Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
100
security advisoryimportantpatch instructionsUbuntu Kernel 5.10 Security Update Notification UBUNTU-OS-2023-34120-2
An update that solves six vulnerabilities and has one fix can now be installed.. # Security update for elemental-toolkit, elemental-operator Announcement ID: SUSE-SU-2026:20357-1 Release Date: 2026-01-15T09:23:45Z Rating: important References: * bsc#1241826 * bsc#1241857 * bsc#1251511 * bsc#1251679 * bsc#1253581 * bsc#1253901 * bsc#1254079 Cross-References: * CVE-2025-22872 * CVE-2025-47911 * CVE-2025-47913 * CVE-2025-47914 * CVE-2025-58181 * CVE-2025-58190 CVSS scores: * CVE-2025-22872 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2025-22872 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-22872 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-47911 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-47911 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-47911 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-47913 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-47913 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-47913 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-47914 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-47914 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-47914 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-58181 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-58181 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-58181 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-58190 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-58190 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-58190 ( NVD ): 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities and has one fix can now be installed. ## Description: This update for elemental-toolkit, elemental-operator fixes the following issues: elemental-operator: * Update to v1.7.4: * Bump github.com/rancher-sandbox/go-tpm and its dependencies This bump includes few CVE fixes: * bsc#1241826 (CVE-2025-22872) * bsc#1241857 (CVE-2025-22872) * bsc#1251511 (CVE-2025-47911) * bsc#1251679 (CVE-2025-58190) * Install yip config files in before-install step * Revert "Do not delete ManagedOSVersions by default" * Set default channel variable names consistent with OS version * Do not delete ManagedOSVersions by default * Include -channel suffix to channel names * OS channel: enable baremetal channel by default elemental-toolkit: * Update to v2.2.7: * Bump toolkit build to go 1.24 * Bump golang.org/x/crypto library This bumg includes few CVE fixes: * bsc#1241826 (CVE-2025-22872) * bsc#1241857 (CVE-2025-22872) * bsc#1251511 (CVE-2025-47911) * bsc#1251679 (CVE-2025-58190) * bsc#1253581 (CVE-2025-47913) * bsc#1253901 (CVE-2025-58181) * bsc#1254079 (CVE-2025-47914) * Update to v2.2.5: * Permissive mode for green selinux * Adapt code and unit tests * Minor change to lookup devices using blkid ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-375=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 x86_64) * elemental-support-1.7.4-slfo.1.1_1.1 * elemental-toolkit-2.2.7-slfo.1.1_1.1 * elemental-register-1.7.4-slfo.1.1_1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22872.html * https://www.suse.com/security/cve/CVE-2025-47911.html *https://www.suse.com/security/cve/CVE-2025-47913.html * https://www.suse.com/security/cve/CVE-2025-47914.html * https://www.suse.com/security/cve/CVE-2025-58181.html * https://www.suse.com/security/cve/CVE-2025-58190.html * https://bugzilla.suse.com/show_bug.cgi?id=1241826 * https://bugzilla.suse.com/show_bug.cgi?id=1241857 * https://bugzilla.suse.com/show_bug.cgi?id=1251511 * https://bugzilla.suse.com/show_bug.cgi?id=1251679 * https://bugzilla.suse.com/show_bug.cgi?id=1253581 * https://bugzilla.suse.com/show_bug.cgi?id=1253901 * https://bugzilla.suse.com/show_bug.cgi?id=1254079 . SUSE Linux Micro receives an important security update for elemental-toolkit and elemental-operator addressing six issues.. SUSE Linux Micro, elemental toolkit, elemental operator, important security update, patch instructions. . Severity: Important. LinuxSecurity.com Team
Feb 17, 2026
•Important
SuSE
100
security advisorysecurity issueSuSESUSE Micro 6.0 Elemental Toolkit Important Issue Advisory 2026-20244-1
An update that solves six vulnerabilities and has one fix can now be installed.. # Security update for elemental-toolkit, elemental-operator Announcement ID: SUSE-SU-2026:20244-1 Release Date: 2026-01-15T11:07:50Z Rating: important References: * bsc#1241826 * bsc#1241857 * bsc#1251511 * bsc#1251679 * bsc#1253581 * bsc#1253901 * bsc#1254079 Cross-References: * CVE-2025-22872 * CVE-2025-47911 * CVE-2025-47913 * CVE-2025-47914 * CVE-2025-58181 * CVE-2025-58190 CVSS scores: * CVE-2025-22872 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2025-22872 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-22872 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-47911 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-47911 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-47911 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-47913 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-47913 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-47913 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-47914 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-47914 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-47914 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-58181 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-58181 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-58181 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-58190 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-58190 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-58190 ( NVD ): 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities and has one fix can now be installed. ## Description: This update for elemental-toolkit, elemental-operator fixes the following issues: elemental-operator: * Update to version 1.6.10: * Remove 'latest' tag as this overlaps with the latest branch * Bump github.com/rancher-sandbox/go-tpm and its dependencies This bump includes fixes to some CVEs: * bsc#1241826 (CVE-2025-22872) * bsc#1241857 (CVE-2025-22872) * bsc#1251511 (CVE-2025-47911) * bsc#1251679 (CVE-2025-58190) elemental-toolkit: * Update to version 2.1.5: * Update headers for new year 2026 * Disable selinux in installer media * Update to version 2.1.4: * Remove leftovers in installer integration test * Bump to build against go 1.24 * Bump golang.org/x/crypto library This bump includes fixes to some CVEs: * bsc#1241826 (CVE-2025-22872) * bsc#1241857 (CVE-2025-22872) * bsc#1251511 (CVE-2025-47911) * bsc#1251679 (CVE-2025-58190) * bsc#1253581 (CVE-2025-47913) * bsc#1253901 (CVE-2025-58181) * bsc#1254079 (CVE-2025-47914) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-561=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 x86_64) * elemental-register-1.6.10-1.1 * elemental-support-1.6.10-1.1 * elemental-toolkit-2.1.5-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22872.html * https://www.suse.com/security/cve/CVE-2025-47911.html * https://www.suse.com/security/cve/CVE-2025-47913.html * https://www.suse.com/security/cve/CVE-2025-47914.html * https://www.suse.com/security/cve/CVE-2025-58181.html * https://www.suse.com/security/cve/CVE-2025-58190.html *https://bugzilla.suse.com/show_bug.cgi?id=1241826 * https://bugzilla.suse.com/show_bug.cgi?id=1241857 * https://bugzilla.suse.com/show_bug.cgi?id=1251511 * https://bugzilla.suse.com/show_bug.cgi?id=1251679 * https://bugzilla.suse.com/show_bug.cgi?id=1253581 * https://bugzilla.suse.com/show_bug.cgi?id=1253901 * https://bugzilla.suse.com/show_bug.cgi?id=1254079 . A significant update for SUSE enhances elemental-toolkit and operator, addressing critical security issues and vulnerabilities.. SUSE Security Update, Elemental Toolkit Patch, Elemental Operator Vulnerability. . Severity: Important. LinuxSecurity.com Team
Feb 13, 2026
•Important
SuSE
100
security advisoryDenial of ServiceSUSE LinuxSUSE Linux Micro 6.0: 2025:20184-1 important: elemental operator update
* bsc#1238700 * bsc#1239335 Cross-References: * CVE-2025-22869 . # Security update for elemental-operator Announcement ID: SUSE-SU-2025:20184-1 Release Date: 2025-04-11T10:56:08Z Rating: important References: * bsc#1238700 * bsc#1239335 Cross-References: * CVE-2025-22869 * CVE-2025-22870 CVSS scores: * CVE-2025-22869 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22869 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22869 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22870 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22870 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-22870 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L Affected Products: * SUSE Linux Micro 6.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for elemental-operator fixes the following issues: * Updated to version 1.6.8: * Deactivated e2e workflow * Updated header year * CVE-2025-22870: golang.org/x/net/proxy: Fixed proxy bypass using IPv6 zone IDs (bsc#1238700) * CVE-2025-22869: golang.org/x/crypto/ssh: Fixed Denial of Service in the Key Exchange (bsc#1239335) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-284=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 x86_64) * elemental-support-1.6.8-1.1 * elemental-register-1.6.8-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22869.html * https://www.suse.com/security/cve/CVE-2025-22870.html * https://bugzilla.suse.com/show_bug.cgi?id=1238700 * https://bugzilla.suse.com/show_bug.cgi?id=1239335 . Stay informed about the new patches for SUSELinux Micro 6.0 that tackle severe Denial of Service vulnerabilities and resolve proxy bypass concerns.. SUSE Linux Micro 6.0, Denial of Service, elemental operator. . Severity: Important. LinuxSecurity.com Team
Jun 04, 2025
•Important
SuSE
100
security advisorysecurity issuemoderate severityUbuntu: 2023:2210-2 Moderate: Security Patch for Kubernetes Node Agent
The container rancher/elemental-operator/5.3 was updated. The following patches have been included in this update:. SUSE Container Update Advisory: rancher/elemental-operator/5.3 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:1548-1 Container Tags : rancher/elemental-operator/5.3:1.2.2 , rancher/elemental-operator/5.3:1.2.2-3.2.18 , rancher/elemental-operator/5.3:latest Container Release : 3.2.18 Severity : moderate Type : security References : 1206513 1209713 1209714 1209918 1210135 1210411 1210412 1210434 1210507 CVE-2023-24593 CVE-2023-25180 CVE-2023-28484 CVE-2023-29383 CVE-2023-29469 CVE-2023-29491 ----------------------------------------------------------------- The container rancher/elemental-operator/5.3 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:2053-1 Released: Thu Apr 27 11:31:08 2023 Summary: Security update for libxml2 Type: security Severity: moderate References: 1209918,1210411,1210412,CVE-2023-28484,CVE-2023-29469 This update for libxml2 fixes the following issues: - CVE-2023-29469: Fixed inconsistent result when hashing empty strings (bsc#1210412). - CVE-2023-28484: Fixed NULL pointer dereference in xmlSchemaFixupComplexType (bsc#1210411). The following non-security bug was fixed: - Remove unneeded dependency (bsc#1209918). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:2060-1 Released: Thu Apr 27 17:04:25 2023 Summary: Security update for glib2 Type: security Severity: moderate References: 1209713,1209714,1210135,CVE-2023-24593,CVE-2023-25180 This update for glib2 fixes the following issues: - CVE-2023-24593: Fixed a denial of service caused by handling a malicious text-form variant (bsc#1209714). - CVE-2023-25180: Fixed a denial ofservice caused by malicious serialised variant (bsc#1209713). The following non-security bug was fixed: - Fixed regression on s390x (bsc#1210135, glgo#GNOME/glib!2978). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:2066-1 Released: Fri Apr 28 13:54:17 2023 Summary: Security update for shadow Type: security Severity: moderate References: 1210507,CVE-2023-29383 This update for shadow fixes the following issues: - CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn (bsc#1210507). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:2111-1 Released: Fri May 5 14:34:00 2023 Summary: Security update for ncurses Type: security Severity: moderate References: 1210434,CVE-2023-29491 This update for ncurses fixes the following issues: - CVE-2023-29491: Fixed memory corruption issues when processing malformed terminfo data (bsc#1210434). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:2133-1 Released: Tue May 9 13:37:10 2023 Summary: Recommended update for zlib Type: recommended Severity: moderate References: 1206513 This update for zlib fixes the following issues: - Add DFLTCC support for using inflate() with a small window (bsc#1206513) The following package changes have been done: - libz1-1.2.11-150000.3.42.1 updated - libncurses6-6.1-150000.5.15.1 updated - terminfo-base-6.1-150000.5.15.1 updated - ncurses-utils-6.1-150000.5.15.1 updated - libglib-2_0-0-2.70.5-150400.3.8.1 updated - libxml2-2-2.9.14-150400.5.16.1 updated - login_defs-4.8.1-150400.10.6.1 updated - shadow-4.8.1-150400.10.6.1 updated - container:sles15-image-15.0.0-27.14.60 updated . SUSE enhances the container rancher/elemental-operator/5.3 by applying updates that mitigate various moderate security vulnerabilities.. SUSE, Elemental Operator Update, Container Security Patch, Security Management. . LinuxSecurity.com Team
May 12, 2023
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!