Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Can sandbox isolation stop malware?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/154-can-sandbox-isolation-stop-malware?task=poll.vote&format=json
154
radio
0
[{"id":497,"title":"Breaches happen despite container barriers.","votes":1,"type":"x","order":1,"pct":33.33,"resources":[]},{"id":498,"title":"Supply chain flaws exploit trust.","votes":2,"type":"x","order":2,"pct":66.67,"resources":[]},{"id":499,"title":"Flawed configurations expose vital files.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 1,382 articles for you...
202

openSUSE 2026-2681-1 libheif Moderate Information Leak and Root Access

An update that solves two vulnerabilities can now be installed.. # Security update for libheif Announcement ID: SUSE-SU-2026:2681-1 Release Date: 2026-06-29T13:27:52Z Rating: moderate References: * bsc#1261658 * bsc#1265878 Cross-References: * CVE-2026-32282 * CVE-2026-32814 CVSS scores: * CVE-2026-32282 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-32282 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-32282 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-32814 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-32814 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-32814 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 An update that solves two vulnerabilities can now be installed. ## Description: This update for libheif fixes the following issues * CVE-2026-32282: os: Root.Chmod can follow symlinks out of the root on Linux (bsc#1261658). * CVE-2026-32814: Uninitialized Heap Memory Information Leak via Failed Grid Tiles (bsc#1265878). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2681=1 ## Package List: * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * libheif-devel-1.12.0-150400.3.20.1 * libheif-debugsource-1.12.0-150400.3.20.1 * gdk-pixbuf-loader-libheif-debuginfo-1.12.0-150400.3.20.1 * libheif1-debuginfo-1.12.0-150400.3.20.1 * gdk-pixbuf-loader-libheif-1.12.0-150400.3.20.1 * libheif1-1.12.0-150400.3.20.1 * openSUSE Leap 15.4 (x86_64) * libheif1-32bit-debuginfo-1.12.0-150400.3.20.1 * libheif1-32bit-1.12.0-150400.3.20.1 * openSUSE Leap 15.4 (aarch64_ilp32) *libheif1-64bit-debuginfo-1.12.0-150400.3.20.1 * libheif1-64bit-1.12.0-150400.3.20.1 ## References: * https://www.suse.com/security/cve/CVE-2026-32282.html * https://www.suse.com/security/cve/CVE-2026-32814.html * https://bugzilla.suse.com/show_bug.cgi?id=1261658 * https://bugzilla.suse.com/show_bug.cgi?id=1265878 . # Security update for libheif Announcement ID: SUSE-SU-2026:2681-1 Release Date: 2026-06-29T13:27:52. update, solves, vulnerabilities, installed, security, libheif, announ. . LinuxSecurity.com Team

Calendar%202 Jun 29, 2026 OpenSUSE
100

SUSE openSUSE Leap 15.4 libheif Moderate Info Leak Attack SUSE-2026-2681-1

An update that solves two vulnerabilities can now be installed.. # Security update for libheif Announcement ID: SUSE-SU-2026:2681-1 Release Date: 2026-06-29T13:27:52Z Rating: moderate References: * bsc#1261658 * bsc#1265878 Cross-References: * CVE-2026-32282 * CVE-2026-32814 CVSS scores: * CVE-2026-32282 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-32282 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-32282 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-32814 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-32814 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-32814 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 An update that solves two vulnerabilities can now be installed. ## Description: This update for libheif fixes the following issues * CVE-2026-32282: os: Root.Chmod can follow symlinks out of the root on Linux (bsc#1261658). * CVE-2026-32814: Uninitialized Heap Memory Information Leak via Failed Grid Tiles (bsc#1265878). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2681=1 ## Package List: * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * libheif-devel-1.12.0-150400.3.20.1 * libheif-debugsource-1.12.0-150400.3.20.1 * gdk-pixbuf-loader-libheif-debuginfo-1.12.0-150400.3.20.1 * libheif1-debuginfo-1.12.0-150400.3.20.1 * gdk-pixbuf-loader-libheif-1.12.0-150400.3.20.1 * libheif1-1.12.0-150400.3.20.1 * openSUSE Leap 15.4 (x86_64) * libheif1-32bit-debuginfo-1.12.0-150400.3.20.1 * libheif1-32bit-1.12.0-150400.3.20.1 * openSUSE Leap 15.4 (aarch64_ilp32) *libheif1-64bit-debuginfo-1.12.0-150400.3.20.1 * libheif1-64bit-1.12.0-150400.3.20.1 ## References: * https://www.suse.com/security/cve/CVE-2026-32282.html * https://www.suse.com/security/cve/CVE-2026-32814.html * https://bugzilla.suse.com/show_bug.cgi?id=1261658 * https://bugzilla.suse.com/show_bug.cgi?id=1265878 . Update for libheif fixes two vulnerabilities including root symlink privilege escalation and a memory leak issue.. SUSE libheif vulnerabilities update information leak root symlink. . LinuxSecurity.com Team

Calendar%202 Jun 29, 2026 SuSE
202

openSUSE xtrabackup Moderate Buffer Overflow Vulnerability 2026-0221-1

An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for xtrabackup ______________________________________________________________________________ Announcement ID: openSUSE-SU-2026:0221-1 Rating: moderate References: #1244285 Cross-References: CVE-2025-5918 CVSS scores: CVE-2025-5918 (SUSE): 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N Affected Products: openSUSE Backports SLE-15-SP7 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for xtrabackup fixes the following issues: - CVE-2025-5918: embedded libarchive: Reading past EOF may be triggered for piped file streams (boo#1244285) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP7: zypper in -t patch openSUSE-2026-221=1 Package List: - openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64): xtrabackup-2.4.26-bp157.2.6.1 xtrabackup-test-2.4.26-bp157.2.6.1 References: https://www.suse.com/security/cve/CVE-2025-5918.html https://bugzilla.suse.com/1244285 . Security update for xtrabackup on openSUSE addresses CVE-2025-5918 and other issues.. openSUSE update,xtrabackup security patch,moderate vulnerability,CVE-2025-5918,opensuse patch. . LinuxSecurity.com Team

Calendar%202 Jun 28, 2026 OpenSUSE
219

Rocky Linux FreeRADIUS Moderate Information Leakage Crash RLSA-2023-2870

Moderate: freeradius:3.0 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2023:2870", "synopsis": "Moderate: freeradius:3.0 security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for module.freeradius, freeradius.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service (RADIUS) server, designed to allow centralized authentication and authorization for a network.\n\nSecurity Fix(es):\n\n* freeradius: Information leakage in EAP-PWD (CVE-2022-41859)\n\n* freeradius: Crash on unknown option in EAP-SIM (CVE-2022-41860)\n\n* freeradius: Crash on invalid abinary data (CVE-2022-41861)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2078483", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2078483", "description": ""}, {"ticket": "2078485", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2078485", "description": ""}, {"ticket": "2078487", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2078487", "description": ""}], "cves": [{"name": "CVE-2022-41859", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41859", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "cvss3BaseScore": "7.5", "cwe": "CWE-208"}, {"name": "CVE-2022-41860", "sourceBy": "MITRE", "sourceLink":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41860", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-476"}, {"name": "CVE-2022-41861", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41861", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-20"}], "references": [], "publishedAt": "2026-06-26T18:00:57.979049Z", "rpms": {"Rocky Linux 8": {"nvras": ["freeradius-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.src.rpm", "freeradius-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm", "freeradius-debuginfo-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm", "freeradius-debugsource-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm", "freeradius-devel-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm", "freeradius-doc-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm", "freeradius-krb5-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm", "freeradius-krb5-debuginfo-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm", "freeradius-ldap-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm", "freeradius-ldap-debuginfo-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm", "freeradius-mysql-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm", "freeradius-mysql-debuginfo-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm", "freeradius-perl-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm", "freeradius-perl-debuginfo-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm", "freeradius-postgresql-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm", "freeradius-postgresql-debuginfo-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm", "freeradius-rest-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm", "freeradius-rest-debuginfo-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm", "freeradius-sqlite-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm", "freeradius-sqlite-debuginfo-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm","freeradius-unixODBC-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm", "freeradius-unixODBC-debuginfo-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm", "freeradius-utils-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm", "freeradius-utils-debuginfo-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm", "python3-freeradius-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm", "python3-freeradius-debuginfo-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm", "freeradius-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm", "freeradius-devel-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm", "freeradius-doc-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm", "freeradius-krb5-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm", "freeradius-ldap-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm", "freeradius-mysql-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm", "freeradius-perl-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm", "freeradius-postgresql-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm", "freeradius-rest-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm", "freeradius-sqlite-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm", "freeradius-unixODBC-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm", "freeradius-utils-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm", "python3-freeradius-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Moderate security advisory for FreeRADIUS on Rocky Linux addressing critical information leakage and crashes.. FreeRADIUS Security Update, Rocky Linux Security Advisories, Moderate Vulnerability Impact. . LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Rocky Linux
197

Debian LTS u-boot Critical Buffer Overread Signature Bypass DLA-4642-1

Multiple issues where found in u-boot, a cross-platform bootloader for embedded systems, which could lead to information leak and signature verification bypass. CVE-2024-42040 buffer overread vulnerability in the DHCP implementation. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4642-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Andreas Henriksson June 23, 2026 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : u-boot Version : 2021.01+dfsg-5+deb11u3 2023.01+dfsg-2+deb12u3 CVE ID : CVE-2024-42040 CVE-2026-46728 Debian Bug : 1081557 1136954 Multiple issues where found in u-boot, a cross-platform bootloader for embedded systems, which could lead to information leak and signature verification bypass. CVE-2024-42040 buffer overread vulnerability in the DHCP implementation CVE-2026-46728 mishandles use of unit addresses in a FIT For Debian 11 bullseye, these problems have been fixed in version 2021.01+dfsg-5+deb11u3. For Debian 12 bookworm, these problems have been fixed in version 2023.01+dfsg-2+deb12u3. We recommend that you upgrade your u-boot packages. For the detailed security status of u-boot please refer to its security tracker page at: https://security-tracker.debian.org/tracker/u-boot Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS advisory details critical u-boot updates addressing information leak and signature bypass vulnerabilities in embedded systems.. Debian LTS, u-boot, security update, information leak, signature verification. . LinuxSecurity.com Team

Calendar%202 Jun 23, 2026 Debian LTS
100

SUSE Significant Security Patch for 16 Flaws 2026-22159-1

An update that solves 16 vulnerabilities can now be installed.. # Security update for distribution Announcement ID: SUSE-SU-2026:22159-1 Release Date: 2026-06-18T14:30:03Z Rating: important References: * bsc#1265429 * bsc#1265788 * bsc#1266049 * bsc#1266629 Cross-References: * CVE-2026-33814 * CVE-2026-39821 * CVE-2026-39827 * CVE-2026-39828 * CVE-2026-39829 * CVE-2026-39830 * CVE-2026-39831 * CVE-2026-39832 * CVE-2026-39833 * CVE-2026-39834 * CVE-2026-39835 * CVE-2026-41888 * CVE-2026-42508 * CVE-2026-46595 * CVE-2026-46597 * CVE-2026-46598 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39821 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39821 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39821 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N * CVE-2026-39827 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-39827 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39827 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39828 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39828 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39828 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2026-39829 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-39829 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39829 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39830 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-39830 ( SUSE ): 6.5CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39830 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-39831 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39831 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39831 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39832 ( SUSE ): 6.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N * CVE-2026-39832 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N * CVE-2026-39832 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39833 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39833 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39833 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39834 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-39834 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39834 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2026-39835 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-39835 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39835 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-41888 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-41888 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-41888 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-41888 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-42508 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-42508 ( SUSE ): 8.1CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-42508 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46595 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-46595 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46595 ( NVD ): 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L * CVE-2026-46597 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46597 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46597 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46598 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46598 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46598 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves 16 vulnerabilities can now be installed. ## Description: This update for distribution fixes the following issues * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265788). * CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation bypass and privilege escalation (bsc#1266629). * CVE-2026-41888: tag deletion bypasses the storage.delete.enabled configuration (bsc#1265429). * CVE-2026-39827: Invoking memory leak when rejecting channels can lead to DoS in golang.org/x/crypto/ssh (bsc#1266049). * CVE-2026-39828: Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh (bsc#1266049). * CVE-2026-39829: Invoking pathological RSA/DSA parameters may cause DoS in golang.org/x/crypto/ssh (bsc#1266049). * CVE-2026-39830: Invoking client can cause server deadlock on unexpected responses ingolang.org/x/crypto/ssh (bsc#1266049). * CVE-2026-39831: Invoking bypass of FIDO/U2F security keys physical interaction in golang.org/x/crypto/ssh (bsc#1266049). * CVE-2026-39832: Invoking agent constraints dropped when forwarding keys in golang.org/x/crypto/ssh/agent (bsc#1266049). * CVE-2026-39833: Invoking key constraints not enforced in golang.org/x/crypto/ssh/agent (bsc#1266049). * CVE-2026-39834: Invoking infinite loop on large channel writes in golang.org/x/crypto/ssh (bsc#1266049). * CVE-2026-39835: Invoking server panic during CheckHostKey/Authenticate in golang.org/x/crypto/ssh (bsc#1266049). * CVE-2026-42508: Invoking auth bypass via unenforced @revoked status in golang.org/x/crypto/ssh/knownhosts (bsc#1266049). * CVE-2026-46595: Invoking VerifiedPublicKeyCallback permissions skip enforcement in golang.org/x/crypto/ssh (bsc#1266049). * CVE-2026-46597: Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh (bsc#1266049). * CVE-2026-46598: Invoking pathological inputs can lead to client panic in golang.org/x/crypto/ssh/agent (bsc#1266049). Changes: * Bounds-check the file basename in PurgeUploads Walk callback * Add S3 Express One Zone support to the S3 storage driver * Fix tag list endpoint in proxy mode * Clamp oversized `n` query parameter in proxy mode instead of returning 400 * See the full changelog below for the full list of changes. * internal/client/auth/challenge: cleanups and minor refactor * build(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp from 0.18.0 to 0.19.0 in the go_modules group across 1 directory * build(deps): bump go.opentelemetry.io/otel/exporters/otlp/otl ptrace/otlptracehttp from 1.42.0 to 1.43.0 in the go_modules group across 1 directory * build(deps): bump github/codeql-action from 4.34.1 to 4.35.1 * chore(build): Bump go version to latest * refactor: use slices.Backward to simplify the code * fix(proxy): fix tag list endpoint inproxy mode * Update docker-compose structure in deploying.md * build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 * build(deps): bump actions/upload-pages-artifact from 4.0.0 to 5.0.0 * build(deps): bump docker/login-action from 4.0.0 to 4.1.0 * build(deps): bump docker/bake-action from 7.0.0 to 7.1.0 * fix(proxy): clamp oversized n query param instead of * feat(s3): add express zone one support to S3 driver * fix(storage): bounds-check the file basename in PurgeUploads Walk callback * chore(release): prepare for v3.1.1 release ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-949=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-949=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * distribution-registry-3.1.1-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * distribution-registry-3.1.1-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://www.suse.com/security/cve/CVE-2026-39821.html * https://www.suse.com/security/cve/CVE-2026-39827.html * https://www.suse.com/security/cve/CVE-2026-39828.html * https://www.suse.com/security/cve/CVE-2026-39829.html * https://www.suse.com/security/cve/CVE-2026-39830.html * https://www.suse.com/security/cve/CVE-2026-39831.html * https://www.suse.com/security/cve/CVE-2026-39832.html * https://www.suse.com/security/cve/CVE-2026-39833.html * https://www.suse.com/security/cve/CVE-2026-39834.html * https://www.suse.com/security/cve/CVE-2026-39835.html * https://www.suse.com/security/cve/CVE-2026-41888.html * https://www.suse.com/security/cve/CVE-2026-42508.html * https://www.suse.com/security/cve/CVE-2026-46595.html *https://www.suse.com/security/cve/CVE-2026-46597.html * https://www.suse.com/security/cve/CVE-2026-46598.html * https://bugzilla.suse.com/show_bug.cgi?id=1265429 * https://bugzilla.suse.com/show_bug.cgi?id=1265788 * https://bugzilla.suse.com/show_bug.cgi?id=1266049 * https://bugzilla.suse.com/show_bug.cgi?id=1266629 . SUSE updates address 16 issues including important fixes for DoS, privilege escalation, and information leak vulnerabilities.. SUSE Security Patch, Important Update, Information Leak Fix, System Integrity, Privilege Escalation. . LinuxSecurity.com Team

Calendar%202 Jun 23, 2026 SuSE
87

Debian Linux DSA-6355-1 Multiple Threats Privilege Escalation DoS

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. For the stable distribution (trixie), these problems have been fixed in version 6.12.94-1.. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6355-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso June 21, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : linux CVE ID : CVE-2025-22069 CVE-2025-68251 CVE-2025-68768 CVE-2025-71289 CVE-2026-23247 CVE-2026-23272 CVE-2026-23346 CVE-2026-23394 CVE-2026-23469 CVE-2026-31420 CVE-2026-31486 CVE-2026-31560 CVE-2026-31613 CVE-2026-31663 CVE-2026-31717 CVE-2026-43116 CVE-2026-43219 CVE-2026-43245 CVE-2026-43303 CVE-2026-43331 CVE-2026-45838 CVE-2026-45839 CVE-2026-45840 CVE-2026-45841 CVE-2026-45842 CVE-2026-45843 CVE-2026-45844 CVE-2026-45845 CVE-2026-45846 CVE-2026-45850 CVE-2026-45930 CVE-2026-46117 CVE-2026-46137 CVE-2026-46158 CVE-2026-46160 CVE-2026-46170 CVE-2026-46203 CVE-2026-46216 CVE-2026-46244 CVE-2026-46274 CVE-2026-46275 CVE-2026-46315 CVE-2026-46316 CVE-2026-46319 CVE-2026-46320 CVE-2026-46321 CVE-2026-46322 CVE-2026-46323 CVE-2026-46331 CVE-2026-52908 CVE-2026-52909 CVE-2026-52910 CVE-2026-52911 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. For the stable distribution (trixie), these problems have been fixed in version 6.12.94-1. We recommend that you upgrade your linux packages. For the detailed security status of linux please refer to its security tracker pageat: https://security-tracker.debian.org/tracker/linux Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Upgrade the Debian Linux kernel to patch several vulnerabilities leading to denial of service and privilege escalation threats.. Linux Kernel Security, Debian Security Update, Privilege Escalation Fix, Denial of Service Patch. . LinuxSecurity.com Team

Calendar%202 Jun 21, 2026 Debian
202

openSUSE qemu Moderate Heap Overflow Info Leak Vuln 2026-2388-1

An update that solves two vulnerabilities and has one security fix can now be installed.. # Security update for qemu Announcement ID: SUSE-SU-2026:2388-1 Release Date: 2026-06-12T13:59:31Z Rating: moderate References: * bsc#1199023 * bsc#1258509 * bsc#1262089 Cross-References: * CVE-2026-2243 * CVE-2026-3842 CVSS scores: * CVE-2026-2243 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-2243 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2026-2243 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-3842 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-3842 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L Affected Products: * openSUSE Leap 15.5 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for qemu fixes the following issues: Security fixes: * CVE-2026-2243: incorrect bounds check leads to heap out-of-bounds read and a 12-byte information leak when processing specially crafted VMDK files (bsc#1258509). * CVE-2026-3842: hyperv/syndbg: missing mapped-length guard after cpu_physical_memory_map causes host OOB write (bsc#1262089). Other fixes: * [openSUSE] qemu-ga: fix service file against no-autostart (bsc#1199023) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2388=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2388=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-2388=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * qemu-ivshmem-tools-7.1.0-150500.49.42.1 * qemu-audio-dbus-debuginfo-7.1.0-150500.49.42.1 * qemu-ppc-debuginfo-7.1.0-150500.49.42.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.42.1 * qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.42.1 * qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.42.1 * qemu-ui-spice-core-7.1.0-150500.49.42.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.42.1 * qemu-block-ssh-7.1.0-150500.49.42.1 * qemu-guest-agent-debuginfo-7.1.0-150500.49.42.1 * qemu-audio-alsa-7.1.0-150500.49.42.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.42.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.42.1 * qemu-hw-usb-smartcard-debuginfo-7.1.0-150500.49.42.1 * qemu-block-iscsi-7.1.0-150500.49.42.1 * qemu-audio-jack-7.1.0-150500.49.42.1 * qemu-audio-alsa-debuginfo-7.1.0-150500.49.42.1 * qemu-s390x-debuginfo-7.1.0-150500.49.42.1 * qemu-x86-7.1.0-150500.49.42.1 * qemu-extra-debuginfo-7.1.0-150500.49.42.1 * qemu-block-curl-debuginfo-7.1.0-150500.49.42.1 * qemu-extra-7.1.0-150500.49.42.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.42.1 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.42.1 * qemu-arm-debuginfo-7.1.0-150500.49.42.1 * qemu-ui-spice-app-7.1.0-150500.49.42.1 * qemu-7.1.0-150500.49.42.1 * qemu-debuginfo-7.1.0-150500.49.42.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.42.1 * qemu-block-nfs-7.1.0-150500.49.42.1 * qemu-block-nfs-debuginfo-7.1.0-150500.49.42.1 * qemu-chardev-spice-7.1.0-150500.49.42.1 * qemu-x86-debuginfo-7.1.0-150500.49.42.1 * qemu-block-iscsi-debuginfo-7.1.0-150500.49.42.1 * qemu-linux-user-debuginfo-7.1.0-150500.49.42.1 * qemu-block-dmg-7.1.0-150500.49.42.1 * qemu-hw-display-qxl-7.1.0-150500.49.42.1 * qemu-audio-jack-debuginfo-7.1.0-150500.49.42.1 *qemu-hw-display-virtio-gpu-7.1.0-150500.49.42.1 * qemu-accel-qtest-7.1.0-150500.49.42.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.42.1 * qemu-headless-7.1.0-150500.49.42.1 * qemu-ui-curses-7.1.0-150500.49.42.1 * qemu-audio-pa-7.1.0-150500.49.42.1 * qemu-block-ssh-debuginfo-7.1.0-150500.49.42.1 * qemu-arm-7.1.0-150500.49.42.1 * qemu-accel-tcg-x86-7.1.0-150500.49.42.1 * qemu-guest-agent-7.1.0-150500.49.42.1 * qemu-ui-spice-app-debuginfo-7.1.0-150500.49.42.1 * qemu-hw-usb-smartcard-7.1.0-150500.49.42.1 * qemu-ui-dbus-7.1.0-150500.49.42.1 * qemu-debugsource-7.1.0-150500.49.42.1 * qemu-tools-debuginfo-7.1.0-150500.49.42.1 * qemu-ivshmem-tools-debuginfo-7.1.0-150500.49.42.1 * qemu-block-dmg-debuginfo-7.1.0-150500.49.42.1 * qemu-vhost-user-gpu-debuginfo-7.1.0-150500.49.42.1 * qemu-ui-dbus-debuginfo-7.1.0-150500.49.42.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.42.1 * qemu-block-gluster-debuginfo-7.1.0-150500.49.42.1 * qemu-s390x-7.1.0-150500.49.42.1 * qemu-ppc-7.1.0-150500.49.42.1 * qemu-linux-user-debugsource-7.1.0-150500.49.42.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.42.1 * qemu-ui-gtk-debuginfo-7.1.0-150500.49.42.1 * qemu-hw-usb-host-7.1.0-150500.49.42.1 * qemu-ui-curses-debuginfo-7.1.0-150500.49.42.1 * qemu-chardev-baum-debuginfo-7.1.0-150500.49.42.1 * qemu-vhost-user-gpu-7.1.0-150500.49.42.1 * qemu-accel-qtest-debuginfo-7.1.0-150500.49.42.1 * qemu-block-gluster-7.1.0-150500.49.42.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.42.1 * qemu-tools-7.1.0-150500.49.42.1 * qemu-audio-pa-debuginfo-7.1.0-150500.49.42.1 * qemu-ui-gtk-7.1.0-150500.49.42.1 * qemu-audio-oss-7.1.0-150500.49.42.1 * qemu-audio-oss-debuginfo-7.1.0-150500.49.42.1 * qemu-ksm-7.1.0-150500.49.42.1 * qemu-hw-usb-host-debuginfo-7.1.0-150500.49.42.1 * qemu-audio-spice-7.1.0-150500.49.42.1 * qemu-chardev-baum-7.1.0-150500.49.42.1 *qemu-block-curl-7.1.0-150500.49.42.1 * qemu-audio-dbus-7.1.0-150500.49.42.1 * qemu-hw-usb-redirect-7.1.0-150500.49.42.1 * qemu-linux-user-7.1.0-150500.49.42.1 * qemu-ui-opengl-7.1.0-150500.49.42.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.42.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * qemu-block-rbd-7.1.0-150500.49.42.1 * qemu-block-rbd-debuginfo-7.1.0-150500.49.42.1 * openSUSE Leap 15.5 (s390x x86_64 i586) * qemu-kvm-7.1.0-150500.49.42.1 * openSUSE Leap 15.5 (noarch) * qemu-vgabios-1.16.0_0_gd239552-150500.49.42.1 * qemu-sgabios-8-150500.49.42.1 * qemu-microvm-7.1.0-150500.49.42.1 * qemu-SLOF-7.1.0-150500.49.42.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.42.1 * qemu-skiboot-7.1.0-150500.49.42.1 * qemu-ipxe-1.0.0+-150500.49.42.1 * qemu-lang-7.1.0-150500.49.42.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * qemu-7.1.0-150500.49.42.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.42.1 * qemu-debuginfo-7.1.0-150500.49.42.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.42.1 * qemu-debugsource-7.1.0-150500.49.42.1 * qemu-tools-debuginfo-7.1.0-150500.49.42.1 * qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.42.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.42.1 * qemu-ui-spice-core-7.1.0-150500.49.42.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.42.1 * qemu-guest-agent-debuginfo-7.1.0-150500.49.42.1 * qemu-chardev-spice-7.1.0-150500.49.42.1 * qemu-tools-7.1.0-150500.49.42.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.42.1 * qemu-hw-display-qxl-7.1.0-150500.49.42.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.42.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.42.1 * qemu-audio-spice-7.1.0-150500.49.42.1 * qemu-block-curl-7.1.0-150500.49.42.1 * qemu-block-curl-debuginfo-7.1.0-150500.49.42.1 * qemu-hw-usb-redirect-7.1.0-150500.49.42.1 * qemu-ui-opengl-7.1.0-150500.49.42.1 *qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.42.1 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.42.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.42.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.42.1 * qemu-guest-agent-7.1.0-150500.49.42.1 * SUSE Linux Enterprise Micro 5.5 (s390x) * qemu-s390x-7.1.0-150500.49.42.1 * qemu-s390x-debuginfo-7.1.0-150500.49.42.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * qemu-x86-debuginfo-7.1.0-150500.49.42.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.42.1 * qemu-x86-7.1.0-150500.49.42.1 * qemu-accel-tcg-x86-7.1.0-150500.49.42.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * qemu-vgabios-1.16.0_0_gd239552-150500.49.42.1 * qemu-sgabios-8-150500.49.42.1 * qemu-SLOF-7.1.0-150500.49.42.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.42.1 * qemu-ipxe-1.0.0+-150500.49.42.1 * SUSE Linux Enterprise Micro 5.5 (aarch64) * qemu-arm-debuginfo-7.1.0-150500.49.42.1 * qemu-arm-7.1.0-150500.49.42.1 * SUSE Linux Enterprise Micro 5.5 (ppc64le) * qemu-ppc-debuginfo-7.1.0-150500.49.42.1 * qemu-ppc-7.1.0-150500.49.42.1 * Server Applications Module 15-SP7 (noarch) * qemu-sgabios-8-150500.49.42.1 ## References: * https://www.suse.com/security/cve/CVE-2026-2243.html * https://www.suse.com/security/cve/CVE-2026-3842.html * https://bugzilla.suse.com/show_bug.cgi?id=1199023 * https://bugzilla.suse.com/show_bug.cgi?id=1258509 * https://bugzilla.suse.com/show_bug.cgi?id=1262089 . # Security update for qemu Announcement ID: SUSE-SU-2026:2388-1 Release Date: 2026-06-12T13:59:31Z R. security, update, solves, vulnerabilities, installed. . LinuxSecurity.com Team

Calendar%202 Jun 12, 2026 OpenSUSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Can sandbox isolation stop malware?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/154-can-sandbox-isolation-stop-malware?task=poll.vote&format=json
154
radio
0
[{"id":497,"title":"Breaches happen despite container barriers.","votes":1,"type":"x","order":1,"pct":33.33,"resources":[]},{"id":498,"title":"Supply chain flaws exploit trust.","votes":2,"type":"x","order":2,"pct":66.67,"resources":[]},{"id":499,"title":"Flawed configurations expose vital files.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Your message here