Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 524
Alerts This Week
Warning Icon 1 524

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 290 articles for you...
100

SUSE Linux Micro 6.0 Kernel RT Important Fix SUSE-SU-2026-21061-1

An update that solves eight vulnerabilities can now be installed.. # Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21061-1 Release Date: 2026-04-09T13:21:21Z Rating: important References: * bsc#1252036 * bsc#1252689 * bsc#1253404 * bsc#1256780 * bsc#1257238 * bsc#1258051 * bsc#1258183 * bsc#1258784 Cross-References: * CVE-2025-39973 * CVE-2025-40018 * CVE-2025-40159 * CVE-2025-71120 * CVE-2026-22999 * CVE-2026-23074 * CVE-2026-23111 * CVE-2026-23209 CVSS scores: * CVE-2025-39973 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39973 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40018 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40018 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40159 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40159 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71120 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-71120 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71120 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-22999 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-22999 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-22999 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23074 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23074 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23074 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23074 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23111 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23111 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23111 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23111 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23209 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves eight vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-25.1 fixes various security issues The following security issues were fixed: * CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036). * CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689). * CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404). * CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780). * CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238). * CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051). * CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183). * CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-339=1 ## Package List: * SUSE Linux Micro 6.1(x86_64) * kernel-livepatch-6_4_0-25-rt-debuginfo-17-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_5-debugsource-17-1.1 * kernel-livepatch-6_4_0-25-rt-17-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39973.html * https://www.suse.com/security/cve/CVE-2025-40018.html * https://www.suse.com/security/cve/CVE-2025-40159.html * https://www.suse.com/security/cve/CVE-2025-71120.html * https://www.suse.com/security/cve/CVE-2026-22999.html * https://www.suse.com/security/cve/CVE-2026-23074.html * https://www.suse.com/security/cve/CVE-2026-23111.html * https://www.suse.com/security/cve/CVE-2026-23209.html * https://bugzilla.suse.com/show_bug.cgi?id=1252036 * https://bugzilla.suse.com/show_bug.cgi?id=1252689 * https://bugzilla.suse.com/show_bug.cgi?id=1253404 * https://bugzilla.suse.com/show_bug.cgi?id=1256780 * https://bugzilla.suse.com/show_bug.cgi?id=1257238 * https://bugzilla.suse.com/show_bug.cgi?id=1258051 * https://bugzilla.suse.com/show_bug.cgi?id=1258183 * https://bugzilla.suse.com/show_bug.cgi?id=1258784 . SUSE Linux Enterprise Micro 6.0 patches eight vulnerabilities in kernel RT affecting security and performance.. SUSE Linux Micro Patch, Kernel RT Security Update, SUSE Important Advisory, Linux Kernel Vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Apr 13, 2026 Important SuSE
202

openSUSE 15.4: 2025:02142-1 important: Kernel security issues fixed

An update that solves seven vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:02142-1 Release Date: 2025-06-26T18:33:39Z Rating: important References: * bsc#1227903 * bsc#1232908 * bsc#1232929 * bsc#1233680 * bsc#1233708 * bsc#1235062 * bsc#1235231 Cross-References: * CVE-2024-40937 * CVE-2024-50125 * CVE-2024-50127 * CVE-2024-50279 * CVE-2024-50301 * CVE-2024-56601 * CVE-2024-56605 CVSS scores: * CVE-2024-40937 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50125 ( SUSE ): 7.5 CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50125 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50125 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50125 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50127 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50127 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50127 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50127 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50279 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50279 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50301 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50301 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-56601 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56601 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56601 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56601 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N *CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves seven vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_119 fixes several issues. The following security issues were fixed: * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235231). * CVE-2024-50127: net: sched: fix use-after-free in taprio_change() (bsc#1232908). * CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233708). * CVE-2024-50301: security/keys: fix slab-out-of-bounds in key_task_permission (bsc#1233680). * CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235062). * CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232929). * CVE-2024-40937: gve: Clear napi-> skb before dev_kfree_skb_any() (bsc#1227903). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2142=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-2142=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_119-default-19-150400.2.2 *kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-19-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_26-debugsource-19-150400.2.2 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_119-default-19-150400.2.2 * kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-19-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_26-debugsource-19-150400.2.2 ## References: * https://www.suse.com/security/cve/CVE-2024-40937.html * https://www.suse.com/security/cve/CVE-2024-50125.html * https://www.suse.com/security/cve/CVE-2024-50127.html * https://www.suse.com/security/cve/CVE-2024-50279.html * https://www.suse.com/security/cve/CVE-2024-50301.html * https://www.suse.com/security/cve/CVE-2024-56601.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://bugzilla.suse.com/show_bug.cgi?id=1227903 * https://bugzilla.suse.com/show_bug.cgi?id=1232908 * https://bugzilla.suse.com/show_bug.cgi?id=1232929 * https://bugzilla.suse.com/show_bug.cgi?id=1233680 * https://bugzilla.suse.com/show_bug.cgi?id=1233708 * https://bugzilla.suse.com/show_bug.cgi?id=1235062 * https://bugzilla.suse.com/show_bug.cgi?id=1235231 . An essential patch for the Linux Kernel in openSUSE resolves several significant vulnerabilities, bolstering overall system security.. openSUSE Kernel Patch, security update, Live Patch 26. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 26, 2025 Important OpenSUSE
100

SUSE 2025:01899-1 important: Kernel Memory Leak and Network Issues

* bsc#1238324 * bsc#1239077 Cross-References: * CVE-2022-49080 . # Security update for the Linux Kernel (Live Patch 56 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:01899-1 Release Date: 2025-06-11T14:34:05Z Rating: important References: * bsc#1238324 * bsc#1239077 Cross-References: * CVE-2022-49080 * CVE-2024-57996 CVSS scores: * CVE-2022-49080 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49080 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57996 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57996 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_216 fixes several issues. The following security issues were fixed: * CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238324). * CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239077). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-1899=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_216-default-17-2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-49080.html * https://www.suse.com/security/cve/CVE-2024-57996.html * https://bugzilla.suse.com/show_bug.cgi?id=1238324 * https://bugzilla.suse.com/show_bug.cgi?id=1239077 .Important kernel patch for SUSE resolving memory overflow and network data cap problems. Vital for maintaining system integrity.. SUSE Linux Kernel Update, security patches, network packet management, memory leak fix, critical vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 11, 2025 Important SuSE
202

openSUSE: 2025:01892-1 important: Kernel Patch Addresses Critical Issues

An update that solves two vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 51 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:01892-1 Release Date: 2025-06-11T11:33:35Z Rating: important References: * bsc#1238324 * bsc#1239077 Cross-References: * CVE-2022-49080 * CVE-2024-57996 CVSS scores: * CVE-2022-49080 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49080 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57996 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57996 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_185 fixes several issues. The following security issues were fixed: * CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238324). * CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239077). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1892=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-1892=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_185-default-6-150300.2.2 * kernel-livepatch-SLE15-SP3_Update_51-debugsource-6-150300.2.2 *kernel-livepatch-5_3_18-150300_59_185-default-debuginfo-6-150300.2.2 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_185-preempt-debuginfo-6-150300.2.2 * kernel-livepatch-5_3_18-150300_59_185-preempt-6-150300.2.2 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_185-default-6-150300.2.2 ## References: * https://www.suse.com/security/cve/CVE-2022-49080.html * https://www.suse.com/security/cve/CVE-2024-57996.html * https://bugzilla.suse.com/show_bug.cgi?id=1238324 * https://bugzilla.suse.com/show_bug.cgi?id=1239077 . A significant advancement for the Linux Kernel in Fedora tackles serious vulnerabilities. Implement updates via outlined procedures.. openSUSE Update, Kernel Security Fix, Linux Patch Management, Security Advisory, Live Patching. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 11, 2025 Important OpenSUSE
100

SUSE Linux Enterprise 12 SP5: 2025:01844-1 important: Kernel security patch

* bsc#1238324 * bsc#1239077 Cross-References: * CVE-2022-49080 . # Security update for the Linux Kernel (Live Patch 57 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:01844-1 Release Date: 2025-06-09T16:33:37Z Rating: important References: * bsc#1238324 * bsc#1239077 Cross-References: * CVE-2022-49080 * CVE-2024-57996 CVSS scores: * CVE-2022-49080 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49080 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57996 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57996 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_219 fixes several issues. The following security issues were fixed: * CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238324). * CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239077). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-1844=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_219-default-14-2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-49080.html * https://www.suse.com/security/cve/CVE-2024-57996.html * https://bugzilla.suse.com/show_bug.cgi?id=1238324 * https://bugzilla.suse.com/show_bug.cgi?id=1239077 .A significant security bulletin for SUSE Linux Kernel highlighting vital concerns and installation instructions for users.. Linux Kernel Update, Security Patch SUSE, Enterprise Linux Security, Kernel Security Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 09, 2025 Important SuSE
100

SUSE Linux Micro 6.0: 2025:20184-1 important: elemental operator update

* bsc#1238700 * bsc#1239335 Cross-References: * CVE-2025-22869 . # Security update for elemental-operator Announcement ID: SUSE-SU-2025:20184-1 Release Date: 2025-04-11T10:56:08Z Rating: important References: * bsc#1238700 * bsc#1239335 Cross-References: * CVE-2025-22869 * CVE-2025-22870 CVSS scores: * CVE-2025-22869 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22869 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22869 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22870 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22870 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-22870 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L Affected Products: * SUSE Linux Micro 6.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for elemental-operator fixes the following issues: * Updated to version 1.6.8: * Deactivated e2e workflow * Updated header year * CVE-2025-22870: golang.org/x/net/proxy: Fixed proxy bypass using IPv6 zone IDs (bsc#1238700) * CVE-2025-22869: golang.org/x/crypto/ssh: Fixed Denial of Service in the Key Exchange (bsc#1239335) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-284=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 x86_64) * elemental-support-1.6.8-1.1 * elemental-register-1.6.8-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22869.html * https://www.suse.com/security/cve/CVE-2025-22870.html * https://bugzilla.suse.com/show_bug.cgi?id=1238700 * https://bugzilla.suse.com/show_bug.cgi?id=1239335 . Stay informed about the new patches for SUSELinux Micro 6.0 that tackle severe Denial of Service vulnerabilities and resolve proxy bypass concerns.. SUSE Linux Micro 6.0, Denial of Service, elemental operator. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 04, 2025 Important SuSE
217

Oracle Linux 9 ELSA-2025-7903 Important: Kernel Update and Threats

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-7903 http://linux.oracle.com/errata/ELSA-2025-7903.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: kernel-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-abi-stablelists-5.14.0-570.17.1.0.1.el9_6.noarch.rpm kernel-core-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-debug-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-debug-core-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-debug-devel-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-debug-devel-matched-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-debug-modules-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-debug-modules-core-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-debug-modules-extra-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-debug-uki-virt-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-devel-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-devel-matched-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-doc-5.14.0-570.17.1.0.1.el9_6.noarch.rpm kernel-headers-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-modules-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-modules-core-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-modules-extra-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-tools-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-tools-libs-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-uki-virt-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-uki-virt-addons-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm perf-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm python3-perf-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm rtla-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm rv-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-cross-headers-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-tools-libs-devel-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm libperf-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm aarch64: kernel-headers-5.14.0-570.17.1.0.1.el9_6.aarch64.rpm kernel-tools-5.14.0-570.17.1.0.1.el9_6.aarch64.rpm kernel-tools-libs-5.14.0-570.17.1.0.1.el9_6.aarch64.rpm perf-5.14.0-570.17.1.0.1.el9_6.aarch64.rpm python3-perf-5.14.0-570.17.1.0.1.el9_6.aarch64.rpm rtla-5.14.0-570.17.1.0.1.el9_6.aarch64.rpm rv-5.14.0-570.17.1.0.1.el9_6.aarch64.rpm kernel-cross-headers-5.14.0-570.17.1.0.1.el9_6.aarch64.rpm kernel-tools-libs-devel-5.14.0-570.17.1.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//kernel-5.14.0-570.17.1.0.1.el9_6.src.rpm Related CVEs: CVE-2025-21756 CVE-2025-21966 CVE-2025-37749 Description of changes: [5.14.0-570.17.1.0.1.el9_6.OL9] - nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650] - Disable UKI signing [Orabug: 36571828] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 thread on tctx errors (CKI Backport Bot) [RHEL-87264] {CVE-2025-21633} - nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (Chris Leech) [RHEL-86915] {CVE-2025-21927} - iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (CKI Backport Bot) [RHEL-86840] {CVE-2025-21993} - certs: Add ECDSA signature verification self-test (Herbert Xu) [RHEL-82247] - certs: Move RSA self-test data to separate file (Herbert Xu) [RHEL-82247] - certs: Break circular dependency when selftest is modular (Herbert Xu) [RHEL-82247] - KEYS: Include linux/errno.h in linux/verification.h (Herbert Xu) [RHEL-82247] - crypto: certs: fix FIPS selftest dependency (Herbert Xu) [RHEL-82247] - New configs in certs/Kconfig (Fedora Kernel Team) [RHEL-82247] - certs: Add support for using elliptic curve keys for signing modules (Herbert Xu) [RHEL-82247] - certs: Trigger creation of RSA module signing key if it's not an RSA key (Herbert Xu) [RHEL-82247] - tpm: Change to kvalloc() in eventlog/acpi.c (Štěpán Horáček) [RHEL-82147] {CVE-2024-58005} [5.14.0-570.13.1.el9_6] - scsi: storvsc: Set correct data length for sending SCSI command without payload (Cathy Avery) [RHEL-83049] - hv_netvsc: Fix VF namespace also in synthetic NIC NETDEV_REGISTER event (Maxim Levitsky) [RHEL-85942] - net: netvsc: Update default VMBus channels (Maxim Levitsky) [RHEL-85942] - net: mana: cleanup mana struct afterdebugfs_remove() (Maxim Levitsky) [RHEL-85942] - net: mana: Cleanup "mana" debugfs dir after cleanup of all children (Maxim Levitsky) [RHEL-85942] - net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (Maxim Levitsky) [RHEL-85942] - net: mana: Fix memory leak in mana_gd_setup_irqs (Maxim Levitsky) [RHEL-85942] - net :mana :Request a V2 response version for MANA_QUERY_GF_STAT (Maxim Levitsky) [RHEL-85942] - net: mana: use ethtool string helpers (Maxim Levitsky) [RHEL-85942] - net: mana: Enable debugfs files for MANA device (Maxim Levitsky) [RHEL-85942] - net: mana: Add get_link and get_link_ksettings in ethtool (Maxim Levitsky) [RHEL-85942] - net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (Maxim Levitsky) [RHEL-85942] - net: mana: Improve mana_set_channels() in low mem conditions (Maxim Levitsky) [RHEL-85942] - net: mana: Implement get_ringparam/set_ringparam for mana (Maxim Levitsky) [RHEL-85942] - net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup (Maxim Levitsky) [RHEL-85942] - ice: Fix signedness bug in ice_init_interrupt_scheme() (Petr Oros) [RHEL-80557] - ice: init flow director before RDMA (Petr Oros) [RHEL-80557] - ice: simplify VF MSI-X managing (Petr Oros) [RHEL-80557] - ice: enable_rdma devlink param (Petr Oros) [RHEL-80557] - ice: treat dyn_allowed only as suggestion (Petr Oros) [RHEL-80557] - ice, irdma: move interrupts code to irdma (Petr Oros) [RHEL-80557] - ice: get rid of num_lan_msix field (Petr Oros) [RHEL-80557] - ice: remove splitting MSI-X between features (Petr Oros) [RHEL-80557] - ice: devlink PF MSI-X max and min parameter (Petr Oros) [RHEL-80557] - ice: ice_probe: init ice_adapter after HW init (Petr Oros) [RHEL-80557] - ice: minor: rename goto labels from err to unroll (Petr Oros) [RHEL-80557] - ice: split ice_init_hw() out from ice_init_dev() (Petr Oros) [RHEL-80557] - ice: c827: move wait for FW to ice_init_hw() (Petr Oros) [RHEL-80557] - smb: client: don't retry IO on failed negprotos with soft mounts (Jay Shin) [RHEL-85524] - cgroup: Remove stealtime from usage_usec (Waiman Long) [RHEL-85398] - rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (CKI Backport Bot) [RHEL-85395] {CVE-2024-58069} _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Red Hat Security Advisory ELSA-2025-1234 emphasizes vital system enhancements to mitigate vulnerabilities in the operating system.. Oracle Linux Kernel Update, Security Advisory, Important Patch. . Severity: Important. LinuxSecurity.com Team

Calendar%202 May 27, 2025 Important Oracle
217

Oracle Linux 9: ELSA-2025-7416 critical: gvisor-tap-vsock CVE-2025-22869

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-7416 http://linux.oracle.com/errata/ELSA-2025-7416.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: gvisor-tap-vsock-0.8.5-1.el9_6.x86_64.rpm gvisor-tap-vsock-gvforwarder-0.8.5-1.el9_6.x86_64.rpm aarch64: gvisor-tap-vsock-0.8.5-1.el9_6.aarch64.rpm gvisor-tap-vsock-gvforwarder-0.8.5-1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//gvisor-tap-vsock-0.8.5-1.el9_6.src.rpm Related CVEs: CVE-2025-22869 Description of changes: [0.8.5-1] - Fix CVE-2025-22869 by updating to 0.8.5 - Resolves: RHEL-81313 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux Security Notice ELSA-2025-7416 outlines enhancements for gvisor-tap-vsock that rectify CVE-2025-22869.. Oracle Linux, ELSA-2025-7416, gvisor-tap-vsock, Security Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 May 23, 2025 Critical Oracle
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200