Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 9 articles for you...
100
security advisorymoderateSuSESUSE Linux Micro 6.2 openCryptoki Moderate CVE-2026-40253 Security Patch
An update that solves one vulnerability, contains one feature and has one fix can now be installed.. # Security update for openCryptoki Announcement ID: SUSE-SU-2026:21593-1 Release Date: 2026-05-07T09:54:18Z Rating: moderate References: * bsc#1262283 * bsc#1263819 * jsc#PED-14609 Cross-References: * CVE-2026-40253 CVSS scores: * CVE-2026-40253 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-40253 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-40253 ( NVD ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-40253 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves one vulnerability, contains one feature and has one fix can now be installed. ## Description: This update for openCryptoki fixes the following issues Security issue: * CVE-2026-40253: Updated fix for malformed BER-encoded cryptographic objects (bsc#1262283). Non security issue: * Refactored .spec file to fully support transactional and immutable operating systems (jsc#PED-14609): * Migrated user and group creation (pkcs11, pkcsslotd) from imperative %pre shell commands to declarative systemd-sysusers configuration. * Replaced manual /var directory tracking and %ghost directives with comprehensive systemd-tmpfiles configurations. * Implemented dynamic, architecture-specific tmpfiles.d generation to properly provision hardware-specific token directories (e.g., ccatok, ep11tok, lite, and HSM_MK_CHANGE). * Fixed permissions for /run/opencryptoki within tmpfiles.d to ensure the daemon can successfully drop privileges and bind its communication socket. * Moved 32-bit and 64-bit shared library symlink creation (such as PKCS11_API.so, stdll, and methods) from %post scriptlets into the %install phase, ensuring they are correctly packaged and tracked on the read-only /usr partition. * Removed legacy/etc/pkcs11 bash migration logic from %post, replacing it with a declarative tmpfiles.d symlink rule. * Cleaned up scriptlets to only execute transaction-safe macros (such as ldconfig and systemd service handlers). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-718=1 ## Package List: * SUSE Linux Micro 6.2 (s390x) * openCryptoki-debugsource-3.26.0-160000.2.1 * openCryptoki-3.26.0-160000.2.1 * openCryptoki-debuginfo-3.26.0-160000.2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40253.html * https://bugzilla.suse.com/show_bug.cgi?id=1262283 * https://bugzilla.suse.com/show_bug.cgi?id=1263819 * https://jira.suse.com/browse/PED-14609 . SUSE update resolves a moderate severity issue in openCryptoki related to cryptographic objects. Patch now available.. SUSE Linux Micro, openCryptoki security, security patch, cryptography, software update. . LinuxSecurity.com Team
May 15, 2026
SuSE
202
security advisorymoderateOpenSUSEopenSUSE Leap 15.5 openCryptoki Moderate Fix CVE-2026-40253
An update that solves one vulnerability can now be installed.. # Security update for openCryptoki Announcement ID: SUSE-SU-2026:1723-1 Release Date: 2026-05-06T14:57:31Z Rating: moderate References: * bsc#1263819 Cross-References: * CVE-2026-40253 CVSS scores: * CVE-2026-40253 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-40253 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-40253 ( NVD ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-40253 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for openCryptoki fixes the following issues: * CVE-2026-40253: updated fix by IBM for malformed BER-encoded cryptographic objects (bsc#1263819) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-1723=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-1723=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * openCryptoki-devel-debuginfo-3.23.0-150500.3.18.1 * openCryptoki-3.23.0-150500.3.18.1 * openCryptoki-debuginfo-3.23.0-150500.3.18.1 * openCryptoki-debugsource-3.23.0-150500.3.18.1 * openCryptoki-devel-3.23.0-150500.3.18.1 * openSUSE Leap 15.5 (i586) * openCryptoki-32bit-debuginfo-3.23.0-150500.3.18.1 * openCryptoki-32bit-3.23.0-150500.3.18.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * openCryptoki-64bit-3.23.0-150500.3.18.1 * openCryptoki-64bit-debuginfo-3.23.0-150500.3.18.1 * SUSE Linux Enterprise Micro 5.5 (s390x) * openCryptoki-debuginfo-3.23.0-150500.3.18.1 *openCryptoki-3.23.0-150500.3.18.1 * openCryptoki-debugsource-3.23.0-150500.3.18.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40253.html * https://bugzilla.suse.com/show_bug.cgi?id=1263819 . Update for openCryptoki resolves moderate severity issue with malformed BER-encoded objects. Install now for security.. openCryptoki update, SUSE security update, moderate severity patch. . LinuxSecurity.com Team
May 06, 2026
OpenSUSE
100
security advisorymoderateOpenSUSEopenSUSE 15.5 openCryptoki Moderate Update for CVE-2026-40253
An update that solves one vulnerability can now be installed.. # Security update for openCryptoki Announcement ID: SUSE-SU-2026:1723-1 Release Date: 2026-05-06T14:57:31Z Rating: moderate References: * bsc#1263819 Cross-References: * CVE-2026-40253 CVSS scores: * CVE-2026-40253 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-40253 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-40253 ( NVD ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-40253 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for openCryptoki fixes the following issues: * CVE-2026-40253: updated fix by IBM for malformed BER-encoded cryptographic objects (bsc#1263819) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-1723=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-1723=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * openCryptoki-devel-debuginfo-3.23.0-150500.3.18.1 * openCryptoki-3.23.0-150500.3.18.1 * openCryptoki-debuginfo-3.23.0-150500.3.18.1 * openCryptoki-debugsource-3.23.0-150500.3.18.1 * openCryptoki-devel-3.23.0-150500.3.18.1 * openSUSE Leap 15.5 (i586) * openCryptoki-32bit-debuginfo-3.23.0-150500.3.18.1 * openCryptoki-32bit-3.23.0-150500.3.18.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * openCryptoki-64bit-3.23.0-150500.3.18.1 * openCryptoki-64bit-debuginfo-3.23.0-150500.3.18.1 * SUSE Linux Enterprise Micro 5.5 (s390x) * openCryptoki-debuginfo-3.23.0-150500.3.18.1 *openCryptoki-3.23.0-150500.3.18.1 * openCryptoki-debugsource-3.23.0-150500.3.18.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40253.html * https://bugzilla.suse.com/show_bug.cgi?id=1263819 . An update for openCryptoki addresses a moderate threat of malformed cryptographic objects in SUSE Linux distributions.. openCryptoki update, openSUSE patch, SUSE security advisory. . LinuxSecurity.com Team
May 06, 2026
SuSE
172
security advisoryUbuntucompromiseUbuntu 24.04 LTS Linux Kernel Security Update USN-8148-6 CVE-2026-23060
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-8148-6 April 14, 2026 linux-azure, linux-azure-6.8 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-6.8: Linux kernel for Microsoft Azure cloud systems Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; (CVE-2026-23060, CVE-2026-23074, CVE-2026-23111) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS linux-image-6.8.0-1052-azure 6.8.0-1052.58 linux-image-azure-6.8 6.8.0-1052.58 linux-image-azure-lts-24.04 6.8.0-1052.58 Ubuntu 22.04 LTS linux-image-6.8.0-1052-azure 6.8.0-1052.58~22.04.1 linux-image-azure 6.8.0-1052.58~22.04.1 linux-image-azure-6.8 6.8.0-1052.58~22.04.1 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8148-6 https://ubuntu.com/security/notices/USN-8148-5 https://ubuntu.com/security/notices/USN-8148-4 https://ubuntu.com/security/notices/USN-8148-3 https://ubuntu.com/security/notices/USN-8148-2 https://ubuntu.com/security/notices/USN-8148-1 CVE-2026-23060, CVE-2026-23074, CVE-2026-23111 Package Information: https://launchpad.net/ubuntu/+source/linux-azure/6.8.0-1052.58 https://launchpad.net/ubuntu/+source/linux-azure-6.8/6.8.0-1052.58~22.04.1 . Several security issues in the Linux kernel for Ubuntu (Azure) corrected, enhancing protection against potential attacks.. Linux kernel security, Ubuntu Azure, system compromised. . Severity: Important. LinuxSecurity.com Team
Apr 13, 2026
•Important
Ubuntu
100
security advisorymoderateSuSESUSE Linux Enterprise Server libsodium Low Security Flaw 2026-20914-2
An update that solves one vulnerability can now be installed.. # Security update for libsodium Announcement ID: SUSE-SU-2026:20913-1 Release Date: 2026-03-19T08:18:59Z Rating: moderate References: * bsc#1256070 Cross-References: * CVE-2025-15444 CVSS scores: * CVE-2025-15444 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2025-15444 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server - BCI 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for libsodium fixes the following issues: * CVE-2025-15444: Fixed cryptographic bypass via improper elliptic curve point validation (bsc#1256070). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server - BCI 16.0 zypper in -t patch SUSE-SLES-16.0-413=1 ## Package List: * SUSE Linux Enterprise Server - BCI 16.0 (aarch64 ppc64le s390x x86_64) * libsodium26-1.0.20-160000.3.1 * libsodium-debugsource-1.0.20-160000.3.1 * libsodium26-debuginfo-1.0.20-160000.3.1 * libsodium-devel-1.0.20-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-15444.html * https://bugzilla.suse.com/show_bug.cgi?id=1256070 . Moderate security update for libsodium resolves a cryptographic bypass issue impacting SUSE Linux Enterprise Server.. libsodium security update, SUSE patches, cryptographic bypass fix, Linux security advisory, libraries security. . LinuxSecurity.com Team
Apr 01, 2026
SuSE
202
security advisorymoderatebug fixopenSUSE Leap 16.0 libsodium Moderate Cryptographic Bypass CVE-2025-15444
An update that solves one vulnerability and has one bug fix can now be installed.. openSUSE security update: security update for libsodium ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20399-1 Rating: moderate References: * bsc#1256070 Cross-References: * CVE-2025-15444 CVSS scores: * CVE-2025-15444 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability and has one bug fix can now be installed. Description: This update for libsodium fixes the following issues: - CVE-2025-15444: Fixed cryptographic bypass via improper elliptic curve point validation (bsc#1256070). Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-413=1 Package List: - openSUSE Leap 16.0: libsodium-devel-1.0.20-160000.3.1 libsodium26-1.0.20-160000.3.1 References: * https://www.suse.com/security/cve/CVE-2025-15444.html . Update for openSUSE fixes moderate severity security issue in libsodium. Ensure your system is secure and patched.. openSUSE security update, libsodium patch, cryptographic issue fix. . LinuxSecurity.com Team
Mar 28, 2026
OpenSUSE
100
security advisorymoderateSuSESUSE Linux Micro 6.3 libsodium Light CVE-2025-15445 Encryption Flaw
An update that solves one vulnerability can now be installed.. # Security update for libsodium Announcement ID: SUSE-SU-2026:20756-1 Release Date: 2026-03-19T08:16:55Z Rating: moderate References: * bsc#1256070 Cross-References: * CVE-2025-15444 CVSS scores: * CVE-2025-15444 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2025-15444 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves one vulnerability can now be installed. ## Description: This update for libsodium fixes the following issues: * CVE-2025-15444: Fixed cryptographic bypass via improper elliptic curve point validation (bsc#1256070). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-413=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * libsodium-debugsource-1.0.20-160000.3.1 * libsodium26-debuginfo-1.0.20-160000.3.1 * libsodium26-1.0.20-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-15444.html * https://bugzilla.suse.com/show_bug.cgi?id=1256070 . An update addresses a cryptographic bypass vulnerability in libsodium for SUSE Linux Micro, rated moderate and resolvable via patch.. libsodium security update, SUSE Linux Micro patch, CVE-2025-15444 fix. . LinuxSecurity.com Team
Mar 24, 2026
SuSE
100
security advisorymoderateSuSESUSE libsodium Security Updates for CVE-2025-15444 CVE-2025-69277
An update that solves two vulnerabilities can now be installed.. # Security update for libsodium Announcement ID: SUSE-SU-2026:0482-1 Release Date: 2026-02-12T16:04:30Z Rating: moderate References: * bsc#1255764 * bsc#1256070 Cross-References: * CVE-2025-15444 * CVE-2025-69277 CVSS scores: * CVE-2025-15444 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2025-15444 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-69277 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-69277 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2025-69277 ( NVD ): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N Affected Products: * Public Cloud Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for libsodium fixes the following issues: * CVE-2025-15444: Fixed cryptographic bypass via improper elliptic curve point validation (bsc#1256070). * CVE-2025-69277: Fixed incorrect validation of elliptic curve points in crypto_core_ed25519_is_valid_point function (bsc#1255764). ## Patch Instructions: Toinstall this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 12 zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2026-482=1 ## Package List: * Public Cloud Module 12 (aarch64 ppc64le s390x x86_64) * libsodium23-1.0.16-1.15.1 ## References: * https://www.suse.com/security/cve/CVE-2025-15444.html * https://www.suse.com/security/cve/CVE-2025-69277.html * https://bugzilla.suse.com/show_bug.cgi?id=1255764 * https://bugzilla.suse.com/show_bug.cgi?id=1256070 . SUSE updates libsodium to address moderate security risks from cryptographic validation flaws impacting several products.. libsodium update, SUSE security, cryptography flaws, software update. . LinuxSecurity.com Team
Feb 13, 2026
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!