Explore top 10 tips to secure your open-source projects now. Read More
×An update that solves three vulnerabilities can now be installed.. # Security update for libXfont2 Announcement ID: SUSE-SU-2026:2794-1 Release Date: 2026-07-08T08:08:25Z Rating: important References: * bsc#1269018 * bsc#1269019 * bsc#1269020 Cross-References: * CVE-2026-56001 * CVE-2026-56002 * CVE-2026-56003 CVSS scores: * CVE-2026-56001 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-56001 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-56001 ( NVD ): 8.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-56002 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-56002 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-56002 ( NVD ): 8.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-56003 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-56003 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-56003 ( NVD ): 8.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server forSAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities can now be installed. ## Description: This update for libXfont2 fixes the following issues * CVE-2026-56001: integer overflow in `BitmapScaleBitmaps` can lead to a heap buffer overflow (bsc#1269018). * CVE-2026-56002: insufficient checks in `pcfReadFont` can lead to a heap buffer overflow (bsc#1269019). * CVE-2026-56003: missing bounds check in `ComputeScaledProperties` can lead to a heap buffer overflow (bsc#1269020). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2794=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2794=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2794=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2794=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2794=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2794=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2794=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2794=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2794=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2794=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2794=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64) * libXfont2-devel-2.0.3-150000.3.3.1 * libXfont2-2-debuginfo-2.0.3-150000.3.3.1 * libXfont2-2-2.0.3-150000.3.3.1 * libXfont2-debugsource-2.0.3-150000.3.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64) * libXfont2-devel-2.0.3-150000.3.3.1 * libXfont2-2-debuginfo-2.0.3-150000.3.3.1 * libXfont2-2-2.0.3-150000.3.3.1 * libXfont2-debugsource-2.0.3-150000.3.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x) * libXfont2-devel-2.0.3-150000.3.3.1 * libXfont2-2-debuginfo-2.0.3-150000.3.3.1 * libXfont2-2-2.0.3-150000.3.3.1 * libXfont2-debugsource-2.0.3-150000.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le) * libXfont2-devel-2.0.3-150000.3.3.1 * libXfont2-2-debuginfo-2.0.3-150000.3.3.1 * libXfont2-2-2.0.3-150000.3.3.1 * libXfont2-debugsource-2.0.3-150000.3.3.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x) * libXfont2-devel-2.0.3-150000.3.3.1 * libXfont2-2-debuginfo-2.0.3-150000.3.3.1 * libXfont2-2-2.0.3-150000.3.3.1 * libXfont2-debugsource-2.0.3-150000.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le) * libXfont2-devel-2.0.3-150000.3.3.1 * libXfont2-2-debuginfo-2.0.3-150000.3.3.1 * libXfont2-2-2.0.3-150000.3.3.1 * libXfont2-debugsource-2.0.3-150000.3.3.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x) * libXfont2-devel-2.0.3-150000.3.3.1 * libXfont2-2-debuginfo-2.0.3-150000.3.3.1 * libXfont2-2-2.0.3-150000.3.3.1 * libXfont2-debugsource-2.0.3-150000.3.3.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x) * libXfont2-2-2.0.3-150000.3.3.1 *libXfont2-devel-2.0.3-150000.3.3.1 * libXfont2-2-debuginfo-2.0.3-150000.3.3.1 * libXfont2-debugsource-2.0.3-150000.3.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * libXfont2-devel-2.0.3-150000.3.3.1 * libXfont2-2-debuginfo-2.0.3-150000.3.3.1 * libXfont2-2-2.0.3-150000.3.3.1 * libXfont2-debugsource-2.0.3-150000.3.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) * libXfont2-devel-2.0.3-150000.3.3.1 * libXfont2-2-debuginfo-2.0.3-150000.3.3.1 * libXfont2-2-2.0.3-150000.3.3.1 * libXfont2-debugsource-2.0.3-150000.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le) * libXfont2-2-2.0.3-150000.3.3.1 * libXfont2-devel-2.0.3-150000.3.3.1 * libXfont2-2-debuginfo-2.0.3-150000.3.3.1 * libXfont2-debugsource-2.0.3-150000.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-56001.html * https://www.suse.com/security/cve/CVE-2026-56002.html * https://www.suse.com/security/cve/CVE-2026-56003.html * https://bugzilla.suse.com/show_bug.cgi?id=1269018 * https://bugzilla.suse.com/show_bug.cgi?id=1269019 * https://bugzilla.suse.com/show_bug.cgi?id=1269020 . A significant update for SUSE's libXfont2 addresses important vulnerabilities including buffer overflows. Upgrade recommended.. SUSE security update libXfont2 vulnerabilities patch. . Severity: Important. LinuxSecurity.com Team
New libseccomp packages are available for Slackware 15.0 and -current to fix security issues.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] libseccomp (SSA:2026-183-01) New libseccomp packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/libseccomp-2.6.1-i586-1_slack15.0.txz: Upgraded. This update fixes bugs and security issues: Fix incorrect 64-bit comparison merge that can weaken libseccomp filters. Fix issue where oversized libseccomp filters can trigger a double free. Fix issue where oversized libseccomp filters can trigger a heap corruption. For more information, see: https://github.com/seccomp/libseccomp/security/advisories/GHSA-4q85-33p6-j5g6 https://github.com/seccomp/libseccomp/security/advisories/GHSA-46fr-jh49-xvhx https://github.com/seccomp/libseccomp/security/advisories/GHSA-2hqh-5c36-grrm` (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/libseccomp-2.6.1-i586-1_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/libseccomp-2.6.1-x86_64-1_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/libseccomp-2.6.1-i686-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/libseccomp-2.6.1-x86_64-1.txz MD5 signatures: +-------------+ Slackware 15.0 package: 37a30736d5a65b7eb6ccd2d3a07698a2 libseccomp-2.6.1-i586-1_slack15.0.txz Slackware x86_64 15.0 package: 4471b94490dacb286ed8e9981dc0d5a3 libseccomp-2.6.1-x86_64-1_slack15.0.txz Slackware -current package: a8205069188a1b2337c1f87547ee42bd l/libseccomp-2.6.1-i686-1.txz Slackware x86_64 -current package: 0df95887fdc12f17c64e33d2c3b56fdc l/libseccomp-2.6.1-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg libseccomp-2.6.1-i586-1_slack15.0.txz +-----+ . Slackware updates libseccomp to enhance security by resolving filter weaknesses, heap corruption, and double free issues.. libseccomp update, Slackware security, heap corruption fix, double free issue, security advisories. . Severity: Important. LinuxSecurity.com Team
It was found that jq, a lightweight and flexible command-line JSON parser, was vulnerable to multiple memory corruption attacks, which could lead to application crashes, denial-of-service conditions, and potentially arbitrary code execution through heap corruption when parsing untrusted input. For Debian 11 bullseye, these problems have been fixed in version. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4661-1
Paul Johnson discovered that libhtml-parser-perl, a collection of modules that parse HTML text documents, read freed heap memory in _decode_entities(). For Debian 11 bullseye, this problem has been fixed in version 3.75-1+deb11u1.. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4655-1
An update that solves 13 vulnerabilities can now be installed.. # Security update for openssl-3 Announcement ID: SUSE-SU-2026:2648-1 Release Date: 2026-06-26T11:06:46Z Rating: important References: * bsc#1266340 * bsc#1266341 * bsc#1266342 * bsc#1266343 * bsc#1266345 * bsc#1266349 * bsc#1266350 * bsc#1266351 * bsc#1266352 * bsc#1266353 * bsc#1266355 * bsc#1266356 * bsc#1266357 Cross-References: * CVE-2026-34180 * CVE-2026-34181 * CVE-2026-34183 * CVE-2026-42766 * CVE-2026-42767 * CVE-2026-42768 * CVE-2026-42769 * CVE-2026-42770 * CVE-2026-45445 * CVE-2026-45446 * CVE-2026-45447 * CVE-2026-7383 * CVE-2026-9076 CVSS scores: * CVE-2026-34180 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-34180 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-34180 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34181 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-34181 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2026-34181 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-34183 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34183 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34183 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42766 ( SUSE ): 6.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-42766 ( SUSE ): 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H * CVE-2026-42766 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42767 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-42767 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42767 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42768 ( SUSE ): 5.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-42768 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N * CVE-2026-42768 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-42769 ( SUSE ): 7.4 CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-42769 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2026-42769 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-42770 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-42770 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N * CVE-2026-42770 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-45445 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-45445 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-45445 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-45446 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-45446 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-45446 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-45447 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45447 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45447 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-7383 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-7383 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-7383 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-9076 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-9076 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-9076 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H AffectedProducts: * Basesystem Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves 13 vulnerabilities can now be installed. ## Description: This update for openssl-3 fixes the following issues * CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion (bsc#1266340). * CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption (bsc#1266341). * CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing (bsc#1266342). * CVE-2026-34181: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys (bsc#1266343). * CVE-2026-34183: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler (bsc#1266345). * CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption (bsc#1266349). * CVE-2026-42767: NULL Pointer Dereference in CRMF EncryptedValue Decryption (bsc#1266350). * CVE-2026-42768: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() (bsc#1266351). * CVE-2026-42769: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate (bsc#1266352). * CVE-2026-42770: FFC-DH Peer Validation Uses Attacker-Supplied q (bsc#1266353). * CVE-2026-45445: AES-OCB IV Ignored on EVP_Cipher() Path (bsc#1266355). * CVE-2026-45446: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes (bsc#1266356). * CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2648=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) *libopenssl-3-fips-provider-3.2.3-150700.5.36.1 * openssl-3-debugsource-3.2.3-150700.5.36.1 * libopenssl3-debuginfo-3.2.3-150700.5.36.1 * libopenssl-3-devel-3.2.3-150700.5.36.1 * libopenssl3-3.2.3-150700.5.36.1 * openssl-3-debuginfo-3.2.3-150700.5.36.1 * libopenssl-3-fips-provider-debuginfo-3.2.3-150700.5.36.1 * openssl-3-3.2.3-150700.5.36.1 * Basesystem Module 15-SP7 (x86_64) * libopenssl3-32bit-debuginfo-3.2.3-150700.5.36.1 * libopenssl-3-fips-provider-32bit-debuginfo-3.2.3-150700.5.36.1 * libopenssl3-32bit-3.2.3-150700.5.36.1 * libopenssl-3-fips-provider-32bit-3.2.3-150700.5.36.1 ## References: * https://www.suse.com/security/cve/CVE-2026-34180.html * https://www.suse.com/security/cve/CVE-2026-34181.html * https://www.suse.com/security/cve/CVE-2026-34183.html * https://www.suse.com/security/cve/CVE-2026-42766.html * https://www.suse.com/security/cve/CVE-2026-42767.html * https://www.suse.com/security/cve/CVE-2026-42768.html * https://www.suse.com/security/cve/CVE-2026-42769.html * https://www.suse.com/security/cve/CVE-2026-42770.html * https://www.suse.com/security/cve/CVE-2026-45445.html * https://www.suse.com/security/cve/CVE-2026-45446.html * https://www.suse.com/security/cve/CVE-2026-45447.html * https://www.suse.com/security/cve/CVE-2026-7383.html * https://www.suse.com/security/cve/CVE-2026-9076.html * https://bugzilla.suse.com/show_bug.cgi?id=1266340 * https://bugzilla.suse.com/show_bug.cgi?id=1266341 * https://bugzilla.suse.com/show_bug.cgi?id=1266342 * https://bugzilla.suse.com/show_bug.cgi?id=1266343 * https://bugzilla.suse.com/show_bug.cgi?id=1266345 * https://bugzilla.suse.com/show_bug.cgi?id=1266349 * https://bugzilla.suse.com/show_bug.cgi?id=1266350 * https://bugzilla.suse.com/show_bug.cgi?id=1266351 * https://bugzilla.suse.com/show_bug.cgi?id=1266352 * https://bugzilla.suse.com/show_bug.cgi?id=1266353 * https://bugzilla.suse.com/show_bug.cgi?id=1266355 *https://bugzilla.suse.com/show_bug.cgi?id=1266356 * https://bugzilla.suse.com/show_bug.cgi?id=1266357 . This security advisory for SUSE highlights an important update for openssl-3, addressing multiple vulnerabilities.. SUSE updates, OpenSSL security, Linux patching, important updates, SUSE advisories. . Severity: Important. LinuxSecurity.com Team
An update that solves six vulnerabilities and has one security fix can now be installed.. # Security update for qemu Announcement ID: SUSE-SU-2026:2386-1 Release Date: 2026-06-12T13:54:10Z Rating: important References: * bsc#1199023 * bsc#1255400 * bsc#1256484 * bsc#1258509 * bsc#1259079 * bsc#1259080 * bsc#1262089 Cross-References: * CVE-2025-14876 * CVE-2026-0665 * CVE-2026-2243 * CVE-2026-3195 * CVE-2026-3196 * CVE-2026-3842 CVSS scores: * CVE-2025-14876 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-14876 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-14876 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-0665 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-0665 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-0665 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2026-2243 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-2243 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2026-2243 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-3195 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:H/SI:H/SA:H * CVE-2026-3195 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-3196 ( SUSE ): 8.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2026-3196 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2026-3842 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-3842 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves six vulnerabilities andhas one security fix can now be installed. ## Description: This update for qemu fixes the following issues: * CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto (bsc#1255400). * CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption (bsc#1256484). * CVE-2026-2243: incorrect bounds check leads to heap out-of-bounds read and a 12-byte information leak when processing specially crafted VMDK files (bsc#1258509). * CVE-2026-3195: heap buffer overflow when reading input audio in the virtio- snd device input callback due to insufficient checks in `virtio_snd_pcm_in_cb` (bsc#1259080). * CVE-2026-3196: integer overflow in the virtio-snd device via PCM_INFO requests from the guest leads to unbounded memory allocation and host denial-of-service (bsc#1259079). * CVE-2026-3842: hyperv/syndbg: missing mapped-length guard after cpu_physical_memory_map causes host OOB write (bsc#1262089). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2386=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2386=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2386=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * qemu-extra-debuginfo-8.2.10-150600.3.49.1 * qemu-hw-usb-redirect-8.2.10-150600.3.49.1 * qemu-ui-spice-app-debuginfo-8.2.10-150600.3.49.1 * qemu-audio-pa-debuginfo-8.2.10-150600.3.49.1 * qemu-vhost-user-gpu-debuginfo-8.2.10-150600.3.49.1 * qemu-tools-8.2.10-150600.3.49.1 * qemu-ui-curses-debuginfo-8.2.10-150600.3.49.1 * qemu-audio-dbus-8.2.10-150600.3.49.1 * qemu-chardev-spice-debuginfo-8.2.10-150600.3.49.1 * qemu-guest-agent-8.2.10-150600.3.49.1 * qemu-debugsource-8.2.10-150600.3.49.1 * qemu-ksm-8.2.10-150600.3.49.1 * qemu-accel-qtest-8.2.10-150600.3.49.1 * qemu-linux-user-debugsource-8.2.10-150600.3.49.1 * qemu-audio-pipewire-8.2.10-150600.3.49.1 * qemu-block-ssh-8.2.10-150600.3.49.1 * qemu-hw-display-virtio-gpu-pci-8.2.10-150600.3.49.1 * qemu-chardev-spice-8.2.10-150600.3.49.1 * qemu-arm-8.2.10-150600.3.49.1 * qemu-ivshmem-tools-8.2.10-150600.3.49.1 * qemu-block-gluster-debuginfo-8.2.10-150600.3.49.1 * qemu-s390x-8.2.10-150600.3.49.1 * qemu-block-gluster-8.2.10-150600.3.49.1 * qemu-audio-alsa-debuginfo-8.2.10-150600.3.49.1 * qemu-ui-opengl-8.2.10-150600.3.49.1 * qemu-hw-usb-smartcard-debuginfo-8.2.10-150600.3.49.1 * qemu-vhost-user-gpu-8.2.10-150600.3.49.1 * qemu-spice-8.2.10-150600.3.49.1 * qemu-tools-debuginfo-8.2.10-150600.3.49.1 * qemu-block-nfs-debuginfo-8.2.10-150600.3.49.1 * qemu-ui-opengl-debuginfo-8.2.10-150600.3.49.1 * qemu-pr-helper-8.2.10-150600.3.49.1 * qemu-ui-spice-core-debuginfo-8.2.10-150600.3.49.1 * qemu-ppc-8.2.10-150600.3.49.1 * qemu-img-8.2.10-150600.3.49.1 * qemu-guest-agent-debuginfo-8.2.10-150600.3.49.1 * qemu-ui-spice-app-8.2.10-150600.3.49.1 * qemu-audio-pipewire-debuginfo-8.2.10-150600.3.49.1 * qemu-linux-user-8.2.10-150600.3.49.1 * qemu-s390x-debuginfo-8.2.10-150600.3.49.1 * qemu-img-debuginfo-8.2.10-150600.3.49.1 * qemu-hw-display-qxl-8.2.10-150600.3.49.1 * qemu-block-iscsi-debuginfo-8.2.10-150600.3.49.1 * qemu-block-ssh-debuginfo-8.2.10-150600.3.49.1 * qemu-8.2.10-150600.3.49.1 * qemu-hw-usb-redirect-debuginfo-8.2.10-150600.3.49.1 * qemu-ui-gtk-8.2.10-150600.3.49.1 * qemu-hw-display-virtio-vga-debuginfo-8.2.10-150600.3.49.1 * qemu-ui-gtk-debuginfo-8.2.10-150600.3.49.1 * qemu-audio-oss-8.2.10-150600.3.49.1 * qemu-x86-debuginfo-8.2.10-150600.3.49.1 * qemu-hw-usb-smartcard-8.2.10-150600.3.49.1 *qemu-block-nfs-8.2.10-150600.3.49.1 * qemu-debuginfo-8.2.10-150600.3.49.1 * qemu-hw-display-qxl-debuginfo-8.2.10-150600.3.49.1 * qemu-block-dmg-8.2.10-150600.3.49.1 * qemu-x86-8.2.10-150600.3.49.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-8.2.10-150600.3.49.1 * qemu-audio-alsa-8.2.10-150600.3.49.1 * qemu-audio-pa-8.2.10-150600.3.49.1 * qemu-accel-qtest-debuginfo-8.2.10-150600.3.49.1 * qemu-ui-curses-8.2.10-150600.3.49.1 * qemu-block-curl-8.2.10-150600.3.49.1 * qemu-pr-helper-debuginfo-8.2.10-150600.3.49.1 * qemu-audio-oss-debuginfo-8.2.10-150600.3.49.1 * qemu-ivshmem-tools-debuginfo-8.2.10-150600.3.49.1 * qemu-block-curl-debuginfo-8.2.10-150600.3.49.1 * qemu-hw-usb-host-8.2.10-150600.3.49.1 * qemu-ppc-debuginfo-8.2.10-150600.3.49.1 * qemu-hw-display-virtio-gpu-debuginfo-8.2.10-150600.3.49.1 * qemu-ui-spice-core-8.2.10-150600.3.49.1 * qemu-audio-dbus-debuginfo-8.2.10-150600.3.49.1 * qemu-block-dmg-debuginfo-8.2.10-150600.3.49.1 * qemu-extra-8.2.10-150600.3.49.1 * qemu-audio-spice-8.2.10-150600.3.49.1 * qemu-hw-usb-host-debuginfo-8.2.10-150600.3.49.1 * qemu-headless-8.2.10-150600.3.49.1 * qemu-ui-dbus-8.2.10-150600.3.49.1 * qemu-accel-tcg-x86-8.2.10-150600.3.49.1 * qemu-audio-spice-debuginfo-8.2.10-150600.3.49.1 * qemu-audio-jack-debuginfo-8.2.10-150600.3.49.1 * qemu-ui-dbus-debuginfo-8.2.10-150600.3.49.1 * qemu-hw-display-virtio-gpu-8.2.10-150600.3.49.1 * qemu-chardev-baum-debuginfo-8.2.10-150600.3.49.1 * qemu-accel-tcg-x86-debuginfo-8.2.10-150600.3.49.1 * qemu-hw-display-virtio-vga-8.2.10-150600.3.49.1 * qemu-block-iscsi-8.2.10-150600.3.49.1 * qemu-hw-s390x-virtio-gpu-ccw-8.2.10-150600.3.49.1 * qemu-chardev-baum-8.2.10-150600.3.49.1 * qemu-audio-jack-8.2.10-150600.3.49.1 * qemu-linux-user-debuginfo-8.2.10-150600.3.49.1 * qemu-arm-debuginfo-8.2.10-150600.3.49.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-8.2.10-150600.3.49.1 * openSUSE Leap 15.6 (noarch) * qemu-skiboot-8.2.10-150600.3.49.1 * qemu-vgabios-8.2.101.16.3_3_ga95067eb-150600.3.49.1 * qemu-SLOF-8.2.10-150600.3.49.1 * qemu-ipxe-8.2.10-150600.3.49.1 * qemu-microvm-8.2.10-150600.3.49.1 * qemu-seabios-8.2.101.16.3_3_ga95067eb-150600.3.49.1 * qemu-doc-8.2.10-150600.3.49.1 * qemu-lang-8.2.10-150600.3.49.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * qemu-block-rbd-8.2.10-150600.3.49.1 * qemu-block-rbd-debuginfo-8.2.10-150600.3.49.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * qemu-ui-spice-core-8.2.10-150600.3.49.1 * qemu-ui-opengl-8.2.10-150600.3.49.1 * qemu-hw-usb-redirect-8.2.10-150600.3.49.1 * qemu-block-rbd-debuginfo-8.2.10-150600.3.49.1 * qemu-audio-dbus-debuginfo-8.2.10-150600.3.49.1 * qemu-block-nfs-8.2.10-150600.3.49.1 * qemu-debuginfo-8.2.10-150600.3.49.1 * qemu-audio-spice-8.2.10-150600.3.49.1 * qemu-spice-8.2.10-150600.3.49.1 * qemu-hw-usb-host-debuginfo-8.2.10-150600.3.49.1 * qemu-headless-8.2.10-150600.3.49.1 * qemu-tools-8.2.10-150600.3.49.1 * qemu-ui-curses-debuginfo-8.2.10-150600.3.49.1 * qemu-tools-debuginfo-8.2.10-150600.3.49.1 * qemu-ui-dbus-8.2.10-150600.3.49.1 * qemu-hw-display-qxl-debuginfo-8.2.10-150600.3.49.1 * qemu-audio-dbus-8.2.10-150600.3.49.1 * qemu-ui-opengl-debuginfo-8.2.10-150600.3.49.1 * qemu-audio-spice-debuginfo-8.2.10-150600.3.49.1 * qemu-guest-agent-8.2.10-150600.3.49.1 * qemu-chardev-spice-debuginfo-8.2.10-150600.3.49.1 * qemu-block-nfs-debuginfo-8.2.10-150600.3.49.1 * qemu-pr-helper-8.2.10-150600.3.49.1 * qemu-debugsource-8.2.10-150600.3.49.1 * qemu-ksm-8.2.10-150600.3.49.1 * qemu-ui-dbus-debuginfo-8.2.10-150600.3.49.1 * qemu-ui-spice-core-debuginfo-8.2.10-150600.3.49.1 * qemu-img-8.2.10-150600.3.49.1 * qemu-guest-agent-debuginfo-8.2.10-150600.3.49.1 * qemu-ui-curses-8.2.10-150600.3.49.1 * qemu-audio-pipewire-8.2.10-150600.3.49.1 *qemu-audio-pipewire-debuginfo-8.2.10-150600.3.49.1 * qemu-block-curl-8.2.10-150600.3.49.1 * qemu-pr-helper-debuginfo-8.2.10-150600.3.49.1 * qemu-block-ssh-8.2.10-150600.3.49.1 * qemu-chardev-baum-debuginfo-8.2.10-150600.3.49.1 * qemu-hw-display-qxl-8.2.10-150600.3.49.1 * qemu-img-debuginfo-8.2.10-150600.3.49.1 * qemu-block-ssh-debuginfo-8.2.10-150600.3.49.1 * qemu-8.2.10-150600.3.49.1 * qemu-hw-display-virtio-vga-8.2.10-150600.3.49.1 * qemu-hw-usb-redirect-debuginfo-8.2.10-150600.3.49.1 * qemu-block-iscsi-8.2.10-150600.3.49.1 * qemu-hw-display-virtio-vga-debuginfo-8.2.10-150600.3.49.1 * qemu-block-iscsi-debuginfo-8.2.10-150600.3.49.1 * qemu-chardev-baum-8.2.10-150600.3.49.1 * qemu-block-curl-debuginfo-8.2.10-150600.3.49.1 * qemu-hw-usb-host-8.2.10-150600.3.49.1 * qemu-chardev-spice-8.2.10-150600.3.49.1 * qemu-block-rbd-8.2.10-150600.3.49.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * qemu-skiboot-8.2.10-150600.3.49.1 * qemu-vgabios-8.2.101.16.3_3_ga95067eb-150600.3.49.1 * qemu-SLOF-8.2.10-150600.3.49.1 * qemu-ipxe-8.2.10-150600.3.49.1 * qemu-seabios-8.2.101.16.3_3_ga95067eb-150600.3.49.1 * qemu-lang-8.2.10-150600.3.49.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le x86_64) * qemu-ui-spice-app-8.2.10-150600.3.49.1 * qemu-ui-gtk-debuginfo-8.2.10-150600.3.49.1 * qemu-ui-spice-app-debuginfo-8.2.10-150600.3.49.1 * qemu-ui-gtk-8.2.10-150600.3.49.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64) * qemu-arm-debuginfo-8.2.10-150600.3.49.1 * qemu-arm-8.2.10-150600.3.49.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (s390x x86_64) * qemu-hw-display-virtio-gpu-pci-8.2.10-150600.3.49.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-8.2.10-150600.3.49.1 * qemu-hw-display-virtio-gpu-debuginfo-8.2.10-150600.3.49.1 * qemu-hw-display-virtio-gpu-8.2.10-150600.3.49.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (ppc64le) * qemu-ppc-debuginfo-8.2.10-150600.3.49.1 * qemu-ppc-8.2.10-150600.3.49.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (s390x) * qemu-s390x-8.2.10-150600.3.49.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-8.2.10-150600.3.49.1 * qemu-hw-s390x-virtio-gpu-ccw-8.2.10-150600.3.49.1 * qemu-s390x-debuginfo-8.2.10-150600.3.49.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (x86_64) * qemu-audio-pa-8.2.10-150600.3.49.1 * qemu-audio-alsa-debuginfo-8.2.10-150600.3.49.1 * qemu-accel-tcg-x86-8.2.10-150600.3.49.1 * qemu-audio-pa-debuginfo-8.2.10-150600.3.49.1 * qemu-x86-debuginfo-8.2.10-150600.3.49.1 * qemu-x86-8.2.10-150600.3.49.1 * qemu-accel-tcg-x86-debuginfo-8.2.10-150600.3.49.1 * qemu-audio-alsa-8.2.10-150600.3.49.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * qemu-ui-spice-core-8.2.10-150600.3.49.1 * qemu-ui-opengl-8.2.10-150600.3.49.1 * qemu-hw-usb-redirect-8.2.10-150600.3.49.1 * qemu-audio-dbus-debuginfo-8.2.10-150600.3.49.1 * qemu-block-rbd-debuginfo-8.2.10-150600.3.49.1 * qemu-ui-spice-app-debuginfo-8.2.10-150600.3.49.1 * qemu-block-nfs-8.2.10-150600.3.49.1 * qemu-debuginfo-8.2.10-150600.3.49.1 * qemu-audio-spice-8.2.10-150600.3.49.1 * qemu-spice-8.2.10-150600.3.49.1 * qemu-hw-usb-host-debuginfo-8.2.10-150600.3.49.1 * qemu-headless-8.2.10-150600.3.49.1 * qemu-tools-8.2.10-150600.3.49.1 * qemu-ui-curses-debuginfo-8.2.10-150600.3.49.1 * qemu-tools-debuginfo-8.2.10-150600.3.49.1 * qemu-ui-dbus-8.2.10-150600.3.49.1 * qemu-hw-display-qxl-debuginfo-8.2.10-150600.3.49.1 * qemu-audio-dbus-8.2.10-150600.3.49.1 * qemu-block-nfs-debuginfo-8.2.10-150600.3.49.1 * qemu-audio-spice-debuginfo-8.2.10-150600.3.49.1 * qemu-chardev-spice-debuginfo-8.2.10-150600.3.49.1 * qemu-guest-agent-8.2.10-150600.3.49.1 * qemu-ui-opengl-debuginfo-8.2.10-150600.3.49.1 * qemu-pr-helper-8.2.10-150600.3.49.1 * qemu-debugsource-8.2.10-150600.3.49.1 * qemu-ksm-8.2.10-150600.3.49.1 *qemu-ui-dbus-debuginfo-8.2.10-150600.3.49.1 * qemu-ui-spice-core-debuginfo-8.2.10-150600.3.49.1 * qemu-img-8.2.10-150600.3.49.1 * qemu-guest-agent-debuginfo-8.2.10-150600.3.49.1 * qemu-ui-curses-8.2.10-150600.3.49.1 * qemu-ui-spice-app-8.2.10-150600.3.49.1 * qemu-audio-pipewire-8.2.10-150600.3.49.1 * qemu-audio-pipewire-debuginfo-8.2.10-150600.3.49.1 * qemu-block-curl-8.2.10-150600.3.49.1 * qemu-pr-helper-debuginfo-8.2.10-150600.3.49.1 * qemu-block-ssh-8.2.10-150600.3.49.1 * qemu-chardev-baum-debuginfo-8.2.10-150600.3.49.1 * qemu-hw-display-qxl-8.2.10-150600.3.49.1 * qemu-block-iscsi-debuginfo-8.2.10-150600.3.49.1 * qemu-block-ssh-debuginfo-8.2.10-150600.3.49.1 * qemu-8.2.10-150600.3.49.1 * qemu-hw-display-virtio-vga-8.2.10-150600.3.49.1 * qemu-block-iscsi-8.2.10-150600.3.49.1 * qemu-hw-usb-redirect-debuginfo-8.2.10-150600.3.49.1 * qemu-hw-display-virtio-vga-debuginfo-8.2.10-150600.3.49.1 * qemu-img-debuginfo-8.2.10-150600.3.49.1 * qemu-block-curl-debuginfo-8.2.10-150600.3.49.1 * qemu-chardev-baum-8.2.10-150600.3.49.1 * qemu-ui-gtk-8.2.10-150600.3.49.1 * qemu-hw-usb-host-8.2.10-150600.3.49.1 * qemu-chardev-spice-8.2.10-150600.3.49.1 * qemu-ui-gtk-debuginfo-8.2.10-150600.3.49.1 * qemu-block-rbd-8.2.10-150600.3.49.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * qemu-skiboot-8.2.10-150600.3.49.1 * qemu-vgabios-8.2.101.16.3_3_ga95067eb-150600.3.49.1 * qemu-SLOF-8.2.10-150600.3.49.1 * qemu-ipxe-8.2.10-150600.3.49.1 * qemu-seabios-8.2.101.16.3_3_ga95067eb-150600.3.49.1 * qemu-lang-8.2.10-150600.3.49.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le) * qemu-ppc-debuginfo-8.2.10-150600.3.49.1 * qemu-ppc-8.2.10-150600.3.49.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64) * qemu-audio-pa-8.2.10-150600.3.49.1 * qemu-hw-display-virtio-gpu-pci-8.2.10-150600.3.49.1 *qemu-audio-alsa-debuginfo-8.2.10-150600.3.49.1 * qemu-accel-tcg-x86-8.2.10-150600.3.49.1 * qemu-audio-pa-debuginfo-8.2.10-150600.3.49.1 * qemu-hw-display-virtio-gpu-debuginfo-8.2.10-150600.3.49.1 * qemu-x86-debuginfo-8.2.10-150600.3.49.1 * qemu-hw-display-virtio-gpu-8.2.10-150600.3.49.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-8.2.10-150600.3.49.1 * qemu-x86-8.2.10-150600.3.49.1 * qemu-accel-tcg-x86-debuginfo-8.2.10-150600.3.49.1 * qemu-audio-alsa-8.2.10-150600.3.49.1 ## References: * https://www.suse.com/security/cve/CVE-2025-14876.html * https://www.suse.com/security/cve/CVE-2026-0665.html * https://www.suse.com/security/cve/CVE-2026-2243.html * https://www.suse.com/security/cve/CVE-2026-3195.html * https://www.suse.com/security/cve/CVE-2026-3196.html * https://www.suse.com/security/cve/CVE-2026-3842.html * https://bugzilla.suse.com/show_bug.cgi?id=1199023 * https://bugzilla.suse.com/show_bug.cgi?id=1255400 * https://bugzilla.suse.com/show_bug.cgi?id=1256484 * https://bugzilla.suse.com/show_bug.cgi?id=1258509 * https://bugzilla.suse.com/show_bug.cgi?id=1259079 * https://bugzilla.suse.com/show_bug.cgi?id=1259080 * https://bugzilla.suse.com/show_bug.cgi?id=1262089 . A security update for qemu addresses six security issues in openSUSE, ensuring system integrity and stability.. SUSE security updates,qemu vulnerabilities,openSUSE advisory. . Severity: Important. LinuxSecurity.com Team
An update that solves one vulnerability and has one bug fix can now be installed.. openSUSE security update: security update for busybox ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20883-1 Rating: important References: * bsc#1263989 Cross-References: * CVE-2026-29004 CVSS scores: * CVE-2026-29004 ( SUSE ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2026-29004 ( SUSE ): 7.2 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability and has one bug fix can now be installed. Description: This update for busybox fixes the following issue - CVE-2026-29004: a crafted DHCPv6 response can lead to a heap buffer overflow in the DHCPv6 client (bsc#1263989). Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-876=1 Package List: - openSUSE Leap 16.0: busybox-1.37.0-160000.6.1 busybox-static-1.37.0-160000.6.1 busybox-warewulf3-1.37.0-160000.6.1 References: * https://www.suse.com/security/cve/CVE-2026-29004.html . Critical update for openSUSE Leap 16.0 solves a buffer overflow in busybox DHCP client. Immediate patching recommended.. openSUSE Leap 16.0 busybox patch buffer overflow. . Severity: Important. LinuxSecurity.com Team
An update that solves six vulnerabilities can now be installed.. # Security update for qemu Announcement ID: SUSE-SU-2026:21912-1 Release Date: 2026-05-28T15:31:35Z Rating: important References: * bsc#1255400 * bsc#1256484 * bsc#1258509 * bsc#1259079 * bsc#1259080 * bsc#1262089 Cross-References: * CVE-2025-14876 * CVE-2026-0665 * CVE-2026-2243 * CVE-2026-3195 * CVE-2026-3196 * CVE-2026-3842 CVSS scores: * CVE-2025-14876 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-14876 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-14876 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-0665 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-0665 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-0665 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2026-2243 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-2243 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2026-2243 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-3195 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:H/SI:H/SA:H * CVE-2026-3195 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-3196 ( SUSE ): 8.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2026-3196 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2026-3842 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-3842 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for qemu fixes the following issues * CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto (bsc#1255400). *CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption (bsc#1256484). * CVE-2026-2243: incorrect bounds check leads to heap out-of-bounds read and a 12-byte information leak when processing specially crafted VMDK files (bsc#1258509). * CVE-2026-3195: heap buffer overflow when reading input audio in the virtio- snd device input callback due to insufficient checks in `virtio_snd_pcm_in_cb` (bsc#1259080). * CVE-2026-3196: integer overflow in the virtio-snd device via PCM_INFO requests from the guest leads to unbounded memory allocation and host denial-of-service (bsc#1259079). * CVE-2026-3842: hyperv/syndbg: missing mapped-length guard after cpu_physical_memory_map causes host OOB write (bsc#1262089). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-731=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * qemu-hw-usb-redirect-8.2.10-3.1 * qemu-ksm-8.2.10-3.1 * qemu-hw-display-qxl-8.2.10-3.1 * qemu-debuginfo-8.2.10-3.1 * qemu-hw-display-virtio-gpu-debuginfo-8.2.10-3.1 * qemu-ui-opengl-debuginfo-8.2.10-3.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-8.2.10-3.1 * qemu-hw-usb-host-8.2.10-3.1 * qemu-guest-agent-8.2.10-3.1 * qemu-block-rbd-debuginfo-8.2.10-3.1 * qemu-ui-spice-core-8.2.10-3.1 * qemu-block-curl-debuginfo-8.2.10-3.1 * qemu-hw-usb-redirect-debuginfo-8.2.10-3.1 * qemu-debugsource-8.2.10-3.1 * qemu-hw-display-virtio-gpu-pci-8.2.10-3.1 * qemu-hw-display-qxl-debuginfo-8.2.10-3.1 * qemu-guest-agent-debuginfo-8.2.10-3.1 * qemu-block-iscsi-8.2.10-3.1 * qemu-tools-8.2.10-3.1 * qemu-hw-display-virtio-vga-debuginfo-8.2.10-3.1 * qemu-audio-spice-debuginfo-8.2.10-3.1 * qemu-block-curl-8.2.10-3.1 *qemu-pr-helper-8.2.10-3.1 * qemu-block-rbd-8.2.10-3.1 * qemu-block-ssh-debuginfo-8.2.10-3.1 * qemu-chardev-spice-8.2.10-3.1 * qemu-chardev-spice-debuginfo-8.2.10-3.1 * qemu-audio-spice-8.2.10-3.1 * qemu-img-8.2.10-3.1 * qemu-hw-display-virtio-gpu-8.2.10-3.1 * qemu-ui-spice-core-debuginfo-8.2.10-3.1 * qemu-img-debuginfo-8.2.10-3.1 * qemu-hw-usb-host-debuginfo-8.2.10-3.1 * qemu-hw-display-virtio-vga-8.2.10-3.1 * qemu-ui-opengl-8.2.10-3.1 * qemu-8.2.10-3.1 * qemu-tools-debuginfo-8.2.10-3.1 * qemu-block-iscsi-debuginfo-8.2.10-3.1 * qemu-pr-helper-debuginfo-8.2.10-3.1 * qemu-block-ssh-8.2.10-3.1 * SUSE Linux Micro 6.0 (aarch64) * qemu-arm-8.2.10-3.1 * qemu-arm-debuginfo-8.2.10-3.1 * SUSE Linux Micro 6.0 (x86_64) * qemu-accel-tcg-x86-debuginfo-8.2.10-3.1 * qemu-x86-debuginfo-8.2.10-3.1 * qemu-accel-tcg-x86-8.2.10-3.1 * qemu-x86-8.2.10-3.1 * SUSE Linux Micro 6.0 (noarch) * qemu-ipxe-8.2.10-3.1 * qemu-lang-8.2.10-3.1 * qemu-seabios-8.2.101.16.3_3_ga95067eb-3.1 * qemu-vgabios-8.2.101.16.3_3_ga95067eb-3.1 * SUSE Linux Micro 6.0 (s390x) * qemu-s390x-debuginfo-8.2.10-3.1 * qemu-s390x-8.2.10-3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-14876.html * https://www.suse.com/security/cve/CVE-2026-0665.html * https://www.suse.com/security/cve/CVE-2026-2243.html * https://www.suse.com/security/cve/CVE-2026-3195.html * https://www.suse.com/security/cve/CVE-2026-3196.html * https://www.suse.com/security/cve/CVE-2026-3842.html * https://bugzilla.suse.com/show_bug.cgi?id=1255400 * https://bugzilla.suse.com/show_bug.cgi?id=1256484 * https://bugzilla.suse.com/show_bug.cgi?id=1258509 * https://bugzilla.suse.com/show_bug.cgi?id=1259079 * https://bugzilla.suse.com/show_bug.cgi?id=1259080 * https://bugzilla.suse.com/show_bug.cgi?id=1262089 . Addressing six crucial issues in qemu for SUSE Linux Micro enhances system integrity and security robustness.. SUSE Linux Micro qemusecurity update important. . Severity: Important. LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.