Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 734
Alerts This Week
Warning Icon 1 734

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is application sandboxing truly safe?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/155-is-application-sandboxing-truly-safe?task=poll.vote&format=json
155
radio
0
[{"id":500,"title":"Malware still escapes container walls.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":501,"title":"Supply chains corrupt trusted packages.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":502,"title":"Convenience consistently compromises strict security.","votes":1,"type":"x","order":3,"pct":100,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 286 articles for you...
89

Fedora 44 nginx-mod-naxsi Security Patch FEDORA-2026-b8e751787c

nginx-mod-brotli: Rebuild for 1.30.3 nginx-mod-fancyindex: Rebuild for 1.30.3 nginx-mod-vts:. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-b8e751787c 2026-06-27 01:10:00.374795+00:00 -------------------------------------------------------------------------------- Name : nginx-mod-naxsi Product : Fedora 44 Version : 1.6 Release : 19.fc44 URL : https://github.com/wargio/naxsi Summary : nginx web application firewall module Description : naxsi is an nginx module that provides score based Web Application Firewall (WAF) abilities in a highly granular fashion. -------------------------------------------------------------------------------- Update Information: nginx-mod-brotli: Rebuild for 1.30.3 nginx-mod-fancyindex: Rebuild for 1.30.3 nginx-mod-vts: Rebuild for 1.30.3 nginx-mod-modsecurity: Rebuild for 1.30.3 nginx-mod-headers-more: Rebuild for 1.30.3 nginx-mod-naxsi: Rebuild for 1.30.3 nginx-mod-js-challenge: Rebuild for 1.30.3 nginx: update to 1.30.3 fixes CVE-2026-42055, CVE-2026-42530 and CVE-2026-48142 -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 17 2026 Felix Kaechele - 1.6-19 - Rebuild for 1.30.3 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-b8e751787c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Update on Fedora 44 addresses security flaws in nginx-mod-naxsi with multiple CVE resolutions. Check for essential patches!. Fedora advisory, nginx module security, web application security, Linux updates, CVE resolutions. . LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Fedora
89

Fedora 44 nginx-mod-modsecurity Update Fixes CVE-2026-42055 2026-b8e751787c

nginx-mod-brotli: Rebuild for 1.30.3 nginx-mod-fancyindex: Rebuild for 1.30.3 nginx-mod-vts:. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-b8e751787c 2026-06-27 01:10:00.374795+00:00 -------------------------------------------------------------------------------- Name : nginx-mod-modsecurity Product : Fedora 44 Version : 1.0.4 Release : 12.fc44 URL : https://github.com/SpiderLabs/ModSecurity-nginx Summary : ModSecurity v3 nginx connector Description : The ModSecurity-nginx connector is the connection point between nginx and libmodsecurity (ModSecurity v3). Said another way, this project provides a communication channel between nginx and libmodsecurity. This connector is required to use LibModSecurity with nginx. The ModSecurity-nginx connector takes the form of an nginx module. The module simply serves as a layer of communication between nginx and ModSecurity -------------------------------------------------------------------------------- Update Information: nginx-mod-brotli: Rebuild for 1.30.3 nginx-mod-fancyindex: Rebuild for 1.30.3 nginx-mod-vts: Rebuild for 1.30.3 nginx-mod-modsecurity: Rebuild for 1.30.3 nginx-mod-headers-more: Rebuild for 1.30.3 nginx-mod-naxsi: Rebuild for 1.30.3 nginx-mod-js-challenge: Rebuild for 1.30.3 nginx: update to 1.30.3 fixes CVE-2026-42055, CVE-2026-42530 and CVE-2026-48142 -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 17 2026 Felix Kaechele - 1.0.4-12 - Rebuild for 1.30.3 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-b8e751787c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed withthe Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . An advisory for Fedora 44 addressing security fixes for nginx-mod-modsecurity, including crucial updates and improvements.. Fedora updates, nginx security, ModSecurity advisory, nginx-mod-modsecurity. . LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Fedora
100

SUSE Kernel Important Update for 98 Security Fixes 2026-22140-1

An update that solves 98 vulnerabilities and has 11 fixes can now be installed.. # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:22140-1 Release Date: 2026-06-15T18:32:29Z Rating: important References: * bsc#1248235 * bsc#1255416 * bsc#1258538 * bsc#1260502 * bsc#1260584 * bsc#1261619 * bsc#1261791 * bsc#1262606 * bsc#1262615 * bsc#1262619 * bsc#1262622 * bsc#1262624 * bsc#1262634 * bsc#1262649 * bsc#1262656 * bsc#1262663 * bsc#1262668 * bsc#1262755 * bsc#1263006 * bsc#1263068 * bsc#1263115 * bsc#1263143 * bsc#1263152 * bsc#1263169 * bsc#1263319 * bsc#1263562 * bsc#1263724 * bsc#1263769 * bsc#1263774 * bsc#1263790 * bsc#1263883 * bsc#1263932 * bsc#1263945 * bsc#1264000 * bsc#1264011 * bsc#1264063 * bsc#1264091 * bsc#1264093 * bsc#1264124 * bsc#1264184 * bsc#1264243 * bsc#1264245 * bsc#1264255 * bsc#1264300 * bsc#1264409 * bsc#1264430 * bsc#1264449 * bsc#1264476 * bsc#1264484 * bsc#1264551 * bsc#1264669 * bsc#1264671 * bsc#1264672 * bsc#1264716 * bsc#1264719 * bsc#1264720 * bsc#1264722 * bsc#1264726 * bsc#1264765 * bsc#1264805 * bsc#1264989 * bsc#1265020 * bsc#1265044 * bsc#1265073 * bsc#1265110 * bsc#1265128 * bsc#1265170 * bsc#1265240 * bsc#1265579 * bsc#1265928 * bsc#1265960 * bsc#1266001 * bsc#1266009 * bsc#1266214 * bsc#1266238 * bsc#1266307 * bsc#1266394 * bsc#1266395 * bsc#1266400 * bsc#1266402 * bsc#1266414 * bsc#1266452 * bsc#1266696 * bsc#1266697 * bsc#1266711 * bsc#1266720 * bsc#1266759 * bsc#1266765 * bsc#1266767 * bsc#1266810 * bsc#1266816 * bsc#1266826 * bsc#1266827 * bsc#1266889 * bsc#1266901 * bsc#1266927 * bsc#1266969 * bsc#1266972 * bsc#1267205 * bsc#1267214 * bsc#1267218 * bsc#1267220 * bsc#1267222 * bsc#1267531 * bsc#1267626 * bsc#1267652 * bsc#1267663 * bsc#1267726 * bsc#1267732 Cross-References: * CVE-2025-38549 * CVE-2025-68324 *CVE-2026-23303 * CVE-2026-23327 * CVE-2026-23359 * CVE-2026-23438 * CVE-2026-23444 * CVE-2026-31396 * CVE-2026-31446 * CVE-2026-31448 * CVE-2026-31454 * CVE-2026-31455 * CVE-2026-31464 * CVE-2026-31473 * CVE-2026-31480 * CVE-2026-31493 * CVE-2026-3150 * CVE-2026-31516 * CVE-2026-31518 * CVE-2026-31546 * CVE-2026-31590 * CVE-2026-31596 * CVE-2026-31613 * CVE-2026-31614 * CVE-2026-31629 * CVE-2026-31655 * CVE-2026-31671 * CVE-2026-31673 * CVE-2026-31678 * CVE-2026-31703 * CVE-2026-31758 * CVE-2026-31767 * CVE-2026-43013 * CVE-2026-43026 * CVE-2026-43030 * CVE-2026-43040 * CVE-2026-43052 * CVE-2026-43054 * CVE-2026-43059 * CVE-2026-43065 * CVE-2026-43066 * CVE-2026-43068 * CVE-2026-43109 * CVE-2026-43206 * CVE-2026-43234 * CVE-2026-43249 * CVE-2026-43252 * CVE-2026-43261 * CVE-2026-43284 * CVE-2026-43296 * CVE-2026-43325 * CVE-2026-43333 * CVE-2026-43338 * CVE-2026-43341 * CVE-2026-43359 * CVE-2026-43360 * CVE-2026-43361 * CVE-2026-43362 * CVE-2026-43406 * CVE-2026-43407 * CVE-2026-43411 * CVE-2026-43413 * CVE-2026-43414 * CVE-2026-43455 * CVE-2026-43470 * CVE-2026-43483 * CVE-2026-43499 * CVE-2026-43501 * CVE-2026-43503 * CVE-2026-45842 * CVE-2026-45843 * CVE-2026-45846 * CVE-2026-45852 * CVE-2026-45856 * CVE-2026-45878 * CVE-2026-45886 * CVE-2026-45910 * CVE-2026-45932 * CVE-2026-45970 * CVE-2026-45983 * CVE-2026-45984 * CVE-2026-46004 * CVE-2026-46021 * CVE-2026-46024 * CVE-2026-46043 * CVE-2026-46079 * CVE-2026-46083 * CVE-2026-46090 * CVE-2026-46094 * CVE-2026-46110 * CVE-2026-46111 * CVE-2026-46113 * CVE-2026-46114 * CVE-2026-46157 * CVE-2026-46159 * CVE-2026-46176 * CVE-2026-46181 * CVE-2026-46209 CVSS scores: * CVE-2025-38549 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38549 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38549 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68324 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23303 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23303 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23327 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23327 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23359 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23359 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23359 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23438 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23438 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23438 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23444 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23444 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23444 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23444 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31396 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31396 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-31396 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31446 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31446 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31446 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-31448 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31448 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31448 ( NVD ): 9.4CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H * CVE-2026-31454 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31454 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31454 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31455 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31455 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31455 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31464 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31464 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31464 ( NVD ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31473 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31473 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31473 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31480 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31480 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31480 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31493 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31493 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31493 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-3150 ( NVD ): 2.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-3150 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2026-3150 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31516 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31516 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31516 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31518 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31518 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31518 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31546 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31546 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31546 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31590 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31590 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31590 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31596 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31596 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31596 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31613 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31613 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31613 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2026-31614 ( SUSE ): 6.1 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31614 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31614 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31629 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31629 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31629 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H *CVE-2026-31655 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31655 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31655 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31671 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31671 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31671 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31673 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-31673 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2026-31673 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31678 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31678 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31678 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31703 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31703 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-31703 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31758 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31758 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31758 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31767 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31767 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31767 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43013 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43026 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43026 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43030 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43030 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43040 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43040 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-43052 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43052 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43052 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-43054 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43054 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43059 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43065 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-43065 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L * CVE-2026-43065 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43066 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43066 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43066 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43068 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43068 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-43068 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43109 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43109 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43109 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43206 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43206 ( NVD ): 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43234 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43234 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43249 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43249 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-43249 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43252 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43252 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43261 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43261 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43261 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43284 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43284 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43284 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43296 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43296 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43325 ( SUSE ): 6.0 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43325 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43325 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43333 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43333 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2026-43333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43338 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43338 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43338 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43341 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43341 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43359 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43359 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-43359 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43360 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43360 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43360 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43361 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43361 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-43361 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43362 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2026-43362 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L * CVE-2026-43362 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H * CVE-2026-43406 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43406 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-43407 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43407 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-43411 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43411 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43411 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43413 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43413 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43413 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43414 (SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43414 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43414 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43455 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43455 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43470 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43470 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43483 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43499 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43499 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43499 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43501 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43501 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43501 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43503 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43503 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43503 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-45842 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L * CVE-2026-45842 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2026-45843 ( SUSE ): 7.0 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-45843 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L * CVE-2026-45843 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N * CVE-2026-45846 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-45846 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-45852 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45852 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45856 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-45856 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L * CVE-2026-45856 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-45878 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-45878 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45886 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45886 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45910 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45910 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45910 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45932 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45932 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45932 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2026-45970 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45970 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45983 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-45983 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-45984 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N *CVE-2026-45984 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45984 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46004 ( SUSE ): 7.0 CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46004 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46021 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46021 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46021 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46024 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46024 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46024 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46043 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46043 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46043 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-46079 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46079 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46083 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46090 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46090 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46094 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-46094 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-46110 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46110 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46110 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46111 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46111 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46113 ( SUSE ): 9.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-46113 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46113 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46114 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-46114 ( SUSE ): 5.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-46114 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-46157 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-46157 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-46157 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46159 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46159 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46176 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46181 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46181 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46209 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 * SUSE Linux Micro Extras 6.1 An update that solves 98 vulnerabilities and has 11 fixes can now be installed. ## Description: The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2025-38549: efivarfs: Fix memory leak of efivarfs_fs_info in fs_context error paths (bsc#1248235). * CVE-2025-68324: scsi: imm: Fixuse-after-free bug caused by unfinished delayed work (bsc#1255416). * CVE-2026-23303: smb: client: Don't log plaintext credentials in cifs_set_cifscreds (bsc#1260502). * CVE-2026-23327: cxl/mbox: validate payload size before accessing contents in cxl_payload_from_user_allowed() * CVE-2026-23359: bpf: Fix stack-out-of-bounds write in devmap (bsc#1260584). * CVE-2026-23438: net: mvpp2: guard flow control update with global_tx_fc in buffer switching (bsc#1261619). * CVE-2026-23444: wifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure (bsc#1266307). * CVE-2026-31396: net: macb: fix use-after-free access to PTP clock (bsc#1261791). * CVE-2026-31446: ext4: fix use-after-free in update_super_work when racing with umount (bsc#1262619). * CVE-2026-31448: ext4: avoid infinite loops caused by residual data (bsc#1262622). * CVE-2026-31454: xfs: save ailp before dropping the AIL lock in push callbacks (bsc#1262624). * CVE-2026-31455: xfs: stop reclaim before pushing AIL during unmount (bsc#1262615). * CVE-2026-31464: scsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done() (bsc#1262656). * CVE-2026-31473: media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex (bsc#1262663). * CVE-2026-31480: tracing: Fix potential deadlock in cpu hotplug with osnoise (bsc#1262634). * CVE-2026-31493: RDMA/efa: Fix use of completion ctx after free (bsc#1262668). * CVE-2026-3150: bcache: fix cached_dev.sb_bio use-after-free and crash (bsc#1263169). * CVE-2026-31516: xfrm: prevent policy_hthresh.work from racing with netns teardown (bsc#1262755). * CVE-2026-31518: esp: fix skb leak with espintcp and async crypto (bsc#1262606). * CVE-2026-31546: net: bonding: fix NULL deref in bond_debug_rlb_hash_show (bsc#1263006). * CVE-2026-31590: KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION (bsc#1263152). * CVE-2026-31596: ocfs2: handle invalid dinode in ocfs2_group_extend (bsc#1263319). * CVE-2026-31613: smb: client: fix OOB reads parsing symlink error response (bsc#1263769). * CVE-2026-31614: smb: client: fix off-by-8 bounds check in check_wsl_eas() (bsc#1263774). * CVE-2026-31629: nfc: llcp: add missing return after LLCP_CLOSED checks (bsc#1263790). * CVE-2026-31655: pmdomain: imx8mp-blk-ctrl: Keep the NOC_HDCP clock enabled (bsc#1263724). * CVE-2026-31671: xfrm_user: fix info leak in build_report() (bsc#1263115). * CVE-2026-31673: af_unix: read UNIX_DIAG_VFS data under unix_state_lock (bsc#1263143). * CVE-2026-31678: openvswitch: defer tunnel netdev_put to RCU release (bsc#1263562). * CVE-2026-31703: writeback: Fix use after free in inode_switch_wbs_work_fn() (bsc#1263883). * CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmc_release (bsc#1264093). * CVE-2026-31767: drm/i915/dsi: Don't do DSC horizontal timing adjustments in command mode (bsc#1264124). * CVE-2026-43013: net/mlx5: lag: Check for LAG device before creating debugfs (bsc#1264011). * CVE-2026-43026: netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent (bsc#1263932). * CVE-2026-43030: bpf: Fix regsafe() for pointers to packet (bsc#1264000). * CVE-2026-43040: net: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero (bsc#1264091). * CVE-2026-43052: wifi: mac80211: check tdls flag in ieee80211_tdls_oper (bsc#1263945). * CVE-2026-43054: scsi: target: tcm_loop: Drain commands in target_reset handler (bsc#1264063). * CVE-2026-43059: Bluetooth: MGMT: fix crash in set_mesh_sync and set_mesh_complete (bsc#1264184). * CVE-2026-43065: ext4: always drain queued discard work in ext4_mb_release() (bsc#1264243). * CVE-2026-43066: ext4: fix iloc.bh leak in ext4_fc_replay_inode() error paths (bsc#1264245). * CVE-2026-43068: ext4: avoid allocate block from corrupted group in ext4_mb_find_by_goal() (bsc#1264255). * CVE-2026-43109: x86: shadow stacks: proper errorhandling for mmap lock (bsc#1264484). * CVE-2026-43206: drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set() (bsc#1264551). * CVE-2026-43234: team: avoid NETDEV_CHANGEMTU event when unregistering slave (bsc#1264409). * CVE-2026-43249: 9p/xen: protect xen_9pfs_front_free against concurrent calls (bsc#1264476). * CVE-2026-43252: mptcp: pm: in-kernel: always set ID as avail when rm endp (bsc#1264300). * CVE-2026-43261: arm64: Add support for TSV110 Spectre-BHB mitigation (bsc#1264430). * CVE-2026-43296: octeontx2-af: Workaround SQM/PSE stalls by disabling sticky (bsc#1264805). * CVE-2026-43325: wifi: iwlwifi: mvm: don't send a 6E related command when not supported (bsc#1265110). * CVE-2026-43333: bpf: reject direct access to nullable PTR_TO_BUF pointers (bsc#1264726). * CVE-2026-43338: btrfs: reserve enough transaction items for qgroup ioctls (bsc#1264716). * CVE-2026-43341: net/ipv6: ioam6: prevent schema length wraparound in trace fill (bsc#1265044). * CVE-2026-43359: btrfs: fix transaction abort on set received ioctl due to item overflow (bsc#1264719). * CVE-2026-43360: btrfs: fix transaction abort on file creation due to name hash collision (bsc#1264720). * CVE-2026-43361: btrfs: fix transaction abort when snapshotting received subvolumes (bsc#1264722). * CVE-2026-43362: smb: client: fix in-place encryption corruption in SMB2_write() (bsc#1264989). * CVE-2026-43406: libceph: prevent potential out-of-bounds reads in process_message_header() (bsc#1265073). * CVE-2026-43407: libceph: Fix potential out-of-bounds access in ceph_handle_auth_reply() (bsc#1265020). * CVE-2026-43411: tipc: fix divide-by-zero in tipc_sk_filter_connect() (bsc#1264672). * CVE-2026-43413: scsi: hisi_sas: Fix NULL pointer exception during user_scan() (bsc#1264671). * CVE-2026-43414: scsi: qla2xxx: Completely fix fcport double free (bsc#1264669). * CVE-2026-43455: net: mctp: Ensure keys maintain only one ref to corresponding dev (bsc#1264765). * CVE-2026-43470: nfs: return EISDIR on nfs3_proc_create if d_alias is a dir (bsc#1265128). * CVE-2026-43483: KVM: SVM: Set/clear CR8 write interception when AVIC is (de)activated (bsc#1265240). * CVE-2026-43499: rtmutex: Use waiter::task instead of current in remove_waiter() (bsc#1266001). * CVE-2026-43501: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (bsc#1266009). * CVE-2026-45842: slip: reject VJ receive packets on instances with no rstate array (bsc#1266400). * CVE-2026-45843: slip: bound decode() reads against the compressed packet length (bsc#1266395). * CVE-2026-45846: bareudp: fix NULL pointer dereference in bareudp_fill_metadata_dst() (bsc#1266394). * CVE-2026-45852: RDMA/rxe: Fix double free in rxe_srq_from_init (bsc#1266711). * CVE-2026-45856: RDMA/uverbs: Validate wqe_size before using it in ib_uverbs_post_send (bsc#1266720). * CVE-2026-45878: drm/amdkfd: Fix watch_id bounds checking in debug address watch v2 (bsc#1266767). * CVE-2026-45886: bpf: Fix bpf_xdp_store_bytes proto for read-only arg (bsc#1266810). * CVE-2026-45910: RDMA/rxe: Fix race condition in QP timer handlers (bsc#1266889). * CVE-2026-45932: bpf: Fix tcx/netkit detach permissions when prog fd isn't given (bsc#1266827). * CVE-2026-45970: bonding: alb: fix UAF in rlb_arp_recv during bond up/down (bsc#1267205). * CVE-2026-45983: nfsd: never defer requests during idmap lookup (bsc#1266697). * CVE-2026-45984: gfs2: Add metapath_dibh helper (bsc#1267214). * CVE-2026-46004: ALSA: caiaq: Handle probe errors properly (bsc#1267222). * CVE-2026-46021: thermal: core: Fix thermal zone governor cleanup issues (bsc#1267220). * CVE-2026-46024: libceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply() (bsc#1267218). * CVE-2026-46043: RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv (bsc#1266901). * CVE-2026-46079: rbd: fix null-ptr-deref when device_add_disk()fails (bsc#1266452). * CVE-2026-46083: spi: fix resource leaks on device setup failure (bsc#1266696). * CVE-2026-46090: ALSA: aloop: Use guard() for spin locks (bsc#1267531). * CVE-2026-46094: ext4: fix bounds check in check_xattrs() to prevent out-of- bounds access (bsc#1266927). * CVE-2026-46110: net: stmmac: rename STMMAC_GET_ENTRY() -> STMMAC_NEXT_ENTRY() (bsc#1266759). * CVE-2026-46111: Bluetooth: hci_conn: fix potential UAF in create_big_sync (bsc#1267626). * CVE-2026-46113: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (bsc#1266969). * CVE-2026-46114: RDMA/rxe: Reject non-8-byte ATOMIC_WRITE payloads (bsc#1266972). * CVE-2026-46157: ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger (bsc#1267726). * CVE-2026-46159: btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak (bsc#1267652). * CVE-2026-46176: RDMA/mlx5: Fix error path fall-through in mlx5_ib_dev_res_srq_init() (bsc#1266816). * CVE-2026-46181: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event() (bsc#1266826). * CVE-2026-46209: drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() (bsc#1267663). The following non-security bugs were fixed: * ALSA: PCM: Fix wait queue list corruption in snd_pcm_drain() on linked streams (git-fixes). * ALSA: asihpi: Fix potential OOB array access at reading cache (stable- fixes). * ALSA: hda/conexant: Renaming the codec with device ID 0x1f86 and 0x1f87 (stable-fixes). * ALSA: sc6000: Keep the programmed board state in card-private data (git- fixes). * ALSA: sc6000: Use standard print API (stable-fixes). * ALSA: ua101: Reject too-short USB descriptors (git-fixes). * ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans (git-fixes). * ALSA: usb-audio: Bound MIDI endpoint descriptor scans (git-fixes). * ASoC: SOF: Intel: hda-dai: add support for dspless mode beyond HDAudio (stable-fixes). * ASoC: SOF: Intel: hda-dai:remove dspless special case (stable-fixes). * ASoC: SOF: Intel: hda: Fix NULL pointer dereference (stable-fixes). * ASoC: codecs: simple-mux: Fix enum control bounds check (git-fixes). * ASoC: cs35l56: Fix flushing of IRQ work in cs35l56_sdw_remove() (git-fixes). * ASoC: qcom: q6asm-dai: close stream only when running (git-fixes). * ASoC: qcom: q6asm-dai: do not set stream state in event and trigger callbacks (git-fixes). * ASoC: qcom: q6asm-dai: fix error handling in prepare and set_params (git- fixes). * Bluetooth: 6lowpan: check skb_clone() return value in send_mcast_pkt() (git- fixes). * Bluetooth: HIDP: fix missing length checks in hidp_input_report() (git- fixes). * Bluetooth: ISO: drop ISO_END frames received without prior ISO_START (git- fixes). * Bluetooth: ISO: fix UAF in iso_recv_frame (git-fixes). * Bluetooth: ISO: serialize iso_sock_clear_timer with socket lock (git-fixes). * Bluetooth: L2CAP: Fix possible crash on l2cap_ecred_conn_rsp (git-fixes). * Bluetooth: L2CAP: fix chan ref leak in l2cap_chan_timeout() on !conn (git- fixes). * Bluetooth: L2CAP: use chan timer to close channels in cleanup_listen() (git- fixes). * Bluetooth: MGMT: Fix backward compatibility with userspace (git-fixes). * Bluetooth: MGMT: validate Add Extended Advertising Data length (git-fixes). * Bluetooth: MGMT: validate advertising TLV before type checks (git-fixes). * Bluetooth: RFCOMM: hold listener socket in rfcomm_connect_ind() (git-fixes). * Bluetooth: RFCOMM: validate skb length in MCC handlers (git-fixes). * Bluetooth: bnep: Fix UAF read of dev-> name (git-fixes). * Bluetooth: bnep: reject short frames before parsing (git-fixes). * Bluetooth: btusb: Allow firmware re-download when version matches (git- fixes). * Bluetooth: fix UAF in l2cap_sock_cleanup_listen() vs l2cap_conn_del() (git- fixes). * Bluetooth: hci_sync: Set HCI_CMD_DRAIN_WORKQUEUE during device close (git- fixes). * Bluetooth: hci_sync: reject oversized BroadcastAnnouncement prepend (git- fixes). * Bluetooth: hci_uart: fix UAFs and race conditions in close and init paths (git-fixes). * Bluetooth: l2cap: clear chan-> ident on ECRED reconfiguration success (git- fixes). * HID: quirks: really enable the intended work around for appledisplay (git- fixes). * HID: uclogic: Fix regression of input name assignment (git-fixes). * HID: wacom: Fix OOB write in wacom_hid_set_device_mode() (git-fixes). * Input: atkbd - skip deactivate for HONOR BCC-N's internal keyboard (git- fixes). * Input: atmel_mxt_ts - fix boundary check in mxt_prepare_cfg_mem (git-fixes). * Input: ims-pcu - fix usb_free_coherent() size in ims_pcu_buffers_free() (git-fixes). * Input: usbtouchscreen - clamp NEXIO data_len/x_len to URB buffer size (git- fixes). * Input: xpad - fix out-of-bounds access for Share button (git-fixes). * KVM: SVM: Initialize AVIC VMCB fields if AVIC is enabled with in-kernel APIC (git-fixes). * KVM: X86: Fix array_index_nospec protection in __pv_send_ipi (git-fixes). * KVM: nSVM: Use vcpu-> arch.cr2 when updating vmcb12 on nested #VMEXIT (git- fixes). * KVM: x86: Fix Xen hypercall tracepoint argument assignment (git-fixes). * RDMA/efa: Check stored completion CTX command ID with received one (git- fixes) * RDMA/efa: Extend admin timeout error print (git-fixes) * RDMA/efa: Fix possible deadlock (git-fixes) * RDMA/efa: Improve admin completion context state machine (git-fixes) * RDMA/mana_ib: Report max_msg_sz in mana_ib_query_port (git-fixes). * USB: cdc-acm: Fix bit overlap and move quirk definitions to header (git- fixes). * USB: serial: belkin_sa: validate interrupt status length (git-fixes). * USB: serial: cypress_m8: validate interrupt packet headers (git-fixes). * USB: serial: keyspan: fix missing indat transfer sanity check (git-fixes). * USB: serial: mct_u232: fix missing interrupt-in transfer sanity check (git- fixes). * USB: serial: mxuport: fix memory corruption with smallendpoint (git-fixes). * USB: serial: omninet: fix memory corruption with small endpoint (git-fixes). * USB: serial: option: add missing RSVD(5) flag for Rolling RW135R-GL (git- fixes). * USB: serial: safe_serial: fix memory corruption with small endpoint (git- fixes). * arm64: tlb: Allow XZR argument to TLBI ops (git-fixes) * arm64: tlb: Optimize ARM64_WORKAROUND_REPEAT_TLBI (git-fixes) * auxdisplay: line-display: fix OOB read on zero-length message_store() (git- fixes). * batman-adv: bla: fix report_work leak on backbone_gw purge (git-fixes). * batman-adv: clear current gateway during teardown (git-fixes). * batman-adv: dat: handle forward allocation error (git-fixes). * batman-adv: fix batadv_skb_is_frag() kernel-doc (git-fixes). * batman-adv: fix fragment reassembly length accounting (git-fixes). * batman-adv: fix tp_meter counter underflow during shutdown (git-fixes). * batman-adv: frag: disallow unicast fragment in fragment (git-fixes). * batman-adv: tp_meter: avoid use of uninit sender vars (git-fixes). * batman-adv: tt: fix negative last_changeset_len (git-fixes). * batman-adv: tt: fix negative tt_buff_len (git-fixes). * bcache: fix uninitialized closure object (git-fixes). * comedi: comedi_test: Fix limiting of convert_arg in waveform_ai_cmdtest() (git-fixes). * comedi: comedi_test: fix check for valid scan_begin_src in waveform_ai_cmdtest() (git-fixes). * device property: set fwnode-> secondary to NULL in fwnode_init() (git-fixes). * drivers/base/memory: fix memory block reference leak in poison accounting (git-fixes). * drm/amd/display: Clamp HDMI HDCP2 rx_id_list read to buffer size (git- fixes). * drm/amd/display: Fix NULL deref and buffer over-read in SDP debugfs (git- fixes). * drm/amd/display: Fix integer overflow in bios_get_image() (stable-fixes). * drm/amd/display: Reject gpio_bitshift > = 32 in bios_parser_get_gpio_pin_info() (git-fixes). * drm/amd/display: Use krealloc_array() in dal_vector_reserve()(git-fixes). * drm/amd/display: Validate GPIO pin LUT table size before iterating (stable- fixes). * drm/amd/display: Validate payload length and link_index in dc_process_dmub_aux_transfer_async (stable-fixes). * drm/amd/pm/si: Disregard vblank time when no displays are connected (git- fixes). * drm/amdgpu/uvd3.1: Do not validate the firmware when already validated (git- fixes). * drm/amdgpu/vce2: Fix VCE 2 firmware size and offsets (git-fixes). * drm/amdgpu/vce3: Fix VCE 3 firmware size and offsets (git-fixes). * drm/amdgpu: fix spelling typos (stable-fixes). * drm/amdkfd: Fix buffer overflow in SDMA queue checkpoint/restore on GFX11 (git-fixes). * drm/amdkfd: fix NULL dereference in get_queue_ids() (git-fixes). * drm/bridge: chipone-icn6211: use devm_drm_bridge_add in i2c probe (git- fixes). * drm/bridge: it66121: acquire reset GPIO in probe (git-fixes). * drm/bridge: megachips: remove bridge when irq request fails (git-fixes). * drm/hyperv: validate VMBus packet size in receive callback (git-fixes). * drm/hyperv: validate resolution_count and fix WIN8 fallback (git-fixes). * drm/i915: Extract intel_dbuf_mdclk_cdclk_ratio_update() (stable-fixes). * drm/i915: Fix potential UAF in TTM object purge (git-fixes). * drm/i915: Loop over all active pipes in intel_mbus_dbox_update (stable- fixes). * drm/imx: Fix three kernel-doc warnings in dcss-scaler.c (git-fixes). * drm/msm/dsi: do not dump registers past the mapped region (git-fixes). * drm/msm/snapshot: fix dumping of the unaligned regions (git-fixes). * drm/radeon/evergreen_cs: Add missing NULL prefix check in surface check (git-fixes). * drm/virtio: use uninterruptible resv lock for plane updates (git-fixes). * efi: Allocate runtime workqueue before ACPI init (git-fixes). * firmware: arm_ffa: Check for NULL FF-A ID table while driver registration (git-fixes). * firmware: arm_ffa: Skip free_pages on RX buffer alloc failure (git-fixes). * hwmon: (pmbus/adm1266) bounce blackboxrecords through a protocol-sized buffer (git-fixes). * hwmon: (pmbus/adm1266) cap PDIO scan in get_multiple at ADM1266_PDIO_NR (git-fixes). * hwmon: (pmbus/adm1266) do not clobber GPIO bits before PDIO read in get_multiple (git-fixes). * hwmon: (pmbus/adm1266) include PEC byte in pmbus_block_xfer read buffer (git-fixes). * hwmon: (pmbus/adm1266) include adapter number in GPIO line label (git- fixes). * hwmon: (pmbus/adm1266) register the gpio_chip after pmbus_do_probe() (git- fixes). * hwmon: (pmbus/adm1266) register the nvmem device after pmbus_do_probe() (git-fixes). * hwmon: (pmbus/adm1266) reject implausible blackbox record_count (git-fixes). * hwmon: (pmbus/adm1266) reject short block-read responses in the GPIO accessors (git-fixes). * hwmon: (pmbus/adm1266) seed timestamp from the real-time clock (git-fixes). * hwmon: (pmbus/adm1266) widen blackbox-info buffer to I2C_SMBUS_BLOCK_MAX (git-fixes). * iio: adc: viperboard: Fix error handling in vprbrd_iio_read_raw (git-fixes). * iio: adc: xilinx-xadc: Fix sequencer mode in postdisable for dual mux (git- fixes). * iio: buffer: hw-consumer: fix use-after-free in error path (git-fixes). * iio: dac: ad5686: acquire lock when doing powerdown control (git-fixes). * iio: dac: ad5686: fix input raw value check (git-fixes). * iio: dac: max5821: fix return value check in powerdown sync (git-fixes). * iio: gyro: itg3200: fix i2c read into the wrong stack location (git-fixes). * iio: imu: st_lsm6dsx: fix stack leak in tagged FIFO buffer (git-fixes). * iio: light: cm3323: fix reg_conf not being initialized correctly (git- fixes). * iio: magnetometer: st_magn: fix default DRDY pin selection for LIS2MDL (git- fixes). * iio: ssp_sensors: cancel delayed work_refresh on remove (git-fixes). * iio: temperature: tsys01: fix broken PROM checksum validation (git-fixes). * mmc: core: Fix host controller programming for fixed driver type (git- fixes). * mmc: litex_mmc: Set mandatoryidle clocks before CMD0 (git-fixes). * mmc: litex_mmc: Use DIV_ROUND_UP for more accurate clock calculation (git- fixes). * mmc: renesas_sdhi: Add OF entry for RZ/G2H SoC (git-fixes). * mmc: sdhci: add signal voltage switch in sdhci_resume_host (git-fixes). * net: gro: do not merge zcopy skbs (git-fixes). * net: mana: Add NULL guards in teardown path to prevent panic on attach failure (git-fixes). * net: mana: Expose hardware diagnostic info via debugfs (bsc#1266414). * net: mana: Fix TOCTOU double-fetch of hwc_msg_id from DMA buffer (bsc#1265928). * net: mana: Skip redundant detach on already-detached port (git-fixes). * net: mana: Use kvmalloc for large RX queue and buffer allocations (bsc#1266765). * net: mana: Use per-queue allocation for tx_qp to reduce allocation size (bsc#1266765). * net: mana: hardening: Reject zero max_num_queues from GDMA_QUERY_MAX_RESOURCES (git-fixes). * net: mana: validate rx_req_idx to prevent out-of-bounds array access (bsc#1266402). * net: wwan: iosm: fix potential memory leaks in ipc_imem_init() (git-fixes). * parport: Fix race between port and client registration (git-fixes). * phy: marvell: mvebu-a3700-utmi: fix incorrect USB2_PHY_CTRL register access (git-fixes). * platform/x86: adv_swbutton: Check ACPI_HANDLE() against NULL (git-fixes). * platform/x86: hp_accel: Check ACPI_COMPANION() against NULL (git-fixes). * platform/x86: intel-hid: Check ACPI_HANDLE() against NULL (git-fixes). * platform/x86: intel-vbtn: Check ACPI_HANDLE() against NULL (git-fixes). * r8152: fix incorrect register write to USB_UPHY_XTAL (git-fixes). * rpm/check-for-config-changes: ignore Rust-related configs (bsc#1258538). * rpm/mkspec: Conditionally set Rust BuildReqs (bsc#1258538). * rpm: Add BuildRequires for Rust enablement (bsc#1258538). * s390/barrier: Make array_index_mask_nospec() __always_inline (bsc#1263068). * s390/entry: Scrub r12 register on kernel entry (bsc#1263068). * s390/syscalls: Add spectre boundaryfor syscall dispatch table (bsc#1263068). * sched/rt: Skip currently executing CPU in rto_next_cpu() (bsc#1262649). * security/keys: fix missed RCU read section on lookup (stable-fixes). * serial: fsl_lpuart: fix rx buffer and DMA map leaks in start_rx_dma (git- fixes). * serial: qcom-geni: fix UART_RX_PAR_EN bit position (git-fixes). * smb: client: correctly handle ErrorContextData as a flexible array (git- fixes) * smb: client: reject userspace cifs.spnego descriptions (bsc#1266238). * spi: mtk-snfi: Fix resource leak in mtk_snand_read_page_cache() (git-fixes). * spi: sprd: fix error pointer deref after DMA setup failure (git-fixes). * spi: st-ssc4: switch to use modern name (stable-fixes). * spi: ti-qspi: fix use-after-free after DMA setup failure (git-fixes). * string: add mem_is_zero() helper to check if memory area is all zeros (stable-fixes). * thunderbolt: property: Reject dir_len < 4 to prevent size_t underflow (git-fixes). * thunderbolt: property: Reject u32 wrap in tb_property_entry_valid() (git- fixes). * tracing: Switch trace_osnoise.c code over to use guard() and __free() (bsc#1262634). * tty: serial: pch_uart: add check for dma_alloc_coherent() (git-fixes). * usb: cdns3: gadget: fix request skipping after clearing halt (git-fixes). * usb: chipidea: core: convert ci_role_switch to local variable (git-fixes). * usb: dwc2: Fix use after free in debug code (git-fixes). * usb: gadget: composite: fix integer underflow in WebUSB GET_URL handling (git-fixes). * usb: gadget: dummy_hcd: Reject hub port requests for non-existent ports (git-fixes). * usb: gadget: f_fs: copy only received bytes on short ep0 read (git-fixes). * usb: gadget: f_hid: fix device reference leak in hidg_alloc() (git-fixes). * usb: gadget: net2280: Fix double free in probe error path (git-fixes). * usb: usbtmc: check URB actual_length for interrupt-IN notifications (git- fixes). * usb: usbtmc: reject interrupt endpoints with small wMaxPacketSize(git- fixes). * usbip: vudc: Fix use after free bug in vudc_remove due to race condition (git-fixes). * wifi: ath10k: skip WMI and beacon transmission when device is wedged (git- fixes). * wifi: ath11k: clear shared SRNG pointer state on restart (git-fixes). * wifi: ath11k: fix error path leak in ath11k_tm_cmd_wmi_ftm() (git-fixes). * wifi: ath11k: fix error path leaks in some WMI WOW calls (git-fixes). * wifi: ath11k: fix error path leaks in some WMI calls (git-fixes). * wifi: ath11k: fix peer resolution on rx path when peer_id=0 (git-fixes). * wifi: ath11k: fix use after free in ath11k_dp_rx_msdu_coalesce() (git- fixes). * wifi: cfg80211: advance loop vars in cfg80211_merge_profile() (git-fixes). * wifi: mac80211: consume only present negotiated TTLM maps (git-fixes). * wifi: mac80211: limit injected antenna index in ieee80211_parse_tx_radiotap (git-fixes). * wifi: nl80211: reject oversized EMA RNR lists (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro Extras 6.1 zypper in -t patch SUSE-SLE-Micro-Extras-6.1-kernel-464=1 ## Package List: * SUSE Linux Micro Extras 6.1 (nosrc) * kernel-64kb-6.4.0-47.1 * SUSE Linux Micro Extras 6.1 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-6.4.0-47.1 * kernel-obs-build-debugsource-6.4.0-47.1 * kernel-syms-6.4.0-47.1 * SUSE Linux Micro Extras 6.1 (aarch64) * kernel-64kb-devel-6.4.0-47.1 * kernel-64kb-debugsource-6.4.0-47.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38549.html * https://www.suse.com/security/cve/CVE-2025-68324.html * https://www.suse.com/security/cve/CVE-2026-23303.html * https://www.suse.com/security/cve/CVE-2026-23327.html *https://www.suse.com/security/cve/CVE-2026-23359.html * https://www.suse.com/security/cve/CVE-2026-23438.html * https://www.suse.com/security/cve/CVE-2026-23444.html * https://www.suse.com/security/cve/CVE-2026-31396.html * https://www.suse.com/security/cve/CVE-2026-31446.html * https://www.suse.com/security/cve/CVE-2026-31448.html * https://www.suse.com/security/cve/CVE-2026-31454.html * https://www.suse.com/security/cve/CVE-2026-31455.html * https://www.suse.com/security/cve/CVE-2026-31464.html * https://www.suse.com/security/cve/CVE-2026-31473.html * https://www.suse.com/security/cve/CVE-2026-31480.html * https://www.suse.com/security/cve/CVE-2026-31493.html * https://www.suse.com/security/cve/CVE-2026-3150.html * https://www.suse.com/security/cve/CVE-2026-31516.html * https://www.suse.com/security/cve/CVE-2026-31518.html * https://www.suse.com/security/cve/CVE-2026-31546.html * https://www.suse.com/security/cve/CVE-2026-31590.html * https://www.suse.com/security/cve/CVE-2026-31596.html * https://www.suse.com/security/cve/CVE-2026-31613.html * https://www.suse.com/security/cve/CVE-2026-31614.html * https://www.suse.com/security/cve/CVE-2026-31629.html * https://www.suse.com/security/cve/CVE-2026-31655.html * https://www.suse.com/security/cve/CVE-2026-31671.html * https://www.suse.com/security/cve/CVE-2026-31673.html * https://www.suse.com/security/cve/CVE-2026-31678.html * https://www.suse.com/security/cve/CVE-2026-31703.html * https://www.suse.com/security/cve/CVE-2026-31758.html * https://www.suse.com/security/cve/CVE-2026-31767.html * https://www.suse.com/security/cve/CVE-2026-43013.html * https://www.suse.com/security/cve/CVE-2026-43026.html * https://www.suse.com/security/cve/CVE-2026-43030.html * https://www.suse.com/security/cve/CVE-2026-43040.html * https://www.suse.com/security/cve/CVE-2026-43052.html * https://www.suse.com/security/cve/CVE-2026-43054.html * https://www.suse.com/security/cve/CVE-2026-43059.html *https://www.suse.com/security/cve/CVE-2026-43065.html * https://www.suse.com/security/cve/CVE-2026-43066.html * https://www.suse.com/security/cve/CVE-2026-43068.html * https://www.suse.com/security/cve/CVE-2026-43109.html * https://www.suse.com/security/cve/CVE-2026-43206.html * https://www.suse.com/security/cve/CVE-2026-43234.html * https://www.suse.com/security/cve/CVE-2026-43249.html * https://www.suse.com/security/cve/CVE-2026-43252.html * https://www.suse.com/security/cve/CVE-2026-43261.html * https://www.suse.com/security/cve/CVE-2026-43284.html * https://www.suse.com/security/cve/CVE-2026-43296.html * https://www.suse.com/security/cve/CVE-2026-43325.html * https://www.suse.com/security/cve/CVE-2026-43333.html * https://www.suse.com/security/cve/CVE-2026-43338.html * https://www.suse.com/security/cve/CVE-2026-43341.html * https://www.suse.com/security/cve/CVE-2026-43359.html * https://www.suse.com/security/cve/CVE-2026-43360.html * https://www.suse.com/security/cve/CVE-2026-43361.html * https://www.suse.com/security/cve/CVE-2026-43362.html * https://www.suse.com/security/cve/CVE-2026-43406.html * https://www.suse.com/security/cve/CVE-2026-43407.html * https://www.suse.com/security/cve/CVE-2026-43411.html * https://www.suse.com/security/cve/CVE-2026-43413.html * https://www.suse.com/security/cve/CVE-2026-43414.html * https://www.suse.com/security/cve/CVE-2026-43455.html * https://www.suse.com/security/cve/CVE-2026-43470.html * https://www.suse.com/security/cve/CVE-2026-43483.html * https://www.suse.com/security/cve/CVE-2026-43499.html * https://www.suse.com/security/cve/CVE-2026-43501.html * https://www.suse.com/security/cve/CVE-2026-43503.html * https://www.suse.com/security/cve/CVE-2026-45842.html * https://www.suse.com/security/cve/CVE-2026-45843.html * https://www.suse.com/security/cve/CVE-2026-45846.html * https://www.suse.com/security/cve/CVE-2026-45852.html * https://www.suse.com/security/cve/CVE-2026-45856.html *https://www.suse.com/security/cve/CVE-2026-45878.html * https://www.suse.com/security/cve/CVE-2026-45886.html * https://www.suse.com/security/cve/CVE-2026-45910.html * https://www.suse.com/security/cve/CVE-2026-45932.html * https://www.suse.com/security/cve/CVE-2026-45970.html * https://www.suse.com/security/cve/CVE-2026-45983.html * https://www.suse.com/security/cve/CVE-2026-45984.html * https://www.suse.com/security/cve/CVE-2026-46004.html * https://www.suse.com/security/cve/CVE-2026-46021.html * https://www.suse.com/security/cve/CVE-2026-46024.html * https://www.suse.com/security/cve/CVE-2026-46043.html * https://www.suse.com/security/cve/CVE-2026-46079.html * https://www.suse.com/security/cve/CVE-2026-46083.html * https://www.suse.com/security/cve/CVE-2026-46090.html * https://www.suse.com/security/cve/CVE-2026-46094.html * https://www.suse.com/security/cve/CVE-2026-46110.html * https://www.suse.com/security/cve/CVE-2026-46111.html * https://www.suse.com/security/cve/CVE-2026-46113.html * https://www.suse.com/security/cve/CVE-2026-46114.html * https://www.suse.com/security/cve/CVE-2026-46157.html * https://www.suse.com/security/cve/CVE-2026-46159.html * https://www.suse.com/security/cve/CVE-2026-46176.html * https://www.suse.com/security/cve/CVE-2026-46181.html * https://www.suse.com/security/cve/CVE-2026-46209.html * https://bugzilla.suse.com/show_bug.cgi?id=1248235 * https://bugzilla.suse.com/show_bug.cgi?id=1255416 * https://bugzilla.suse.com/show_bug.cgi?id=1258538 * https://bugzilla.suse.com/show_bug.cgi?id=1260502 * https://bugzilla.suse.com/show_bug.cgi?id=1260584 * https://bugzilla.suse.com/show_bug.cgi?id=1261619 * https://bugzilla.suse.com/show_bug.cgi?id=1261791 * https://bugzilla.suse.com/show_bug.cgi?id=1262606 * https://bugzilla.suse.com/show_bug.cgi?id=1262615 * https://bugzilla.suse.com/show_bug.cgi?id=1262619 * https://bugzilla.suse.com/show_bug.cgi?id=1262622 * https://bugzilla.suse.com/show_bug.cgi?id=1262624 *https://bugzilla.suse.com/show_bug.cgi?id=1262634 * https://bugzilla.suse.com/show_bug.cgi?id=1262649 * https://bugzilla.suse.com/show_bug.cgi?id=1262656 * https://bugzilla.suse.com/show_bug.cgi?id=1262663 * https://bugzilla.suse.com/show_bug.cgi?id=1262668 * https://bugzilla.suse.com/show_bug.cgi?id=1262755 * https://bugzilla.suse.com/show_bug.cgi?id=1263006 * https://bugzilla.suse.com/show_bug.cgi?id=1263068 * https://bugzilla.suse.com/show_bug.cgi?id=1263115 * https://bugzilla.suse.com/show_bug.cgi?id=1263143 * https://bugzilla.suse.com/show_bug.cgi?id=1263152 * https://bugzilla.suse.com/show_bug.cgi?id=1263169 * https://bugzilla.suse.com/show_bug.cgi?id=1263319 * https://bugzilla.suse.com/show_bug.cgi?id=1263562 * https://bugzilla.suse.com/show_bug.cgi?id=1263724 * https://bugzilla.suse.com/show_bug.cgi?id=1263769 * https://bugzilla.suse.com/show_bug.cgi?id=1263774 * https://bugzilla.suse.com/show_bug.cgi?id=1263790 * https://bugzilla.suse.com/show_bug.cgi?id=1263883 * https://bugzilla.suse.com/show_bug.cgi?id=1263932 * https://bugzilla.suse.com/show_bug.cgi?id=1263945 * https://bugzilla.suse.com/show_bug.cgi?id=1264000 * https://bugzilla.suse.com/show_bug.cgi?id=1264011 * https://bugzilla.suse.com/show_bug.cgi?id=1264063 * https://bugzilla.suse.com/show_bug.cgi?id=1264091 * https://bugzilla.suse.com/show_bug.cgi?id=1264093 * https://bugzilla.suse.com/show_bug.cgi?id=1264124 * https://bugzilla.suse.com/show_bug.cgi?id=1264184 * https://bugzilla.suse.com/show_bug.cgi?id=1264243 * https://bugzilla.suse.com/show_bug.cgi?id=1264245 * https://bugzilla.suse.com/show_bug.cgi?id=1264255 * https://bugzilla.suse.com/show_bug.cgi?id=1264300 * https://bugzilla.suse.com/show_bug.cgi?id=1264409 * https://bugzilla.suse.com/show_bug.cgi?id=1264430 * https://bugzilla.suse.com/show_bug.cgi?id=1264449 * https://bugzilla.suse.com/show_bug.cgi?id=1264476 * https://bugzilla.suse.com/show_bug.cgi?id=1264484 *https://bugzilla.suse.com/show_bug.cgi?id=1264551 * https://bugzilla.suse.com/show_bug.cgi?id=1264669 * https://bugzilla.suse.com/show_bug.cgi?id=1264671 * https://bugzilla.suse.com/show_bug.cgi?id=1264672 * https://bugzilla.suse.com/show_bug.cgi?id=1264716 * https://bugzilla.suse.com/show_bug.cgi?id=1264719 * https://bugzilla.suse.com/show_bug.cgi?id=1264720 * https://bugzilla.suse.com/show_bug.cgi?id=1264722 * https://bugzilla.suse.com/show_bug.cgi?id=1264726 * https://bugzilla.suse.com/show_bug.cgi?id=1264765 * https://bugzilla.suse.com/show_bug.cgi?id=1264805 * https://bugzilla.suse.com/show_bug.cgi?id=1264989 * https://bugzilla.suse.com/show_bug.cgi?id=1265020 * https://bugzilla.suse.com/show_bug.cgi?id=1265044 * https://bugzilla.suse.com/show_bug.cgi?id=1265073 * https://bugzilla.suse.com/show_bug.cgi?id=1265110 * https://bugzilla.suse.com/show_bug.cgi?id=1265128 * https://bugzilla.suse.com/show_bug.cgi?id=1265170 * https://bugzilla.suse.com/show_bug.cgi?id=1265240 * https://bugzilla.suse.com/show_bug.cgi?id=1265579 * https://bugzilla.suse.com/show_bug.cgi?id=1265928 * https://bugzilla.suse.com/show_bug.cgi?id=1265960 * https://bugzilla.suse.com/show_bug.cgi?id=1266001 * https://bugzilla.suse.com/show_bug.cgi?id=1266009 * https://bugzilla.suse.com/show_bug.cgi?id=1266214 * https://bugzilla.suse.com/show_bug.cgi?id=1266238 * https://bugzilla.suse.com/show_bug.cgi?id=1266307 * https://bugzilla.suse.com/show_bug.cgi?id=1266394 * https://bugzilla.suse.com/show_bug.cgi?id=1266395 * https://bugzilla.suse.com/show_bug.cgi?id=1266400 * https://bugzilla.suse.com/show_bug.cgi?id=1266402 * https://bugzilla.suse.com/show_bug.cgi?id=1266414 * https://bugzilla.suse.com/show_bug.cgi?id=1266452 * https://bugzilla.suse.com/show_bug.cgi?id=1266696 * https://bugzilla.suse.com/show_bug.cgi?id=1266697 * https://bugzilla.suse.com/show_bug.cgi?id=1266711 * https://bugzilla.suse.com/show_bug.cgi?id=1266720 *https://bugzilla.suse.com/show_bug.cgi?id=1266759 * https://bugzilla.suse.com/show_bug.cgi?id=1266765 * https://bugzilla.suse.com/show_bug.cgi?id=1266767 * https://bugzilla.suse.com/show_bug.cgi?id=1266810 * https://bugzilla.suse.com/show_bug.cgi?id=1266816 * https://bugzilla.suse.com/show_bug.cgi?id=1266826 * https://bugzilla.suse.com/show_bug.cgi?id=1266827 * https://bugzilla.suse.com/show_bug.cgi?id=1266889 * https://bugzilla.suse.com/show_bug.cgi?id=1266901 * https://bugzilla.suse.com/show_bug.cgi?id=1266927 * https://bugzilla.suse.com/show_bug.cgi?id=1266969 * https://bugzilla.suse.com/show_bug.cgi?id=1266972 * https://bugzilla.suse.com/show_bug.cgi?id=1267205 * https://bugzilla.suse.com/show_bug.cgi?id=1267214 * https://bugzilla.suse.com/show_bug.cgi?id=1267218 * https://bugzilla.suse.com/show_bug.cgi?id=1267220 * https://bugzilla.suse.com/show_bug.cgi?id=1267222 * https://bugzilla.suse.com/show_bug.cgi?id=1267531 * https://bugzilla.suse.com/show_bug.cgi?id=1267626 * https://bugzilla.suse.com/show_bug.cgi?id=1267652 * https://bugzilla.suse.com/show_bug.cgi?id=1267663 * https://bugzilla.suse.com/show_bug.cgi?id=1267726 * https://bugzilla.suse.com/show_bug.cgi?id=1267732 . SUSE's latest kernel update addresses 98 vulnerabilities with important fixes. Essential for system security and stability.. SUSE kernel update, Linux security patches, vulnerability fixes, system security. . LinuxSecurity.com Team

Calendar%202 Jun 17, 2026 SuSE
89

Fedora 43 python-python-multipart Security Advisory Update 2026-2cfc16a621

0.0.32 (2026-06-04) Speed up partial-boundary scanning for CR/LF-dense part data. 0.0.31 (2026-06-04) Speed up multipart header parsing and callback dispatch. Bound header field name size before validating.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-2cfc16a621 2026-06-15 01:10:25.755860+00:00 -------------------------------------------------------------------------------- Name : python-python-multipart Product : Fedora 43 Version : 0.0.32 Release : 1.fc43 URL : https://github.com/Kludex/python-multipart Summary : A streaming multipart parser for Python Description : Python-Multipart is a streaming multipart parser for Python. -------------------------------------------------------------------------------- Update Information: 0.0.32 (2026-06-04) Speed up partial-boundary scanning for CR/LF-dense part data. 0.0.31 (2026-06-04) Speed up multipart header parsing and callback dispatch. Bound header field name size before validating. Validate Content-Length is non-negative in parse_form. Fixes security issues GHSA-v9pg-7xvm-68hf, GHSA-5rvq-cxj2-64vf, GHSA-6jv3-5f52-599m, and GHSA-vffw-93wf-4j4q. 0.0.30 (2026-05-31) Parse application/x-www-form-urlencoded bodies per the WHATWG URL standard, treating only & as a field separator. Ignore RFC 2231/5987 extended parameters (name*, filename*) in parse_options_header, keeping the plain parameter authoritative per RFC 7578 §4.2. -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 5 2026 Packit - 0.0.32-1 - Update to 0.0.32 upstream release - Resolves: rhbz#2484846 * Thu Jun 4 2026 Packit - 0.0.31-1 - Update to 0.0.31 upstream release - Resolves: rhbz#2484715 * Mon Jun 1 2026 Packit - 0.0.30-1 - Update to 0.0.30 upstream release - Resolves: rhbz#2483639 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2483639 - python-python-multipart-0.0.30 isavailable https://bugzilla.redhat.com/show_bug.cgi?id=2483639 [ 2 ] Bug #2484715 - python-python-multipart-0.0.31 is available https://bugzilla.redhat.com/show_bug.cgi?id=2484715 [ 3 ] Bug #2484846 - python-python-multipart-0.0.32 is available https://bugzilla.redhat.com/show_bug.cgi?id=2484846 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-2cfc16a621' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Fedora 43 update for python-python-multipart addresses security issues and enhances performance for multipart data parsing.. Fedora 43, Python Multipart, Security Update, Performance Improvements. . LinuxSecurity.com Team

Calendar%202 Jun 14, 2026 Fedora
100

SUSE Linux 16.0 Go1.26 Important Security Fix Advisory 2026-21356-1

An update that solves 10 vulnerabilities and has one fix can now be installed.. # Security update for go1.26 Announcement ID: SUSE-SU-2026:21356-1 Release Date: 2026-04-20T14:07:00Z Rating: important References: * bsc#1255111 * bsc#1261653 * bsc#1261654 * bsc#1261655 * bsc#1261656 * bsc#1261657 * bsc#1261658 * bsc#1261659 * bsc#1261660 * bsc#1261661 * bsc#1261662 Cross-References: * CVE-2026-27140 * CVE-2026-27143 * CVE-2026-27144 * CVE-2026-32280 * CVE-2026-32281 * CVE-2026-32282 * CVE-2026-32283 * CVE-2026-32288 * CVE-2026-32289 * CVE-2026-33810 CVSS scores: * CVE-2026-27140 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-27140 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-27140 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-27143 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-27143 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-27143 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-27144 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2026-27144 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-27144 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-32280 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32280 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32281 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32281 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32281 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32282 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-32282 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-32282 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-32283 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H *CVE-2026-32283 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32283 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32288 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-32288 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-32288 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-32289 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-32289 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-32289 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-33810 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-33810 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-33810 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves 10 vulnerabilities and has one fix can now be installed. ## Description: This update for go1.26 fixes the following issues: * Update to version go1.26.2 (bsc#1255111). * CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG (bsc#1261653). * CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination (bsc#1261654). * CVE-2026-27144: cmd/compile: no-op interface conversion bypasses overlap checking (bsc#1261655). * CVE-2026-32280: crypto/x509: unexpected work during chain building (bsc#1261656). * CVE-2026-32281: crypto/x509: inefficient policy validation (bsc#1261657). * CVE-2026-32282: os: Root.Chmod can follow symlinks out of the root on Linux (bsc#1261658). * CVE-2026-32283: crypto/tls: multiple key update handshake messages can cause connection to deadlock (bsc#1261659). * CVE-2026-32288: archive/tar: unbounded allocation when parsing old format GNU sparse map (bsc#1261660). * CVE-2026-32289: html/template: JS template literalcontext incorrectly tracked (bsc#1261661). * CVE-2026-33810: crypto/x509: excluded DNS constraints not properly applied to wildcard domains (bsc#1261662). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-595=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-595=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * go1.26-race-1.26.2-160000.1.1 * go1.26-1.26.2-160000.1.1 * go1.26-doc-1.26.2-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (x86_64) * go1.26-libstd-debuginfo-1.26.2-160000.1.1 * go1.26-libstd-1.26.2-160000.1.1 * go1.26-debuginfo-1.26.2-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * go1.26-race-1.26.2-160000.1.1 * go1.26-1.26.2-160000.1.1 * go1.26-doc-1.26.2-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 x86_64) * go1.26-libstd-debuginfo-1.26.2-160000.1.1 * go1.26-libstd-1.26.2-160000.1.1 * go1.26-debuginfo-1.26.2-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-27140.html * https://www.suse.com/security/cve/CVE-2026-27143.html * https://www.suse.com/security/cve/CVE-2026-27144.html * https://www.suse.com/security/cve/CVE-2026-32280.html * https://www.suse.com/security/cve/CVE-2026-32281.html * https://www.suse.com/security/cve/CVE-2026-32282.html * https://www.suse.com/security/cve/CVE-2026-32283.html * https://www.suse.com/security/cve/CVE-2026-32288.html * https://www.suse.com/security/cve/CVE-2026-32289.html * https://www.suse.com/security/cve/CVE-2026-33810.html * https://bugzilla.suse.com/show_bug.cgi?id=1255111 * https://bugzilla.suse.com/show_bug.cgi?id=1261653 *https://bugzilla.suse.com/show_bug.cgi?id=1261654 * https://bugzilla.suse.com/show_bug.cgi?id=1261655 * https://bugzilla.suse.com/show_bug.cgi?id=1261656 * https://bugzilla.suse.com/show_bug.cgi?id=1261657 * https://bugzilla.suse.com/show_bug.cgi?id=1261658 * https://bugzilla.suse.com/show_bug.cgi?id=1261659 * https://bugzilla.suse.com/show_bug.cgi?id=1261660 * https://bugzilla.suse.com/show_bug.cgi?id=1261661 * https://bugzilla.suse.com/show_bug.cgi?id=1261662 . Update for go1.26 resolves 10 vulnerabilities with important fixes. Check the details of this significant update now.. SUSE Go Update, Important Security Fixes, Crucial Software Updates, Maintain Linux Security. . LinuxSecurity.com Team

Calendar%202 Apr 28, 2026 SuSE
100

RedHat OS Core 9.0 Vital Kernel Safety Update RHEL-SU-2028-74029-1

An update that solves eight vulnerabilities can now be installed.. # Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21091-1 Release Date: 2026-04-09T13:21:21Z Rating: important References: * bsc#1252036 * bsc#1252689 * bsc#1253404 * bsc#1256780 * bsc#1257238 * bsc#1258051 * bsc#1258183 * bsc#1258784 Cross-References: * CVE-2025-39973 * CVE-2025-40018 * CVE-2025-40159 * CVE-2025-71120 * CVE-2026-22999 * CVE-2026-23074 * CVE-2026-23111 * CVE-2026-23209 CVSS scores: * CVE-2025-39973 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39973 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40018 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40018 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40159 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40159 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71120 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-71120 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71120 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-22999 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-22999 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-22999 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23074 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23074 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23074 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23074 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23111 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23111 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23111 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23111 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23209 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves eight vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-25.1 fixes various security issues The following security issues were fixed: * CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036). * CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689). * CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404). * CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780). * CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238). * CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051). * CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183). * CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-339=1 ## Package List: * SUSE Linux Micro 6.0(x86_64) * kernel-livepatch-6_4_0-25-rt-debuginfo-17-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_5-debugsource-17-1.1 * kernel-livepatch-6_4_0-25-rt-17-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39973.html * https://www.suse.com/security/cve/CVE-2025-40018.html * https://www.suse.com/security/cve/CVE-2025-40159.html * https://www.suse.com/security/cve/CVE-2025-71120.html * https://www.suse.com/security/cve/CVE-2026-22999.html * https://www.suse.com/security/cve/CVE-2026-23074.html * https://www.suse.com/security/cve/CVE-2026-23111.html * https://www.suse.com/security/cve/CVE-2026-23209.html * https://bugzilla.suse.com/show_bug.cgi?id=1252036 * https://bugzilla.suse.com/show_bug.cgi?id=1252689 * https://bugzilla.suse.com/show_bug.cgi?id=1253404 * https://bugzilla.suse.com/show_bug.cgi?id=1256780 * https://bugzilla.suse.com/show_bug.cgi?id=1257238 * https://bugzilla.suse.com/show_bug.cgi?id=1258051 * https://bugzilla.suse.com/show_bug.cgi?id=1258183 * https://bugzilla.suse.com/show_bug.cgi?id=1258784 . Eight vulnerabilities addressed in important SUSE Linux Micro 6.0 kernel update enhancing system security.. SUSE Linux Micro, kernel RT, security fixes, important update. . LinuxSecurity.com Team

Calendar%202 Apr 13, 2026 SuSE
100

SUSE Linux Enterprise 16 Kernel Important Security Patch 2026-21020-1

An update that solves five vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21020-1 Release Date: 2026-04-10T08:13:56Z Rating: important References: * bsc#1256780 * bsc#1257238 * bsc#1258051 * bsc#1258183 * bsc#1258784 Cross-References: * CVE-2025-71120 * CVE-2026-22999 * CVE-2026-23074 * CVE-2026-23111 * CVE-2026-23209 CVSS scores: * CVE-2025-71120 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-71120 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71120 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-22999 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-22999 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-22999 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23074 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23074 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23074 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23074 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23111 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23111 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23111 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23111 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23209 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE LinuxMicro 6.2 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.9.1 fixes various security issues The following security issues were fixed: * CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780). * CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238). * CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051). * CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183). * CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-517=1 ## Package List: * SUSE Linux Micro 6.2 (ppc64le s390x x86_64) * kernel-livepatch-6_12_0-160000_9-default-3-160000.1.1 * kernel-livepatch-6_12_0-160000_9-default-debuginfo-3-160000.1.1 * kernel-livepatch-SLE16_Update_4-debugsource-3-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-71120.html * https://www.suse.com/security/cve/CVE-2026-22999.html * https://www.suse.com/security/cve/CVE-2026-23074.html * https://www.suse.com/security/cve/CVE-2026-23111.html * https://www.suse.com/security/cve/CVE-2026-23209.html * https://bugzilla.suse.com/show_bug.cgi?id=1256780 * https://bugzilla.suse.com/show_bug.cgi?id=1257238 * https://bugzilla.suse.com/show_bug.cgi?id=1258051 * https://bugzilla.suse.com/show_bug.cgi?id=1258183 * https://bugzilla.suse.com/show_bug.cgi?id=1258784 . Five vulnerabilities fixed in important kernel update for SUSE Linux Enterprise 16; install with update methods.. SUSE Linux KernelUpdate Important Security Fixes. . LinuxSecurity.com Team

Calendar%202 Apr 13, 2026 SuSE
100

SUSE Linux Micro 6.1 Update Guide for SUSE-SU-2026-30845-2 High Salt Fix

An update that solves five vulnerabilities and has one fix can now be installed.. # Security update for salt Announcement ID: SUSE-SU-2026:20825-1 Release Date: 2026-03-24T06:20:35Z Rating: important References: * bsc#1240532 * bsc#1246130 * bsc#1254325 * bsc#1254903 * bsc#1254904 * bsc#1254905 Cross-References: * CVE-2025-13836 * CVE-2025-67 * CVE-2025-67724 * CVE-2025-67725 * CVE-2025-67726 CVSS scores: * CVE-2025-13836 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-13836 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-13836 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-13836 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-67724 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-67724 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2025-67724 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2025-67724 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2025-67725 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-67725 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-67725 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-67726 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-67726 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-67726 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves five vulnerabilities and has one fix can now be installed. ##Description: This update for salt fixes the following issues: * Security issues fixed: * CVE-2025-67724: missing validation of supplied reason phrase (bsc#1254903) * CVE-2025-67725: fix DoS via malicious HTTP request (bsc#1254905) * CVE-2025-67726: fix HTTP header parameter parsing algorithm (bsc#1254904) * Fixed KeyError in postgres module with PostgreSQL 17 (bsc#1254325) * Use internal deb classes instead of external aptsource lib * Improved performance of wheel key.finger call (bsc#1240532) * Improved performance of utils.find_json function (bsc#1246130) * Extend warn_until period to 2027 ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-457=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * salt-3006.0-slfo.1.1_6.1 * python311-salt-3006.0-slfo.1.1_6.1 * salt-minion-3006.0-slfo.1.1_6.1 * salt-transactional-update-3006.0-slfo.1.1_6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-13836.html * https://www.suse.com/security/cve/CVE-2025-67.html * https://www.suse.com/security/cve/CVE-2025-67724.html * https://www.suse.com/security/cve/CVE-2025-67725.html * https://www.suse.com/security/cve/CVE-2025-67726.html * https://bugzilla.suse.com/show_bug.cgi?id=1240532 * https://bugzilla.suse.com/show_bug.cgi?id=1246130 * https://bugzilla.suse.com/show_bug.cgi?id=1254325 * https://bugzilla.suse.com/show_bug.cgi?id=1254903 * https://bugzilla.suse.com/show_bug.cgi?id=1254904 * https://bugzilla.suse.com/show_bug.cgi?id=1254905 . An important update for salt addresses five vulnerabilities; critical fixes and updates for SUSE Linux Micro.. SUSE,Salt,Security Update. . LinuxSecurity.com Team

Calendar%202 Mar 26, 2026 SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is application sandboxing truly safe?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/155-is-application-sandboxing-truly-safe?task=poll.vote&format=json
155
radio
0
[{"id":500,"title":"Malware still escapes container walls.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":501,"title":"Supply chains corrupt trusted packages.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":502,"title":"Convenience consistently compromises strict security.","votes":1,"type":"x","order":3,"pct":100,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200