Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 488
Alerts This Week
Warning Icon 1 488

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 3,210 articles for you...
202

openSUSE 15.5: 2025:01893-1 important: kernel buffer overflow

An update that solves three vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:01893-1 Release Date: 2025-06-11T12:04:17Z Rating: important References: * bsc#1238324 * bsc#1239077 * bsc#1239096 Cross-References: * CVE-2022-49080 * CVE-2024-57996 * CVE-2024-58013 CVSS scores: * CVE-2022-49080 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49080 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57996 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57996 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-58013 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-58013 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-58013 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_94 fixes several issues. The following security issues were fixed: * CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238324). * CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (bsc#1239096). * CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239077). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the commandlisted for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1893=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-1893=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_94-default-debuginfo-2-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_23-debugsource-2-150500.2.2 * kernel-livepatch-5_14_21-150500_55_94-default-2-150500.2.2 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_94-default-debuginfo-2-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_23-debugsource-2-150500.2.2 * kernel-livepatch-5_14_21-150500_55_94-default-2-150500.2.2 ## References: * https://www.suse.com/security/cve/CVE-2022-49080.html * https://www.suse.com/security/cve/CVE-2024-57996.html * https://www.suse.com/security/cve/CVE-2024-58013.html * https://bugzilla.suse.com/show_bug.cgi?id=1238324 * https://bugzilla.suse.com/show_bug.cgi?id=1239077 * https://bugzilla.suse.com/show_bug.cgi?id=1239096 . The most recent update to the Linux Kernel addresses essential vulnerabilities in Fedora, greatly enhancing both performance and safety.. openSUSE updates, Linux Kernel patches, security fixes, important updates, system vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 11, 2025 Important OpenSUSE
202

openSUSE: 2025:01875-1 important: Linux Kernel patch details

An update that solves three vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:01875-1 Release Date: 2025-06-10T23:03:54Z Rating: important References: * bsc#1238324 * bsc#1239077 * bsc#1239096 Cross-References: * CVE-2022-49080 * CVE-2024-57996 * CVE-2024-58013 CVSS scores: * CVE-2022-49080 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49080 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57996 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57996 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-58013 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-58013 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-58013 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_91 fixes several issues. The following security issues were fixed: * CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238324). * CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (bsc#1239096). * CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239077). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the commandlisted for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-1876=1 SUSE-SLE- Module-Live-Patching-15-SP5-2025-1875=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1875=1 SUSE-2025-1876=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_91-default-5-150500.2.2 * kernel-livepatch-5_14_21-150500_55_91-default-debuginfo-5-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_22-debugsource-5-150500.2.2 * kernel-livepatch-5_14_21-150500_55_88-default-5-150500.2.2 * kernel-livepatch-5_14_21-150500_55_88-default-debuginfo-5-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_21-debugsource-5-150500.2.2 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_91-default-5-150500.2.2 * kernel-livepatch-5_14_21-150500_55_91-default-debuginfo-5-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_22-debugsource-5-150500.2.2 * kernel-livepatch-5_14_21-150500_55_88-default-5-150500.2.2 * kernel-livepatch-5_14_21-150500_55_88-default-debuginfo-5-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_21-debugsource-5-150500.2.2 ## References: * https://www.suse.com/security/cve/CVE-2022-49080.html * https://www.suse.com/security/cve/CVE-2024-57996.html * https://www.suse.com/security/cve/CVE-2024-58013.html * https://bugzilla.suse.com/show_bug.cgi?id=1238324 * https://bugzilla.suse.com/show_bug.cgi?id=1239077 * https://bugzilla.suse.com/show_bug.cgi?id=1239096 . An important update for openSUSE has been released to address critical kernel vulnerabilities and enhance system stability and performance for users. openSUSE Security Advisories, Linux Kernel Updates, System Patches, Important Security Fixes. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 11, 2025 Important OpenSUSE
202

SUSE: 2025:01869-1 important: Linux Kernel Critical Threat Fix

An update that solves four vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:01869-1 Release Date: 2025-06-10T18:33:47Z Rating: important References: * bsc#1232900 * bsc#1238324 * bsc#1239077 * bsc#1239096 Cross-References: * CVE-2022-49080 * CVE-2024-49855 * CVE-2024-57996 * CVE-2024-58013 CVSS scores: * CVE-2022-49080 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49080 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49855 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49855 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49855 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57996 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57996 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-58013 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-58013 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-58013 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_73 fixes several issues. The following security issues were fixed: * CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238324). * CVE-2024-49855: nbd: fix race between timeout and normal completion (bsc#1232900). *CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (bsc#1239096). * CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239077). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1872=1 SUSE-2025-1869=1 SUSE-2025-1870=1 SUSE-2025-1871=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-1871=1 SUSE-SLE- Module-Live-Patching-15-SP5-2025-1872=1 SUSE-SLE-Module-Live- Patching-15-SP5-2025-1869=1 SUSE-SLE-Module-Live-Patching-15-SP5-2025-1870=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_62-default-17-150500.2.2 * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-17-150500.2.2 * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-16-150500.2.2 * kernel-livepatch-5_14_21-150500_55_73-default-11-150500.2.2 * kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-11-150500.2.2 * kernel-livepatch-5_14_21-150500_55_65-default-17-150500.2.2 * kernel-livepatch-5_14_21-150500_55_68-default-16-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_13-debugsource-17-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_17-debugsource-11-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_14-debugsource-17-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_15-debugsource-16-150500.2.2 * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-17-150500.2.2 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_62-default-17-150500.2.2 * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-17-150500.2.2 * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-16-150500.2.2 *kernel-livepatch-5_14_21-150500_55_73-default-11-150500.2.2 * kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-11-150500.2.2 * kernel-livepatch-5_14_21-150500_55_65-default-17-150500.2.2 * kernel-livepatch-5_14_21-150500_55_68-default-16-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_13-debugsource-17-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_14-debugsource-17-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_15-debugsource-16-150500.2.2 * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-17-150500.2.2 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le x86_64) * kernel-livepatch-SLE15-SP5_Update_17-debugsource-11-150500.2.2 ## References: * https://www.suse.com/security/cve/CVE-2022-49080.html * https://www.suse.com/security/cve/CVE-2024-49855.html * https://www.suse.com/security/cve/CVE-2024-57996.html * https://www.suse.com/security/cve/CVE-2024-58013.html * https://bugzilla.suse.com/show_bug.cgi?id=1232900 * https://bugzilla.suse.com/show_bug.cgi?id=1238324 * https://bugzilla.suse.com/show_bug.cgi?id=1239077 * https://bugzilla.suse.com/show_bug.cgi?id=1239096 . New release for the Linux Kernel addressing various vulnerabilities impacting Debian systems, enhancing overall safety and reliability.. Linux Kernel Patch, SUSE Security Update, Kernel Vulnerabilities, Security Improvement, Linux Kernel Fixes. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 10, 2025 Important OpenSUSE
217

Oracle Linux 7 ELSA-2025-8314: Important zlib Security Issue

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-8314 http://linux.oracle.com/errata/ELSA-2025-8314.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: minizip-1.2.7-21.0.1.el7_9.i686.rpm minizip-1.2.7-21.0.1.el7_9.x86_64.rpm minizip-devel-1.2.7-21.0.1.el7_9.i686.rpm minizip-devel-1.2.7-21.0.1.el7_9.x86_64.rpm zlib-1.2.7-21.0.1.el7_9.i686.rpm zlib-1.2.7-21.0.1.el7_9.x86_64.rpm zlib-devel-1.2.7-21.0.1.el7_9.i686.rpm zlib-devel-1.2.7-21.0.1.el7_9.x86_64.rpm zlib-static-1.2.7-21.0.1.el7_9.i686.rpm zlib-static-1.2.7-21.0.1.el7_9.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates//zlib-1.2.7-21.0.1.el7_9.src.rpm Related CVEs: CVE-2016-9840 Description of changes: [1.2.7-21.0.1] - Resolves: CVE-2025-4638 [Orabug: 38010977] _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 7 has released essential RPM packages for zlib, addressing significant security flaws and weaknesses. For more information, visit this link.. Oracle Linux, Zlib Update, RPM Security, Linux Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 10, 2025 Important Oracle
202

openSUSE Leap 15.6 - 2025:01846-1 critical: multiple issues in go1.24

An update that solves four vulnerabilities and has one security fix can now be installed.. # Security update for go1.24 Announcement ID: SUSE-SU-2025:01846-1 Release Date: 2025-06-09T18:34:33Z Rating: important References: * bsc#1236217 * bsc#1242715 * bsc#1244156 * bsc#1244157 * bsc#1244158 Cross-References: * CVE-2025-0913 * CVE-2025-22873 * CVE-2025-22874 * CVE-2025-4673 CVSS scores: * CVE-2025-0913 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-0913 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2025-22873 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-22873 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2025-22874 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-22874 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-4673 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2025-4673 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N Affected Products: * Development Tools Module 15-SP6 * Development Tools Module 15-SP7 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux EnterpriseServer 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for go1.24 fixes the following issues: go1.24.4 (released 2025-06-05) includes security fixes to the crypto/x509, net/http, and os packages, as well as bug fixes to the linker, the go command, and the hash/maphash and os packages. ( bsc#1236217 go1.24 release tracking CVE-2025-22874 CVE-2025-0913 CVE-2025-4673) * CVE-2025-22874: crypto/x509: ExtKeyUsageAny bypasses policy validation (bsc#1244158) * CVE-2025-0913: os: inconsistent handling of O_CREATE|O_EXCL on Unix and Windows (bsc#1244157) * CVE-2025-4673: net/http: sensitive headers not cleared on cross-origin redirect (bsc#1244156) * os: Root.Mkdir creates directories with zero permissions on OpenBSD * hash/maphash: hashing channels with purego impl. of maphash.Comparable panics * runtime/debug: BuildSetting does not document DefaultGODEBUG * cmd/go: add fips140 module selection mechanism * cmd/link: Go 1.24.3 and 1.23.9 regression - duplicated definition of symbol dlopen * CVE-2025-22873: os: Root permits access to parent directory ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Development Tools Module 15-SP6 zypper in -t patchSUSE-SLE-Module-Development-Tools-15-SP6-2025-1846=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-1846=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1846=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1846=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1846=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1846=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1846=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1846=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1846=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1846=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1846=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1846=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1846=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1846=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1846=1 ## Package List: * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) *go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE LinuxEnterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 ## References: * https://www.suse.com/security/cve/CVE-2025-0913.html * https://www.suse.com/security/cve/CVE-2025-22873.html * https://www.suse.com/security/cve/CVE-2025-22874.html * https://www.suse.com/security/cve/CVE-2025-4673.html * https://bugzilla.suse.com/show_bug.cgi?id=1236217 * https://bugzilla.suse.com/show_bug.cgi?id=1242715 * https://bugzilla.suse.com/show_bug.cgi?id=1244156 * https://bugzilla.suse.com/show_bug.cgi?id=1244157 * https://bugzilla.suse.com/show_bug.cgi?id=1244158 . This notice outlines critical security patches for the go1.24 module in openSUSE, addressing several potential threats.. go package, openSUSE security, important update, security fix, SUSE vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 09, 2025 Important OpenSUSE
100

SUSE 2025:01846-1 important: go1.24 addresses multiple security issues

* bsc#1236217 * bsc#1242715 * bsc#1244156 * bsc#1244157 * bsc#1244158 . # Security update for go1.24 Announcement ID: SUSE-SU-2025:01846-1 Release Date: 2025-06-09T18:34:33Z Rating: important References: * bsc#1236217 * bsc#1242715 * bsc#1244156 * bsc#1244157 * bsc#1244158 Cross-References: * CVE-2025-0913 * CVE-2025-22873 * CVE-2025-22874 * CVE-2025-4673 CVSS scores: * CVE-2025-0913 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-0913 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2025-22873 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-22873 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2025-22874 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-22874 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-4673 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2025-4673 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N Affected Products: * Development Tools Module 15-SP6 * Development Tools Module 15-SP7 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS *SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for go1.24 fixes the following issues: go1.24.4 (released 2025-06-05) includes security fixes to the crypto/x509, net/http, and os packages, as well as bug fixes to the linker, the go command, and the hash/maphash and os packages. ( bsc#1236217 go1.24 release tracking CVE-2025-22874 CVE-2025-0913 CVE-2025-4673) * CVE-2025-22874: crypto/x509: ExtKeyUsageAny bypasses policy validation (bsc#1244158) * CVE-2025-0913: os: inconsistent handling of O_CREATE|O_EXCL on Unix and Windows (bsc#1244157) * CVE-2025-4673: net/http: sensitive headers not cleared on cross-origin redirect (bsc#1244156) * os: Root.Mkdir creates directories with zero permissions on OpenBSD * hash/maphash: hashing channels with purego impl. of maphash.Comparable panics * runtime/debug: BuildSetting does not document DefaultGODEBUG * cmd/go: add fips140 module selection mechanism * cmd/link: Go 1.24.3 and 1.23.9 regression - duplicated definition of symbol dlopen * CVE-2025-22873: os: Root permits access to parent directory ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-1846=1 *Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-1846=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1846=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1846=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1846=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1846=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1846=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1846=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1846=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1846=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1846=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1846=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1846=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1846=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1846=1 ## Package List: * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.4-150000.1.26.1 *go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Linux Enterprise Server for SAP Applications15 SP5 (ppc64le x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.4-150000.1.26.1 * go1.24-doc-1.24.4-150000.1.26.1 * go1.24-1.24.4-150000.1.26.1 ## References: * https://www.suse.com/security/cve/CVE-2025-0913.html * https://www.suse.com/security/cve/CVE-2025-22873.html * https://www.suse.com/security/cve/CVE-2025-22874.html * https://www.suse.com/security/cve/CVE-2025-4673.html * https://bugzilla.suse.com/show_bug.cgi?id=1236217 * https://bugzilla.suse.com/show_bug.cgi?id=1242715 * https://bugzilla.suse.com/show_bug.cgi?id=1244156 * https://bugzilla.suse.com/show_bug.cgi?id=1244157 * https://bugzilla.suse.com/show_bug.cgi?id=1244158 . Crucial patch release for the go1.24 module resolving various vulnerabilities affecting SUSE ecosystems.. SUSE Security Update, go Package Security, Linux Update, Linux Patch Management. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 09, 2025 Important SuSE
100

SUSE: 2025:01839-1 important: Linux Kernel RT critical buffer overflow

* bsc#1236701 * bsc#1239077 * bsc#1239096 Cross-References: . # Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:01839-1 Release Date: 2025-06-09T15:33:45Z Rating: important References: * bsc#1236701 * bsc#1239077 * bsc#1239096 Cross-References: * CVE-2024-57996 * CVE-2024-58013 * CVE-2025-21680 CVSS scores: * CVE-2024-57996 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57996 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-58013 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-58013 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-58013 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21680 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21680 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21680 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_10_23 fixes several issues. The following security issues were fixed: * CVE-2025-21680: pktgen: Avoid out-of-bounds access in get_imix_entries (bsc#1236701). * CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (bsc#1239096). * CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239077). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE LinuxEnterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-1839=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-1842=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo-9-150600.2.1 * kernel-livepatch-6_4_0-150600_10_23-rt-6-150600.2.1 * kernel-livepatch-6_4_0-150600_10_17-rt-9-150600.2.1 * kernel-livepatch-6_4_0-150600_10_23-rt-debuginfo-6-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_7-debugsource-6-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource-9-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-57996.html * https://www.suse.com/security/cve/CVE-2024-58013.html * https://www.suse.com/security/cve/CVE-2025-21680.html * https://bugzilla.suse.com/show_bug.cgi?id=1236701 * https://bugzilla.suse.com/show_bug.cgi?id=1239077 * https://bugzilla.suse.com/show_bug.cgi?id=1239096 . SUSE Linux Kernel RT addresses significant vulnerabilities, resolving a severe buffer overflow along with memory management flaws. Find out how to apply the necessary patches.. SUSE Linux Kernel, Critical Update, Security Patch, Kernel Fixes. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 09, 2025 Important SuSE
217

Oracle Linux 8 ELSA-2025-8506: nodejs 22 Critical Security Fix

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-8506 http://linux.oracle.com/errata/ELSA-2025-8506.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: nodejs-22.16.0-1.module+el8.10.0+90605+76e4d41a.x86_64.rpm nodejs-devel-22.16.0-1.module+el8.10.0+90605+76e4d41a.x86_64.rpm nodejs-docs-22.16.0-1.module+el8.10.0+90605+76e4d41a.noarch.rpm nodejs-full-i18n-22.16.0-1.module+el8.10.0+90605+76e4d41a.x86_64.rpm nodejs-libs-22.16.0-1.module+el8.10.0+90605+76e4d41a.x86_64.rpm nodejs-nodemon-3.0.1-1.module+el8.10.0+90605+76e4d41a.noarch.rpm nodejs-packaging-2021.06-4.module+el8.10.0+90605+76e4d41a.noarch.rpm nodejs-packaging-bundler-2021.06-4.module+el8.10.0+90605+76e4d41a.noarch.rpm npm-10.9.2-1.22.16.0.1.module+el8.10.0+90605+76e4d41a.x86_64.rpm v8-12.4-devel-12.4.254.21-1.22.16.0.1.module+el8.10.0+90605+76e4d41a.x86_64.rpm aarch64: nodejs-22.16.0-1.module+el8.10.0+90605+76e4d41a.aarch64.rpm nodejs-devel-22.16.0-1.module+el8.10.0+90605+76e4d41a.aarch64.rpm nodejs-docs-22.16.0-1.module+el8.10.0+90605+76e4d41a.noarch.rpm nodejs-full-i18n-22.16.0-1.module+el8.10.0+90605+76e4d41a.aarch64.rpm nodejs-libs-22.16.0-1.module+el8.10.0+90605+76e4d41a.aarch64.rpm nodejs-nodemon-3.0.1-1.module+el8.10.0+90605+76e4d41a.noarch.rpm nodejs-packaging-2021.06-4.module+el8.10.0+90605+76e4d41a.noarch.rpm nodejs-packaging-bundler-2021.06-4.module+el8.10.0+90605+76e4d41a.noarch.rpm npm-10.9.2-1.22.16.0.1.module+el8.10.0+90605+76e4d41a.aarch64.rpm v8-12.4-devel-12.4.254.21-1.22.16.0.1.module+el8.10.0+90605+76e4d41a.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//nodejs-22.16.0-1.module+el8.10.0+90605+76e4d41a.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//nodejs-nodemon-3.0.1-1.module+el8.10.0+90605+76e4d41a.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//nodejs-packaging-2021.06-4.module+el8.10.0+90605+76e4d41a.src.rpm Related CVEs: CVE-2025-23166 Description ofchanges: nodejs [1:22.15-1-1] - Update to 22.16.0 Fixes: CVE-2025-23166 - Resolves: RHEL-91596 RHEL-92859 [1:22.15.0-1] - Update to 22.15.0 - Drop upstream patches [1:22.13.1-4] - Patch fix for sqlite CVE-2025-31498 Resolves: RHEL-87300 [1:22.13.1-3] - Update c-ares to newest version with fix for CVE-2025-31498 Resolves: RHEL-86581 [1:22.13.1-2] - Remove obsolete lua pretransaction script from spec file Resolves: RHEL-81117 RHEL-71410 - Disable npm update notifications for users Resolves: RHEL-81080 [22.13.1-1] - Upgrade to version 22.13.1 Fixes CVE-2025-23083 CVE-2025-23085 CVE-2025-22150 Resolves: RHEL-76362 RHEL-76897 [22.11.0-1] - Upgrade to nodejs 22.11.0. Resolves: RHEL-35991 [22.4.1-4] - Exclude ix86 arches from building. Related: RHEL-35991 [22.4.1-4] - Initial import of nodeJS 22 Resolves: RHEL-35991 nodejs-nodemon nodejs-packaging _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Revised Node.js libraries for Oracle Linux 8 tackle significant security vulnerabilities. Safeguard your system with the latest rpms.. Oracle Linux 8, Nodejs, Important Update, Security Fixes, RPM Updates. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 05, 2025 Critical Oracle
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200