Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 260 articles for you...
202

openSUSE php-composer2 Important Vulnerability Update 2026-3105-1

An update that solves nine vulnerabilities can now be installed.. # Security update for php-composer2 Announcement ID: SUSE-SU-2026:3105-1 Release Date: 2026-07-17T13:32:58Z Rating: important References: * bsc#1271122 * bsc#1271129 * bsc#1271151 * bsc#1271504 Cross-References: * CVE-2024-35241 * CVE-2024-35242 * CVE-2025-67746 * CVE-2026-40176 * CVE-2026-40261 * CVE-2026-45793 * CVE-2026-59946 * CVE-2026-59947 * CVE-2026-59948 CVSS scores: * CVE-2024-35241 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-35241 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-35242 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-35242 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-67746 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-67746 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-67746 ( NVD ): 1.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-67746 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-40176 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-40176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-40176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-40261 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-40261 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-40261 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-45793 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-45793 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-59946 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-59946 ( SUSE ): 5.5CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-59946 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N * CVE-2026-59947 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-59947 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-59947 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-59948 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-59948 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-59948 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * Web and Scripting Module 15-SP7 An update that solves nine vulnerabilities can now be installed. ## Description: This update for php-composer2 fixes the following issues: * CVE-2026-45793: Github Actions issued `GITHUB_TOKEN` disclosure in GitHub Actions logs (bsc#1271504). * CVE-2026-59946: path traversal in package `bin` field lets dependencies `chmod` arbitrary host files (bsc#1271151). * CVE-2026-59947: URL-embedded HTTP-Basic username leaks to verbose logs (bsc#1271129). * CVE-2026-59948: arbitrary file write outside `vendor`directory via malicious transitive package name (bsc#1271122). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-3105=1 * Web and Scripting Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP7-2026-3105=1 * SUSE Linux Enterprise Server forSAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-3105=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-3105=1 ## Package List: * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * php-composer2-2.6.4-150600.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * php-composer2-2.6.4-150600.3.12.1 * Web and Scripting Module 15-SP7 (noarch) * php-composer2-2.6.4-150600.3.12.1 * openSUSE Leap 15.6 (noarch) * php-composer2-2.6.4-150600.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-35241.html * https://www.suse.com/security/cve/CVE-2024-35242.html * https://www.suse.com/security/cve/CVE-2025-67746.html * https://www.suse.com/security/cve/CVE-2026-40176.html * https://www.suse.com/security/cve/CVE-2026-40261.html * https://www.suse.com/security/cve/CVE-2026-45793.html * https://www.suse.com/security/cve/CVE-2026-59946.html * https://www.suse.com/security/cve/CVE-2026-59947.html * https://www.suse.com/security/cve/CVE-2026-59948.html * https://bugzilla.suse.com/show_bug.cgi?id=1271122 * https://bugzilla.suse.com/show_bug.cgi?id=1271129 * https://bugzilla.suse.com/show_bug.cgi?id=1271151 * https://bugzilla.suse.com/show_bug.cgi?id=1271504 . OpenSUSE has released important updates for php-composer2 addressing multiple vulnerabilities in the software package.. php composer update, opensuse security, important updates, package vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 17, 2026 Important OpenSUSE
217

Oracle Linux 10 PackageKit Important Update ELSA-2026-19141 CVE-2026-41651

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-19141 http://linux.oracle.com/errata/ELSA-2026-19141.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: PackageKit-1.2.8-8.0.1.el10_2.x86_64.rpm PackageKit-command-not-found-1.2.8-8.0.1.el10_2.x86_64.rpm PackageKit-glib-1.2.8-8.0.1.el10_2.x86_64.rpm PackageKit-glib-devel-1.2.8-8.0.1.el10_2.x86_64.rpm PackageKit-gstreamer-plugin-1.2.8-8.0.1.el10_2.x86_64.rpm PackageKit-gtk3-module-1.2.8-8.0.1.el10_2.x86_64.rpm aarch64: PackageKit-1.2.8-8.0.1.el10_2.aarch64.rpm PackageKit-command-not-found-1.2.8-8.0.1.el10_2.aarch64.rpm PackageKit-glib-1.2.8-8.0.1.el10_2.aarch64.rpm PackageKit-glib-devel-1.2.8-8.0.1.el10_2.aarch64.rpm PackageKit-gstreamer-plugin-1.2.8-8.0.1.el10_2.aarch64.rpm PackageKit-gtk3-module-1.2.8-8.0.1.el10_2.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/PackageKit-1.2.8-8.0.1.el10_2.src.rpm Related CVEs: CVE-2026-41651 Description of changes: [1.2.8-8.0.1] - remove RHEL vendor patch PackageKit-0.3.8-RHEL-Vendor.conf.patch _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 10 updated PackageKit with important security updates addressing CVE-2026-41651. Check the advisory for details.. Oracle Linux, PackageKit, Important Advisory, Security Updates, CVE-2026-41651. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 17, 2026 Important Oracle
89

Fedora 43 python-tiktoken Security Advisory Fix RUSTSEC 2026-8abedbcc4f

Update to upstream release 0.13.0; update PyO3 to 0.29, fixing RUSTSEC-2026-0176 and RUSTSEC-2026-0177.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-8abedbcc4f 2026-07-16 01:28:35.510726+00:00 -------------------------------------------------------------------------------- Name : python-tiktoken Product : Fedora 43 Version : 0.13.0 Release : 2.fc43 URL : https://pypi.org/project/tiktoken/ Summary : tiktoken is a fast BPE tokeniser for use with OpenAI's models Description : tiktoken is a fast BPE tokeniser for use with OpenAI's models. -------------------------------------------------------------------------------- Update Information: Update to upstream release 0.13.0; update PyO3 to 0.29, fixing RUSTSEC-2026-0176 and RUSTSEC-2026-0177. -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 6 2026 Benjamin A. Beasley - 0.13.0-2 - Update PyO3 to 0.29 - Fixes RUSTSEC-2026-0176 and RUSTSEC-2026-0177 * Mon Jul 6 2026 Benjamin A. Beasley - 0.13.0-1 - Update to 0.13.0 (close RHBZ#2477785) * Mon Jul 6 2026 Benjamin A. Beasley - 0.12.0-6 - Add a comment to justify not running the tests * Mon Jul 6 2026 Benjamin A. Beasley - 0.12.0-5 - Avoid installing duplicate license files * Mon Jul 6 2026 Benjamin A. Beasley - 0.12.0-4 - Improve/simplify handling of Rust dependency licenses * Wed Jun 3 2026 Python Maint - 0.12.0-3 - Rebuilt for Python 3.15 * Sat Jan 17 2026 Fedora Release Engineering - 0.12.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Tue Oct 7 2025 Lumir Balhar - 0.12.0-1 - Update to 0.12.0 (rhbz#2402015) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2477785 - python-tiktoken-0.13.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2477785 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-8abedbcc4f' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . The update to python-tiktoken 0.13.0 addresses security issues RUSTSEC-2026-0176 and RUSTSEC-2026-0177 for Fedora users.. python tiktoken update, fedora package management, rust security. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 15, 2026 Important Fedora
202

openSUSE php8 Moderate Buffer Allocation Issue 2026-2880-1 CVE-2026-14355

An update that solves one vulnerability can now be installed.. # Security update for php8 Announcement ID: SUSE-SU-2026:2880-1 Release Date: 2026-07-13T09:39:59Z Rating: moderate References: * bsc#1270351 Cross-References: * CVE-2026-14355 CVSS scores: * CVE-2026-14355 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-14355 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-14355 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-14355 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 An update that solves one vulnerability can now be installed. ## Description: This update for php8 fixes the following issue * CVE-2026-14355: The AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw (bsc#1270351). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2880=1 ## Package List: * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * php8-bcmath-debuginfo-8.0.30-150400.4.68.1 * php8-zip-debuginfo-8.0.30-150400.4.68.1 * php8-mysql-8.0.30-150400.4.68.1 * php8-pcntl-8.0.30-150400.4.68.1 * php8-bcmath-8.0.30-150400.4.68.1 * php8-embed-debuginfo-8.0.30-150400.4.68.1 * apache2-mod_php8-8.0.30-150400.4.68.1 * php8-openssl-debuginfo-8.0.30-150400.4.68.1 * php8-opcache-debuginfo-8.0.30-150400.4.68.1 * php8-sockets-debuginfo-8.0.30-150400.4.68.1 * php8-fileinfo-8.0.30-150400.4.68.1 * php8-phar-8.0.30-150400.4.68.1 * php8-ctype-debuginfo-8.0.30-150400.4.68.1 * php8-ftp-debuginfo-8.0.30-150400.4.68.1 * php8-fileinfo-debuginfo-8.0.30-150400.4.68.1 * php8-fpm-debuginfo-8.0.30-150400.4.68.1 *php8-bz2-debuginfo-8.0.30-150400.4.68.1 * php8-readline-debuginfo-8.0.30-150400.4.68.1 * php8-tidy-8.0.30-150400.4.68.1 * php8-phar-debuginfo-8.0.30-150400.4.68.1 * php8-calendar-8.0.30-150400.4.68.1 * php8-gettext-debuginfo-8.0.30-150400.4.68.1 * php8-xsl-8.0.30-150400.4.68.1 * php8-fastcgi-debugsource-8.0.30-150400.4.68.1 * php8-gmp-debuginfo-8.0.30-150400.4.68.1 * php8-shmop-debuginfo-8.0.30-150400.4.68.1 * php8-posix-debuginfo-8.0.30-150400.4.68.1 * php8-readline-8.0.30-150400.4.68.1 * php8-bz2-8.0.30-150400.4.68.1 * php8-debuginfo-8.0.30-150400.4.68.1 * php8-sysvmsg-debuginfo-8.0.30-150400.4.68.1 * php8-sysvshm-8.0.30-150400.4.68.1 * php8-zip-8.0.30-150400.4.68.1 * php8-pcntl-debuginfo-8.0.30-150400.4.68.1 * php8-enchant-debuginfo-8.0.30-150400.4.68.1 * php8-opcache-8.0.30-150400.4.68.1 * php8-test-8.0.30-150400.4.68.1 * php8-ldap-8.0.30-150400.4.68.1 * php8-tokenizer-8.0.30-150400.4.68.1 * php8-pdo-debuginfo-8.0.30-150400.4.68.1 * php8-sodium-debuginfo-8.0.30-150400.4.68.1 * php8-curl-debuginfo-8.0.30-150400.4.68.1 * php8-devel-8.0.30-150400.4.68.1 * php8-sqlite-debuginfo-8.0.30-150400.4.68.1 * apache2-mod_php8-debuginfo-8.0.30-150400.4.68.1 * php8-dba-8.0.30-150400.4.68.1 * php8-sockets-8.0.30-150400.4.68.1 * php8-calendar-debuginfo-8.0.30-150400.4.68.1 * php8-sysvsem-8.0.30-150400.4.68.1 * php8-xmlreader-debuginfo-8.0.30-150400.4.68.1 * php8-xmlwriter-debuginfo-8.0.30-150400.4.68.1 * php8-gd-debuginfo-8.0.30-150400.4.68.1 * php8-ftp-8.0.30-150400.4.68.1 * php8-enchant-8.0.30-150400.4.68.1 * php8-odbc-8.0.30-150400.4.68.1 * php8-pgsql-8.0.30-150400.4.68.1 * php8-soap-8.0.30-150400.4.68.1 * php8-dba-debuginfo-8.0.30-150400.4.68.1 * php8-gettext-8.0.30-150400.4.68.1 * php8-ctype-8.0.30-150400.4.68.1 * php8-snmp-8.0.30-150400.4.68.1 * php8-dom-debuginfo-8.0.30-150400.4.68.1 * php8-tidy-debuginfo-8.0.30-150400.4.68.1 *php8-tokenizer-debuginfo-8.0.30-150400.4.68.1 * php8-snmp-debuginfo-8.0.30-150400.4.68.1 * php8-dom-8.0.30-150400.4.68.1 * php8-xmlwriter-8.0.30-150400.4.68.1 * apache2-mod_php8-debugsource-8.0.30-150400.4.68.1 * php8-sysvsem-debuginfo-8.0.30-150400.4.68.1 * php8-xmlreader-8.0.30-150400.4.68.1 * php8-fastcgi-debuginfo-8.0.30-150400.4.68.1 * php8-pgsql-debuginfo-8.0.30-150400.4.68.1 * php8-sysvmsg-8.0.30-150400.4.68.1 * php8-xsl-debuginfo-8.0.30-150400.4.68.1 * php8-openssl-8.0.30-150400.4.68.1 * php8-fastcgi-8.0.30-150400.4.68.1 * php8-shmop-8.0.30-150400.4.68.1 * php8-8.0.30-150400.4.68.1 * php8-fpm-debugsource-8.0.30-150400.4.68.1 * php8-debugsource-8.0.30-150400.4.68.1 * php8-exif-8.0.30-150400.4.68.1 * php8-iconv-debuginfo-8.0.30-150400.4.68.1 * php8-odbc-debuginfo-8.0.30-150400.4.68.1 * php8-sqlite-8.0.30-150400.4.68.1 * php8-zlib-8.0.30-150400.4.68.1 * php8-sysvshm-debuginfo-8.0.30-150400.4.68.1 * php8-fpm-8.0.30-150400.4.68.1 * php8-sodium-8.0.30-150400.4.68.1 * php8-embed-8.0.30-150400.4.68.1 * php8-soap-debuginfo-8.0.30-150400.4.68.1 * php8-embed-debugsource-8.0.30-150400.4.68.1 * php8-exif-debuginfo-8.0.30-150400.4.68.1 * php8-mysql-debuginfo-8.0.30-150400.4.68.1 * php8-intl-debuginfo-8.0.30-150400.4.68.1 * php8-cli-8.0.30-150400.4.68.1 * php8-iconv-8.0.30-150400.4.68.1 * php8-ldap-debuginfo-8.0.30-150400.4.68.1 * php8-curl-8.0.30-150400.4.68.1 * php8-intl-8.0.30-150400.4.68.1 * php8-posix-8.0.30-150400.4.68.1 * php8-gmp-8.0.30-150400.4.68.1 * php8-gd-8.0.30-150400.4.68.1 * php8-mbstring-8.0.30-150400.4.68.1 * php8-zlib-debuginfo-8.0.30-150400.4.68.1 * php8-cli-debuginfo-8.0.30-150400.4.68.1 * php8-pdo-8.0.30-150400.4.68.1 * php8-mbstring-debuginfo-8.0.30-150400.4.68.1 ## References: * https://www.suse.com/security/cve/CVE-2026-14355.html * https://bugzilla.suse.com/show_bug.cgi?id=1270351 . # Security update for php8Announcement ID: SUSE-SU-2026:2880-1 Release Date: 2026-07-13T09:39:59Z R. update, solves, vulnerability, installed, security, announcemen. . Severity: Medium. LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 Medium OpenSUSE
202

openSUSE Kernel Important Security Update 2026-2889-1 - 21 Fixes

An update that solves 21 vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 44 for SUSE Linux Enterprise 15 SP4) Announcement ID: SUSE-SU-2026:2889-1 Release Date: 2026-07-13T10:20:19Z Rating: important References: * bsc#1256615 * bsc#1260524 * bsc#1262759 * bsc#1263118 * bsc#1263177 * bsc#1263670 * bsc#1264094 * bsc#1264252 * bsc#1264253 * bsc#1264849 * bsc#1265127 * bsc#1265197 * bsc#1265945 * bsc#1266015 * bsc#1266265 * bsc#1267206 * bsc#1267698 * bsc#1267723 * bsc#1267893 * bsc#1268662 * bsc#1269023 Cross-References: * CVE-2025-71089 * CVE-2026-23393 * CVE-2026-31533 * CVE-2026-31570 * CVE-2026-31586 * CVE-2026-31685 * CVE-2026-31758 * CVE-2026-43025 * CVE-2026-43027 * CVE-2026-43037 * CVE-2026-43190 * CVE-2026-43437 * CVE-2026-43494 * CVE-2026-43501 * CVE-2026-45970 * CVE-2026-46120 * CVE-2026-46173 * CVE-2026-46227 * CVE-2026-46243 * CVE-2026-52909 * CVE-2026-52943 CVSS scores: * CVE-2025-71089 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-71089 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71089 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2025-71089 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23393 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31533 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:N/SA:N * CVE-2026-31570 ( SUSE ): 7.0CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31586 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31685 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31685 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31685 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31758 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31758 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31758 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-43027 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43027 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43190 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43190 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43190 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43437 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43437 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43437 ( NVD ): 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43494 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43501 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43501 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43501 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43501 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45970 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46120 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46227 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46243 ( NVD ): 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-52909 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-52909 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-52909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-52943 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-52943 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-52943 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-52943 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves 21 vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.176 fixes various security issues The following security issues were fixed: * CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256615). * CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260524). * CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (bsc#1262759). * CVE-2026-31570: can: gw: fix OOB heap access in cgw_csum_crc8_rel() (bsc#1263118). * CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (bsc#1263177). * CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263670). * CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmc_release (bsc#1264094). * CVE-2026-43025: netfilter: ctnetlink: ignore explicithelper on new expectations (bsc#1264253). * CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect cleanup (bsc#1264252). * CVE-2026-43037: ip6_tunnel: clear skb2-> cb[] in ip4ip6_err() (bsc#1265197). * CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264849). * CVE-2026-43437: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (bsc#1265127). * CVE-2026-43494: RDS zerocopy attack aka PinTheft (bsc#1265945). * CVE-2026-43501: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (bsc#1266015). * CVE-2026-45970: bonding: alb: fix UAF in rlb_arp_recv during bond up/down (bsc#1267206). * CVE-2026-46120: ip6_gre: Use cached t-> net in ip6erspan_changelink() (bsc#1267893). * CVE-2026-46173: exit: prevent preemption of oopsing TASK_DEAD task (bsc#1267723). * CVE-2026-46227: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (bsc#1267698). * CVE-2026-46243: smb: client: reject userspace cifs.spnego descriptions (CIFSwitch) (bsc#1266265). * CVE-2026-52909: ip6_vti: set netns_immutable on the fallback device (bsc#1268662). * CVE-2026-52943: net: skbuff: fix missing zerocopy reference in pskb_carve helpers (bsc#1269023). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-2889=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2889=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_44-debugsource-16-150400.2.1 * kernel-livepatch-5_14_21-150400_24_176-default-16-150400.2.1 * kernel-livepatch-5_14_21-150400_24_176-default-debuginfo-16-150400.2.1 * openSUSE Leap 15.4 (ppc64le s390xx86_64) * kernel-livepatch-SLE15-SP4_Update_44-debugsource-16-150400.2.1 * kernel-livepatch-5_14_21-150400_24_176-default-debuginfo-16-150400.2.1 * kernel-livepatch-5_14_21-150400_24_176-default-16-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-71089.html * https://www.suse.com/security/cve/CVE-2026-23393.html * https://www.suse.com/security/cve/CVE-2026-31533.html * https://www.suse.com/security/cve/CVE-2026-31570.html * https://www.suse.com/security/cve/CVE-2026-31586.html * https://www.suse.com/security/cve/CVE-2026-31685.html * https://www.suse.com/security/cve/CVE-2026-31758.html * https://www.suse.com/security/cve/CVE-2026-43025.html * https://www.suse.com/security/cve/CVE-2026-43027.html * https://www.suse.com/security/cve/CVE-2026-43037.html * https://www.suse.com/security/cve/CVE-2026-43190.html * https://www.suse.com/security/cve/CVE-2026-43437.html * https://www.suse.com/security/cve/CVE-2026-43494.html * https://www.suse.com/security/cve/CVE-2026-43501.html * https://www.suse.com/security/cve/CVE-2026-45970.html * https://www.suse.com/security/cve/CVE-2026-46120.html * https://www.suse.com/security/cve/CVE-2026-46173.html * https://www.suse.com/security/cve/CVE-2026-46227.html * https://www.suse.com/security/cve/CVE-2026-46243.html * https://www.suse.com/security/cve/CVE-2026-52909.html * https://www.suse.com/security/cve/CVE-2026-52943.html * https://bugzilla.suse.com/show_bug.cgi?id=1256615 * https://bugzilla.suse.com/show_bug.cgi?id=1260524 * https://bugzilla.suse.com/show_bug.cgi?id=1262759 * https://bugzilla.suse.com/show_bug.cgi?id=1263118 * https://bugzilla.suse.com/show_bug.cgi?id=1263177 * https://bugzilla.suse.com/show_bug.cgi?id=1263670 * https://bugzilla.suse.com/show_bug.cgi?id=1264094 * https://bugzilla.suse.com/show_bug.cgi?id=1264252 * https://bugzilla.suse.com/show_bug.cgi?id=1264253 * https://bugzilla.suse.com/show_bug.cgi?id=1264849 *https://bugzilla.suse.com/show_bug.cgi?id=1265127 * https://bugzilla.suse.com/show_bug.cgi?id=1265197 * https://bugzilla.suse.com/show_bug.cgi?id=1265945 * https://bugzilla.suse.com/show_bug.cgi?id=1266015 * https://bugzilla.suse.com/show_bug.cgi?id=1266265 * https://bugzilla.suse.com/show_bug.cgi?id=1267206 * https://bugzilla.suse.com/show_bug.cgi?id=1267698 * https://bugzilla.suse.com/show_bug.cgi?id=1267723 * https://bugzilla.suse.com/show_bug.cgi?id=1267893 * https://bugzilla.suse.com/show_bug.cgi?id=1268662 * https://bugzilla.suse.com/show_bug.cgi?id=1269023 . # Security update for the Linux Kernel (Live Patch 44 for SUSE Linux Enterprise 15 SP4) Announcement. update, solves, vulnerabilities, installed, security, linux, kerne. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 Important OpenSUSE
217

Oracle Linux Important Kernel Patch ELSA-2026-50351 CVE-2026-52943

The following updated rpms for have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-50351 http://linux.oracle.com/errata/ELSA-2026-50351.html The following updated rpms for have been uploaded to the Unbreakable LinuxNetwork: x86_64: kernel-uek-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-core-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-devel-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-doc-6.12.0-203.76.7.6.el10uek.noarch.rpm kernel-uek-modules-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-modules-core-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-modules-deprecated-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-modules-desktop-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-modules-extra-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-modules-extra-netfilter-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-modules-usb-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-modules-wireless-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-tools-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-core-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-devel-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-modules-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-modules-core-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-modules-deprecated-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-modules-desktop-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-modules-extra-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-modules-usb-6.12.0-203.76.7.6.el10uek.x86_64.rpm kernel-uek-debug-modules-wireless-6.12.0-203.76.7.6.el10uek.x86_64.rpm aarch64: kernel-uek-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-core-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-devel-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-doc-6.12.0-203.76.7.6.el10uek.noarch.rpm kernel-uek-modules-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-modules-core-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-modules-deprecated-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-modules-desktop-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-modules-extra-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-modules-extra-netfilter-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-modules-usb-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-modules-wireless-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-tools-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-core-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-devel-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-modules-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-modules-core-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-modules-deprecated-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-modules-desktop-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-modules-extra-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-modules-usb-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek-debug-modules-wireless-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-core-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-devel-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-modules-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-modules-core-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-modules-deprecated-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-modules-desktop-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-modules-extra-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-modules-extra-netfilter-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-modules-usb-6.12.0-203.76.7.6.el10uek.aarch64.rpm kernel-uek64k-modules-wireless-6.12.0-203.76.7.6.el10uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/kernel-uek-6.12.0-203.76.7.6.el10uek.src.rpm Related CVEs: CVE-2026-52943 Description of changes: [6.12.0-203.76.7.6] - net: skbuff: fix missing zerocopy reference in pskb_carve helpers (Minh Nguyen) [Orabug: 39639984] {CVE-2026-52943} _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Updated kernels have been uploaded for Oracle Linux to address security flaws. Important patches are recommended.. Oracle Linux Kernel Update Important Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 Important Oracle
202

openSUSE Tumbleweed Agama Web UI Moderate Fix 2026-11128-1 CVE-2026-34077

An update that solves one vulnerability can now be installed.. # agama-web-ui-22+143.ee15dea20-46.1 on GA media Announcement ID: openSUSE-SU-2026:11128-1 Rating: moderate Cross-References: * CVE-2026-34077 CVSS scores: * CVE-2026-34077 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the agama-web-ui-22+143.ee15dea20-46.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * agama-web-ui 22+143.ee15dea20-46.1 ## References: * https://www.suse.com/security/cve/CVE-2026-34077.html . An agama-web-ui update addresses a moderate risk vulnerability in openSUSE. Learn more about the security advisory details.. openSUSE updates, agama-web-ui security, moderate risk issue, vulnerability details. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jun 28, 2026 moderate OpenSUSE
217

Oracle Linux 9 Thunderbird Important Update ELSA-2026-21381

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-21381 http://linux.oracle.com/errata/ELSA-2026-21381.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: thunderbird-140.11.0-1.0.1.el9_8.x86_64.rpm aarch64: thunderbird-140.11.0-1.0.1.el9_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/thunderbird-140.11.0-1.0.1.el9_8.src.rpm Related CVEs: CVE-2026-8388 CVE-2026-8391 CVE-2026-8401 CVE-2026-8946 CVE-2026-8947 CVE-2026-8950 CVE-2026-8953 CVE-2026-8954 CVE-2026-8955 CVE-2026-8956 CVE-2026-8957 CVE-2026-8958 CVE-2026-8959 CVE-2026-8961 CVE-2026-8962 CVE-2026-8968 CVE-2026-8970 CVE-2026-8974 CVE-2026-8975 Description of changes: [140.11.0-1.0.1] - Fix prefs for new nss [Orabug: 37079813] - Add Oracle prefs [140.11.0] - Add OpenELA debranding [140.11.0-1] - Update to 140.11.0 ESR [140.10.1-1] - Update to 140.10.1 ESR _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 9 advises an important update for Thunderbird addressing multiple CVEs for enhanced security and stability.. Oracle Linux, Thunderbird, security advisory, important update. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 24, 2026 Important Oracle
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200