2026-31613: smb: client: fix OOB reads parsing symlink error response (bsc#1263769). * CVE-2026-31697: crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed (bsc#1264116). * CVE-2026-31698: crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed (bsc#1263880). * CVE-2026-31699: crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed (bsc#1263879). * CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmc_release (bsc#1264093). * CVE-2026-31759: usb: ulpi: fix double free in ulpi_register_interface() error path (bsc#1264076). * CVE-2026-43077: crypto: algif_aead - Fix minimum RX size check for decryption (bsc#1264470). * CVE-2026-43198: tcp: fix potential race in tcp_v6_syn_recv_sock() (bsc#1264610). * CVE-2026-43366: io_uring/kbuf: check if target buffer list is still legacy on recycle (bsc#1265116). * CVE-2026-45886: bpf: Fix bpf_xdp_store_bytes proto for read-only arg (bsc#1266810). * CVE-2026-45970: bonding: alb: fix UAF in rlb_arp_recv during bond up/down (bsc#1267205). * CVE-2026-45984: gfs2: Move the inode glock locking to gfs2_file_buffered_write (bsc#1267214). * CVE-2026-46021: thermal: core: Fix thermal zone governor cleanup issues (bsc#1267220). * CVE-2026-46037: ipv4: icmp: validate reply type before using icmp_pointers (bsc#1267361). * CVE-2026-46113: KVM: x86/mmu: Add helper to convert SPTE value to its shadow page (bsc#1266969). * CVE-2026-46116: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete (bsc#1267369). * CVE-2026-46120: ip6_gre: Use cached t-> net in ip6erspan_changelink() (bsc#1267640). * CVE-2026-46123: Bluetooth: virtio_bt: clamp rx length before skb_put (bsc#1267621). * CVE-2026-46150: fanotify: fix false positive on permission events (bsc#1267387). * CVE-2026-46159: btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak (bsc#1267652). * CVE-2026-46227: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (bsc#1267697). * CVE-2026-46273: ibmveth: Disable GSO for packets with small MSS (bsc#1265211 bsc#1267651). The following non security issues were fixed: * arm64: tlb: Allow XZR argument to TLBI ops (git-fixes). * arm64: tlb: Optimize ARM64_WORKAROUND_REPEAT_TLBI (git-fixes). * KVM: x86: Constrain guest-supported xfeatures only at KVM_GET_XSAVE{2} (bsc#1247954). * KVM: x86: Remove 'return void' expression for 'void function' (bsc#1247954). * smb: client: correctly handle ErrorContextData as a flexible array (git- fixes). * x86/fpu: Allow caller to constrain xfeatures when copying to uabi buffer (bsc#1247954). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2630=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2630=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-rt-devel-debuginfo-5.14.21-150500.13.146.1 * kernel-rt-livepatch-5.14.21-150500.13.146.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.146.1 *dlm-kmp-rt-5.14.21-150500.13.146.1 * kernel-rt-livepatch-devel-5.14.21-150500.13.146.1 * kernel-syms-rt-5.14.21-150500.13.146.1 * kernel-rt-debuginfo-5.14.21-150500.13.146.1 * kernel-rt-extra-5.14.21-150500.13.146.1 * kernel-rt_debug-vdso-5.14.21-150500.13.146.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.146.1 * kernel-rt-vdso-5.14.21-150500.13.146.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.146.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.146.1 * ocfs2-kmp-rt-5.14.21-150500.13.146.1 * reiserfs-kmp-rt-5.14.21-150500.13.146.1 * kernel-rt-optional-5.14.21-150500.13.146.1 * gfs2-kmp-rt-5.14.21-150500.13.146.1 * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.146.1 * cluster-md-kmp-rt-5.14.21-150500.13.146.1 * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.146.1 * kernel-rt-extra-debuginfo-5.14.21-150500.13.146.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.146.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.146.1 * kernel-rt-devel-5.14.21-150500.13.146.1 * kernel-rt-debugsource-5.14.21-150500.13.146.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.146.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.146.1 * kernel-rt-optional-debuginfo-5.14.21-150500.13.146.1 * kselftests-kmp-rt-5.14.21-150500.13.146.1 * kernel-rt_debug-devel-5.14.21-150500.13.146.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.146.1 * openSUSE Leap 15.5 (noarch) * kernel-devel-rt-5.14.21-150500.13.146.1 * kernel-source-rt-5.14.21-150500.13.146.1 * openSUSE Leap 15.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.146.1 * kernel-rt_debug-5.14.21-150500.13.146.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-devel-rt-5.14.21-150500.13.146.1 * kernel-source-rt-5.14.21-150500.13.146.1 * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.146.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kernel-rt-debugsource-5.14.21-150500.13.146.1 *kernel-rt-debuginfo-5.14.21-150500.13.146.1 ## References: * https://www.suse.com/security/cve/CVE-2025-10263.html * https://www.suse.com/security/cve/CVE-2025-68324.html * https://www.suse.com/security/cve/CVE-2026-23392.html * https://www.suse.com/security/cve/CVE-2026-31405.html * https://www.suse.com/security/cve/CVE-2026-31473.html * https://www.suse.com/security/cve/CVE-2026-31500.html * https://www.suse.com/security/cve/CVE-2026-31613.html * https://www.suse.com/security/cve/CVE-2026-31697.html * https://www.suse.com/security/cve/CVE-2026-31698.html * https://www.suse.com/security/cve/CVE-2026-31699.html * https://www.suse.com/security/cve/CVE-2026-31758.html * https://www.suse.com/security/cve/CVE-2026-31759.html * https://www.suse.com/security/cve/CVE-2026-43077.html * https://www.suse.com/security/cve/CVE-2026-43198.html * https://www.suse.com/security/cve/CVE-2026-43366.html * https://www.suse.com/security/cve/CVE-2026-43503.html * https://www.suse.com/security/cve/CVE-2026-45886.html * https://www.suse.com/security/cve/CVE-2026-45970.html * https://www.suse.com/security/cve/CVE-2026-45984.html * https://www.suse.com/security/cve/CVE-2026-46021.html * https://www.suse.com/security/cve/CVE-2026-46037.html * https://www.suse.com/security/cve/CVE-2026-46113.html * https://www.suse.com/security/cve/CVE-2026-46116.html * https://www.suse.com/security/cve/CVE-2026-46120.html * https://www.suse.com/security/cve/CVE-2026-46123.html * https://www.suse.com/security/cve/CVE-2026-46150.html * https://www.suse.com/security/cve/CVE-2026-46159.html * https://www.suse.com/security/cve/CVE-2026-46227.html * https://www.suse.com/security/cve/CVE-2026-46273.html * https://bugzilla.suse.com/show_bug.cgi?id=1247954 * https://bugzilla.suse.com/show_bug.cgi?id=1255416 * https://bugzilla.suse.com/show_bug.cgi?id=1258538 * https://bugzilla.suse.com/show_bug.cgi?id=1260531 * https://bugzilla.suse.com/show_bug.cgi?id=1261700 *https://bugzilla.suse.com/show_bug.cgi?id=1262663 * https://bugzilla.suse.com/show_bug.cgi?id=1262993 * https://bugzilla.suse.com/show_bug.cgi?id=1263769 * https://bugzilla.suse.com/show_bug.cgi?id=1263879 * https://bugzilla.suse.com/show_bug.cgi?id=1263880 * https://bugzilla.suse.com/show_bug.cgi?id=1264076 * https://bugzilla.suse.com/show_bug.cgi?id=1264093 * https://bugzilla.suse.com/show_bug.cgi?id=1264116 * https://bugzilla.suse.com/show_bug.cgi?id=1264470 * https://bugzilla.suse.com/show_bug.cgi?id=1264610 * https://bugzilla.suse.com/show_bug.cgi?id=1265116 * https://bugzilla.suse.com/show_bug.cgi?id=1265211 * https://bugzilla.suse.com/show_bug.cgi?id=1265960 * https://bugzilla.suse.com/show_bug.cgi?id=1266214 * https://bugzilla.suse.com/show_bug.cgi?id=1266290 * https://bugzilla.suse.com/show_bug.cgi?id=1266810 * https://bugzilla.suse.com/show_bug.cgi?id=1266969 * https://bugzilla.suse.com/show_bug.cgi?id=1267205 * https://bugzilla.suse.com/show_bug.cgi?id=1267214 * https://bugzilla.suse.com/show_bug.cgi?id=1267220 * https://bugzilla.suse.com/show_bug.cgi?id=1267361 * https://bugzilla.suse.com/show_bug.cgi?id=1267369 * https://bugzilla.suse.com/show_bug.cgi?id=1267387 * https://bugzilla.suse.com/show_bug.cgi?id=1267621 * https://bugzilla.suse.com/show_bug.cgi?id=1267640 * https://bugzilla.suse.com/show_bug.cgi?id=1267651 * https://bugzilla.suse.com/show_bug.cgi?id=1267652 * https://bugzilla.suse.com/show_bug.cgi?id=1267697 . OpenSUSE releases a secure kernel update addressing 29 key issues, ensuring better performance and safety.. Linux Kernel Security, OpenSUSE Updates, Vulnerability Management, Patch Installation, System Security. . Severity: Important. LinuxSecurity.com Team
Jun 25, 2026
•Important
OpenSUSE
100
security advisorybuffer overflowSuSESUSE Linux Kernel Important 21 Fixes DoS and Related Issues 2026-2631-1
An update that solves 21 vulnerabilities and has two security fixes can now be installed.. # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:2631-1 Release Date: 2026-06-25T11:55:13Z Rating: important References: * bsc#1255416 * bsc#1258538 * bsc#1260531 * bsc#1262663 * bsc#1262993 * bsc#1263769 * bsc#1263879 * bsc#1263880 * bsc#1264076 * bsc#1264116 * bsc#1264470 * bsc#1264610 * bsc#1266214 * bsc#1266290 * bsc#1267214 * bsc#1267361 * bsc#1267369 * bsc#1267381 * bsc#1267387 * bsc#1267621 * bsc#1267640 * bsc#1267652 * bsc#1267697 Cross-References: * CVE-2025-10263 * CVE-2025-68324 * CVE-2026-23392 * CVE-2026-31473 * CVE-2026-31500 * CVE-2026-31613 * CVE-2026-31697 * CVE-2026-31698 * CVE-2026-31699 * CVE-2026-31759 * CVE-2026-43077 * CVE-2026-43198 * CVE-2026-45984 * CVE-2026-46037 * CVE-2026-46116 * CVE-2026-46120 * CVE-2026-46123 * CVE-2026-46150 * CVE-2026-46159 * CVE-2026-46197 * CVE-2026-46227 CVSS scores: * CVE-2025-10263 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-68324 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23392 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31473 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31473 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31473 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31500 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31500 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31500 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31613 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31613 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31613 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2026-31697 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31697 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31698 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31698 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31699 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31699 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31759 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31759 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-31759 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43077 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43077 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43198 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43198 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43198 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45984 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45984 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45984 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46037 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46037 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-46037 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-46116 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46116 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46116 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46120 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46123 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46123 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-46123 ( NVD ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-46150 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-46150 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46150 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46159 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46159 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46197 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46197 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46197 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46227 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves 21 vulnerabilities and has two security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: * CVE-2025-10263: arm64: errata:Mitigate TLBI errata on various Arm CPUs (bsc#1266290). * CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work (bsc#1255416). * CVE-2026-23392: netfilter: nf_tables: release flowtable after rcu grace period on error (bsc#1260531). * CVE-2026-31473: media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex (bsc#1262663). * CVE-2026-31500: Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock (bsc#1262993). * CVE-2026-31613: smb: client: fix OOB reads parsing symlink error response (bsc#1263769). * CVE-2026-31697: crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed (bsc#1264116). * CVE-2026-31698: crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed (bsc#1263880). * CVE-2026-31699: crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed (bsc#1263879). * CVE-2026-31759: usb: ulpi: fix double free in ulpi_register_interface() error path (bsc#1264076). * CVE-2026-43077: crypto: algif_aead - Fix minimum RX size check for decryption (bsc#1264470). * CVE-2026-43198: tcp: fix potential race in tcp_v6_syn_recv_sock() (bsc#1264610). * CVE-2026-45984: gfs2: Move the inode glock locking to gfs2_file_buffered_write (bsc#1267214). * CVE-2026-46037: ipv4: icmp: validate reply type before using icmp_pointers (bsc#1267361). * CVE-2026-46116: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete (bsc#1267369). * CVE-2026-46120: ip6_gre: Use cached t-> net in ip6erspan_changelink() (bsc#1267640). * CVE-2026-46123: Bluetooth: virtio_bt: clamp rx length before skb_put (bsc#1267621). * CVE-2026-46150: fanotify: fix false positive on permission events (bsc#1267387). * CVE-2026-46159: btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak (bsc#1267652). * CVE-2026-46197: drm/amdkfd: validate SVM ioctl nattr against buffer size (bsc#1267381). * CVE-2026-46227:sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (bsc#1267697). The following non security issues were fixed: * smb: client: correctly handle ErrorContextData as a flexible array (git- fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2631=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2631=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2631=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2631=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.173.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.173.1 * kernel-rt-debugsource-5.14.21-150400.15.173.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.173.1 * SUSE Linux Enterprise Micro 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.173.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.173.1 * kernel-rt-debugsource-5.14.21-150400.15.173.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.173.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.173.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.173.1 * kernel-rt-debugsource-5.14.21-150400.15.173.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.173.1 * SUSE Linux Enterprise Micro 5.4(nosrc x86_64) * kernel-rt-5.14.21-150400.15.173.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.173.1 * kernel-rt-debugsource-5.14.21-150400.15.173.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.173.1 ## References: * https://www.suse.com/security/cve/CVE-2025-10263.html * https://www.suse.com/security/cve/CVE-2025-68324.html * https://www.suse.com/security/cve/CVE-2026-23392.html * https://www.suse.com/security/cve/CVE-2026-31473.html * https://www.suse.com/security/cve/CVE-2026-31500.html * https://www.suse.com/security/cve/CVE-2026-31613.html * https://www.suse.com/security/cve/CVE-2026-31697.html * https://www.suse.com/security/cve/CVE-2026-31698.html * https://www.suse.com/security/cve/CVE-2026-31699.html * https://www.suse.com/security/cve/CVE-2026-31759.html * https://www.suse.com/security/cve/CVE-2026-43077.html * https://www.suse.com/security/cve/CVE-2026-43198.html * https://www.suse.com/security/cve/CVE-2026-45984.html * https://www.suse.com/security/cve/CVE-2026-46037.html * https://www.suse.com/security/cve/CVE-2026-46116.html * https://www.suse.com/security/cve/CVE-2026-46120.html * https://www.suse.com/security/cve/CVE-2026-46123.html * https://www.suse.com/security/cve/CVE-2026-46150.html * https://www.suse.com/security/cve/CVE-2026-46159.html * https://www.suse.com/security/cve/CVE-2026-46197.html * https://www.suse.com/security/cve/CVE-2026-46227.html * https://bugzilla.suse.com/show_bug.cgi?id=1255416 * https://bugzilla.suse.com/show_bug.cgi?id=1258538 * https://bugzilla.suse.com/show_bug.cgi?id=1260531 * https://bugzilla.suse.com/show_bug.cgi?id=1262663 * https://bugzilla.suse.com/show_bug.cgi?id=1262993 * https://bugzilla.suse.com/show_bug.cgi?id=1263769 * https://bugzilla.suse.com/show_bug.cgi?id=1263879 * https://bugzilla.suse.com/show_bug.cgi?id=1263880 * https://bugzilla.suse.com/show_bug.cgi?id=1264076 *https://bugzilla.suse.com/show_bug.cgi?id=1264116 * https://bugzilla.suse.com/show_bug.cgi?id=1264470 * https://bugzilla.suse.com/show_bug.cgi?id=1264610 * https://bugzilla.suse.com/show_bug.cgi?id=1266214 * https://bugzilla.suse.com/show_bug.cgi?id=1266290 * https://bugzilla.suse.com/show_bug.cgi?id=1267214 * https://bugzilla.suse.com/show_bug.cgi?id=1267361 * https://bugzilla.suse.com/show_bug.cgi?id=1267369 * https://bugzilla.suse.com/show_bug.cgi?id=1267381 * https://bugzilla.suse.com/show_bug.cgi?id=1267387 * https://bugzilla.suse.com/show_bug.cgi?id=1267621 * https://bugzilla.suse.com/show_bug.cgi?id=1267640 * https://bugzilla.suse.com/show_bug.cgi?id=1267652 * https://bugzilla.suse.com/show_bug.cgi?id=1267697 . SUSE Linux kernel security update resolves 21 issues with important severity and requires installation for system protection.. SUSE kernel update important advisory vulnerabilities patch. . Severity: Important. LinuxSecurity.com Team
Jun 25, 2026
•Important
SuSE
87
security advisorydenial of servicecriticalDebian Chromium Critical Code Execution Denial of Service DSA-6364-1
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the stable distribution (trixie), these problems have been fixed in version 149.0.7827.196-1~deb13u1.. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6364-1
Jun 25, 2026
•Critical
Debian
100
security advisorydenial of servicesecurity issueSUSE python-PyJWT Important SSRF DoS Risks Vulnerability 2026-2626-1
An update that solves five vulnerabilities can now be installed.. # Security update for python-PyJWT Announcement ID: SUSE-SU-2026:2626-1 Release Date: 2026-06-25T08:11:35Z Rating: important References: * bsc#1266798 * bsc#1266799 * bsc#1266800 * bsc#1266801 * bsc#1266802 Cross-References: * CVE-2026-48522 * CVE-2026-48523 * CVE-2026-48524 * CVE-2026-48525 * CVE-2026-48526 CVSS scores: * CVE-2026-48522 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-48522 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-48522 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-48523 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-48523 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-48523 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-48524 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-48524 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-48524 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-48525 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-48525 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-48526 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-48526 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-48526 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.4 * Public Cloud Module 15-SP4 * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux EnterpriseHigh Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves five vulnerabilities can now be installed. ## Description: This update for python-PyJWT fixes the following issues * CVE-2026-48522: `PyJWKClient` passes URI arguments directly to `urllib.request.urlopen()` and allows for SSRF and token forgery (bsc#1266798). * CVE-2026-48523: verifier-side algorithm allow-list bypass when `jwt.decode()` or `jwt.decode_complete()` are called with a PyJWK key (bsc#1266799). * CVE-2026-48524: unlimited processing of JWTs with unknown kid values by `PyJWKClient.get_signing_key()` leads to unbounded JWKS endpoint requests and DoS (bsc#1266800). * CVE-2026-48525: unbounded Base64URL decoding of unused payload segment in `b64=false` detached JWS allows for DoS (bsc#1266801). * CVE-2026-48526: no validation of use of JSON Web Keys in HMAC algorithm when decoding JSON Web Tokens allows for forged HS256 tokens (bsc#1266802). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2626=1 * SUSE Linux EnterpriseServer for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2626=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2626=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2626=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2626=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2026-2626=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2626=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2626=1 * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-2626=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2626=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2626=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2626=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2626=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 * Public Cloud Module 15-SP4 (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 * openSUSE Leap 15.4 (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 * SUSE LinuxEnterprise High Performance Computing ESPOS 15 SP5 (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 * Python 3 Module 15-SP7 (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 ## References: * https://www.suse.com/security/cve/CVE-2026-48522.html * https://www.suse.com/security/cve/CVE-2026-48523.html * https://www.suse.com/security/cve/CVE-2026-48524.html * https://www.suse.com/security/cve/CVE-2026-48525.html * https://www.suse.com/security/cve/CVE-2026-48526.html * https://bugzilla.suse.com/show_bug.cgi?id=1266798 * https://bugzilla.suse.com/show_bug.cgi?id=1266799 * https://bugzilla.suse.com/show_bug.cgi?id=1266800 * https://bugzilla.suse.com/show_bug.cgi?id=1266801 * https://bugzilla.suse.com/show_bug.cgi?id=1266802 . The SUSE update for python-PyJWT resolves important vulnerabilities including SSRF and Denial of Service.. SUSE Python PyJWT vulnerabilities security update. . Severity: Important. LinuxSecurity.com Team
Jun 25, 2026
•Important
SuSE
202
security advisoryDoSimportantopenSUSE Python-PyJWT Important SSRF DoS Issues Vuln 2026-2626-1
An update that solves five vulnerabilities can now be installed.. # Security update for python-PyJWT Announcement ID: SUSE-SU-2026:2626-1 Release Date: 2026-06-25T08:11:35Z Rating: important References: * bsc#1266798 * bsc#1266799 * bsc#1266800 * bsc#1266801 * bsc#1266802 Cross-References: * CVE-2026-48522 * CVE-2026-48523 * CVE-2026-48524 * CVE-2026-48525 * CVE-2026-48526 CVSS scores: * CVE-2026-48522 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-48522 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-48522 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-48523 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-48523 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-48523 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-48524 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-48524 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-48524 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-48525 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-48525 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-48526 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-48526 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-48526 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.4 * Public Cloud Module 15-SP4 * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux EnterpriseHigh Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves five vulnerabilities can now be installed. ## Description: This update for python-PyJWT fixes the following issues * CVE-2026-48522: `PyJWKClient` passes URI arguments directly to `urllib.request.urlopen()` and allows for SSRF and token forgery (bsc#1266798). * CVE-2026-48523: verifier-side algorithm allow-list bypass when `jwt.decode()` or `jwt.decode_complete()` are called with a PyJWK key (bsc#1266799). * CVE-2026-48524: unlimited processing of JWTs with unknown kid values by `PyJWKClient.get_signing_key()` leads to unbounded JWKS endpoint requests and DoS (bsc#1266800). * CVE-2026-48525: unbounded Base64URL decoding of unused payload segment in `b64=false` detached JWS allows for DoS (bsc#1266801). * CVE-2026-48526: no validation of use of JSON Web Keys in HMAC algorithm when decoding JSON Web Tokens allows for forged HS256 tokens (bsc#1266802). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2626=1 * SUSE Linux EnterpriseServer for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2626=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2626=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2626=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2626=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2026-2626=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2626=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2626=1 * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-2626=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2626=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2626=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2626=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2626=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 * Public Cloud Module 15-SP4 (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 * openSUSE Leap 15.4 (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 * SUSE LinuxEnterprise High Performance Computing ESPOS 15 SP5 (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 * Python 3 Module 15-SP7 (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * python311-PyJWT-2.8.0-150400.8.13.1 ## References: * https://www.suse.com/security/cve/CVE-2026-48522.html * https://www.suse.com/security/cve/CVE-2026-48523.html * https://www.suse.com/security/cve/CVE-2026-48524.html * https://www.suse.com/security/cve/CVE-2026-48525.html * https://www.suse.com/security/cve/CVE-2026-48526.html * https://bugzilla.suse.com/show_bug.cgi?id=1266798 * https://bugzilla.suse.com/show_bug.cgi?id=1266799 * https://bugzilla.suse.com/show_bug.cgi?id=1266800 * https://bugzilla.suse.com/show_bug.cgi?id=1266801 * https://bugzilla.suse.com/show_bug.cgi?id=1266802 . Five important vulnerabilities in python-PyJWT on openSUSE require immediate attention to prevent security breaches.. Python Security Updates, openSUSE Advisory, SSrf Vulnerabilities, DoS Attacks, Important Security Patch. . Severity: Important. LinuxSecurity.com Team
Jun 25, 2026
•Important
OpenSUSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
Does sandboxing completely stop hackers?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!