Explore top 10 tips to secure your open-source projects now. Read More
×
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-19145 http://linux.oracle.com/errata/ELSA-2026-19145.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: krb5-devel-1.21.3-10.0.1.el10_2.x86_64.rpm krb5-libs-1.21.3-10.0.1.el10_2.x86_64.rpm krb5-pkinit-1.21.3-10.0.1.el10_2.x86_64.rpm krb5-server-1.21.3-10.0.1.el10_2.x86_64.rpm krb5-server-ldap-1.21.3-10.0.1.el10_2.x86_64.rpm krb5-workstation-1.21.3-10.0.1.el10_2.x86_64.rpm krb5-xrealmauthz-1.21.3-10.0.1.el10_2.x86_64.rpm libkadm5-1.21.3-10.0.1.el10_2.x86_64.rpm aarch64: krb5-devel-1.21.3-10.0.1.el10_2.aarch64.rpm krb5-libs-1.21.3-10.0.1.el10_2.aarch64.rpm krb5-pkinit-1.21.3-10.0.1.el10_2.aarch64.rpm krb5-server-1.21.3-10.0.1.el10_2.aarch64.rpm krb5-server-ldap-1.21.3-10.0.1.el10_2.aarch64.rpm krb5-workstation-1.21.3-10.0.1.el10_2.aarch64.rpm krb5-xrealmauthz-1.21.3-10.0.1.el10_2.aarch64.rpm libkadm5-1.21.3-10.0.1.el10_2.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/krb5-1.21.3-10.0.1.el10_2.src.rpm Related CVEs: CVE-2026-40355 CVE-2026-40356 Description of changes: [1.21.3-10.0.1] - Fixed race condition in krb5_set_password() [Orabug: 33609767] [1.21.3-10] - Fix NegoEx parsing vulnerabilities (CVE-2026-40355, CVE-2026-40356) Resolves: RHEL-171588 RHEL-171597 _______________________________________________ El-errata mailing list
An update that solves one vulnerability can now be installed.. # Security update for krb5 Announcement ID: SUSE-SU-2026:2954-1 Release Date: 2026-07-14T09:57:42Z Rating: important References: * bsc#1268131 Cross-References: * CVE-2026-11850 CVSS scores: * CVE-2026-11850 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2026-11850 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for krb5 fixes the following issue * CVE-2026-11850: integer underflow in berval2tl_data() leads to heap out-of- bounds read (bsc#1268131). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2954=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2954=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2954=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2954=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2954=1 * SUSE LinuxEnterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2954=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2954=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2954=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2954=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * krb5-client-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.24.1 * krb5-server-1.19.2-150400.3.24.1 * krb5-debugsource-1.19.2-150400.3.24.1 * krb5-1.19.2-150400.3.24.1 * krb5-client-1.19.2-150400.3.24.1 * krb5-debuginfo-1.19.2-150400.3.24.1 * krb5-devel-1.19.2-150400.3.24.1 * krb5-server-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.24.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.24.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * krb5-32bit-debuginfo-1.19.2-150400.3.24.1 * krb5-32bit-1.19.2-150400.3.24.1 * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * krb5-debugsource-1.19.2-150400.3.24.1 * krb5-mini-debugsource-1.19.2-150400.3.24.1 * krb5-plugin-preauth-spake-1.19.2-150400.3.24.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.24.1 * krb5-mini-debuginfo-1.19.2-150400.3.24.1 * krb5-debuginfo-1.19.2-150400.3.24.1 * krb5-server-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.24.1 * krb5-server-1.19.2-150400.3.24.1 * krb5-mini-1.19.2-150400.3.24.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.24.1 * krb5-devel-1.19.2-150400.3.24.1 * krb5-client-debuginfo-1.19.2-150400.3.24.1 *krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.24.1 * krb5-1.19.2-150400.3.24.1 * krb5-mini-devel-1.19.2-150400.3.24.1 * krb5-client-1.19.2-150400.3.24.1 * krb5-plugin-preauth-spake-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.24.1 * openSUSE Leap 15.4 (aarch64_ilp32) * krb5-64bit-debuginfo-1.19.2-150400.3.24.1 * krb5-devel-64bit-1.19.2-150400.3.24.1 * krb5-64bit-1.19.2-150400.3.24.1 * openSUSE Leap 15.4 (x86_64) * krb5-32bit-debuginfo-1.19.2-150400.3.24.1 * krb5-devel-32bit-1.19.2-150400.3.24.1 * krb5-32bit-1.19.2-150400.3.24.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * krb5-client-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.24.1 * krb5-server-1.19.2-150400.3.24.1 * krb5-debugsource-1.19.2-150400.3.24.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.24.1 * krb5-1.19.2-150400.3.24.1 * krb5-debuginfo-1.19.2-150400.3.24.1 * krb5-client-1.19.2-150400.3.24.1 * krb5-devel-1.19.2-150400.3.24.1 * krb5-server-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.24.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.24.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * krb5-32bit-debuginfo-1.19.2-150400.3.24.1 * krb5-32bit-1.19.2-150400.3.24.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * krb5-client-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.24.1 * krb5-server-1.19.2-150400.3.24.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.24.1 * krb5-debugsource-1.19.2-150400.3.24.1 * krb5-1.19.2-150400.3.24.1 * krb5-client-1.19.2-150400.3.24.1 * krb5-devel-1.19.2-150400.3.24.1 * krb5-debuginfo-1.19.2-150400.3.24.1 *krb5-server-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.24.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.24.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * krb5-32bit-debuginfo-1.19.2-150400.3.24.1 * krb5-32bit-1.19.2-150400.3.24.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * krb5-client-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.24.1 * krb5-debugsource-1.19.2-150400.3.24.1 * krb5-server-1.19.2-150400.3.24.1 * krb5-1.19.2-150400.3.24.1 * krb5-client-1.19.2-150400.3.24.1 * krb5-debuginfo-1.19.2-150400.3.24.1 * krb5-devel-1.19.2-150400.3.24.1 * krb5-server-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.24.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.24.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.24.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * krb5-32bit-debuginfo-1.19.2-150400.3.24.1 * krb5-32bit-1.19.2-150400.3.24.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * krb5-debugsource-1.19.2-150400.3.24.1 * krb5-1.19.2-150400.3.24.1 * krb5-debuginfo-1.19.2-150400.3.24.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * krb5-debugsource-1.19.2-150400.3.24.1 * krb5-1.19.2-150400.3.24.1 * krb5-debuginfo-1.19.2-150400.3.24.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * krb5-debugsource-1.19.2-150400.3.24.1 * krb5-1.19.2-150400.3.24.1 * krb5-debuginfo-1.19.2-150400.3.24.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * krb5-debugsource-1.19.2-150400.3.24.1 * krb5-1.19.2-150400.3.24.1 * krb5-debuginfo-1.19.2-150400.3.24.1 ## References: *https://www.suse.com/security/cve/CVE-2026-11850.html * https://bugzilla.suse.com/show_bug.cgi?id=1268131 . An important update for openSUSE addressing heap overflow issues in krb5 is now available, resolving CVE-2026-11850.. openSUSE security patch, krb5 update, CVE-2026-11850, important advisory. . Severity: Important. LinuxSecurity.com Team
An update that solves one vulnerability can now be installed.. # Security update for krb5 Announcement ID: SUSE-SU-2026:2847-1 Release Date: 2026-07-10T11:38:37Z Rating: important References: * bsc#1268131 Cross-References: * CVE-2026-11850 CVSS scores: * CVE-2026-11850 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2026-11850 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for krb5 fixes the following issue * CVE-2026-11850: integer underflow in berval2tl_data() leads to heap out-of- bounds read (bsc#1268131). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2847=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2847=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2847=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2847=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2847=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2847=1 ## Package List: * SUSE Linux Enterprise Server 15SP5 LTSS (aarch64 ppc64le s390x x86_64) * krb5-devel-1.20.1-150500.3.23.1 * krb5-plugin-kdb-ldap-1.20.1-150500.3.23.1 * krb5-client-debuginfo-1.20.1-150500.3.23.1 * krb5-server-debuginfo-1.20.1-150500.3.23.1 * krb5-plugin-preauth-pkinit-1.20.1-150500.3.23.1 * krb5-plugin-preauth-otp-1.20.1-150500.3.23.1 * krb5-client-1.20.1-150500.3.23.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.23.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.23.1 * krb5-1.20.1-150500.3.23.1 * krb5-debugsource-1.20.1-150500.3.23.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.23.1 * krb5-debuginfo-1.20.1-150500.3.23.1 * krb5-server-1.20.1-150500.3.23.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * krb5-32bit-debuginfo-1.20.1-150500.3.23.1 * krb5-32bit-1.20.1-150500.3.23.1 * openSUSE Leap 15.5 (aarch64 i586 ppc64le s390x x86_64) * krb5-client-1.20.1-150500.3.23.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.23.1 * krb5-plugin-kdb-ldap-1.20.1-150500.3.23.1 * krb5-server-debuginfo-1.20.1-150500.3.23.1 * krb5-plugin-preauth-otp-1.20.1-150500.3.23.1 * krb5-mini-debugsource-1.20.1-150500.3.23.1 * krb5-1.20.1-150500.3.23.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.23.1 * krb5-debuginfo-1.20.1-150500.3.23.1 * krb5-plugin-preauth-pkinit-1.20.1-150500.3.23.1 * krb5-client-debuginfo-1.20.1-150500.3.23.1 * krb5-mini-1.20.1-150500.3.23.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.23.1 * krb5-debugsource-1.20.1-150500.3.23.1 * krb5-plugin-preauth-spake-debuginfo-1.20.1-150500.3.23.1 * krb5-devel-1.20.1-150500.3.23.1 * krb5-mini-debuginfo-1.20.1-150500.3.23.1 * krb5-mini-devel-1.20.1-150500.3.23.1 * krb5-plugin-preauth-spake-1.20.1-150500.3.23.1 * krb5-server-1.20.1-150500.3.23.1 * openSUSE Leap 15.5 (aarch64_ilp32) * krb5-devel-64bit-1.20.1-150500.3.23.1 * krb5-64bit-debuginfo-1.20.1-150500.3.23.1 * krb5-64bit-1.20.1-150500.3.23.1 *openSUSE Leap 15.5 (x86_64) * krb5-devel-32bit-1.20.1-150500.3.23.1 * krb5-32bit-debuginfo-1.20.1-150500.3.23.1 * krb5-32bit-1.20.1-150500.3.23.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * krb5-1.20.1-150500.3.23.1 * krb5-debugsource-1.20.1-150500.3.23.1 * krb5-debuginfo-1.20.1-150500.3.23.1 * krb5-client-1.20.1-150500.3.23.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * krb5-plugin-kdb-ldap-1.20.1-150500.3.23.1 * krb5-devel-1.20.1-150500.3.23.1 * krb5-server-1.20.1-150500.3.23.1 * krb5-client-debuginfo-1.20.1-150500.3.23.1 * krb5-server-debuginfo-1.20.1-150500.3.23.1 * krb5-plugin-preauth-otp-1.20.1-150500.3.23.1 * krb5-client-1.20.1-150500.3.23.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.23.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.23.1 * krb5-1.20.1-150500.3.23.1 * krb5-debugsource-1.20.1-150500.3.23.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.23.1 * krb5-debuginfo-1.20.1-150500.3.23.1 * krb5-plugin-preauth-pkinit-1.20.1-150500.3.23.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * krb5-32bit-debuginfo-1.20.1-150500.3.23.1 * krb5-32bit-1.20.1-150500.3.23.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * krb5-plugin-kdb-ldap-1.20.1-150500.3.23.1 * krb5-devel-1.20.1-150500.3.23.1 * krb5-server-1.20.1-150500.3.23.1 * krb5-server-debuginfo-1.20.1-150500.3.23.1 * krb5-client-debuginfo-1.20.1-150500.3.23.1 * krb5-plugin-preauth-otp-1.20.1-150500.3.23.1 * krb5-client-1.20.1-150500.3.23.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.23.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.23.1 * krb5-1.20.1-150500.3.23.1 * krb5-debugsource-1.20.1-150500.3.23.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.23.1 * krb5-debuginfo-1.20.1-150500.3.23.1 * krb5-plugin-preauth-pkinit-1.20.1-150500.3.23.1 * SUSELinux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * krb5-32bit-debuginfo-1.20.1-150500.3.23.1 * krb5-32bit-1.20.1-150500.3.23.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * krb5-plugin-kdb-ldap-1.20.1-150500.3.23.1 * krb5-devel-1.20.1-150500.3.23.1 * krb5-client-debuginfo-1.20.1-150500.3.23.1 * krb5-server-debuginfo-1.20.1-150500.3.23.1 * krb5-plugin-preauth-pkinit-1.20.1-150500.3.23.1 * krb5-plugin-preauth-otp-1.20.1-150500.3.23.1 * krb5-client-1.20.1-150500.3.23.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.23.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.23.1 * krb5-1.20.1-150500.3.23.1 * krb5-debugsource-1.20.1-150500.3.23.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.23.1 * krb5-debuginfo-1.20.1-150500.3.23.1 * krb5-server-1.20.1-150500.3.23.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * krb5-32bit-debuginfo-1.20.1-150500.3.23.1 * krb5-32bit-1.20.1-150500.3.23.1 ## References: * https://www.suse.com/security/cve/CVE-2026-11850.html * https://bugzilla.suse.com/show_bug.cgi?id=1268131 . Address an important security patch for krb5 on SUSE affecting system integrity with heap overflow risk.. SUSE security patch, krb5 update, important vulnerabilities, SUSE vulnerability management, security advisory. . Severity: Important. LinuxSecurity.com Team
An update that solves three vulnerabilities can now be installed.. # Security update for krb5, krb5-mini Announcement ID: SUSE-SU-2026:2848-1 Release Date: 2026-07-10T11:39:12Z Rating: important References: * bsc#1263366 * bsc#1263367 * bsc#1268131 Cross-References: * CVE-2026-11850 * CVE-2026-40355 * CVE-2026-40356 CVSS scores: * CVE-2026-11850 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2026-11850 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:H * CVE-2026-40355 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-40355 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-40355 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-40356 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-40356 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-40356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities can now be installed. ## Description: This update for krb5, krb5-mini fixes the following issues * CVE-2026-11850: integer underflow in berval2tl_data() leads to heap out-of- bounds read (bsc#1268131). * CVE-2026-40355: Denial of Service via NULL pointer dereference in NegoEx mechanism (bsc#1263366). * CVE-2026-40356: Denial of Service via integer underflow and out-of-bounds read (bsc#1263367). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2848=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-2848=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2848=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2848=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2848=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * krb5-1.20.1-150600.11.19.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150600.11.19.1 * krb5-debugsource-1.20.1-150600.11.19.1 * krb5-devel-1.20.1-150600.11.19.1 * krb5-client-1.20.1-150600.11.19.1 * krb5-plugin-preauth-pkinit-1.20.1-150600.11.19.1 * krb5-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-preauth-otp-1.20.1-150600.11.19.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150600.11.19.1 * krb5-client-debuginfo-1.20.1-150600.11.19.1 * Basesystem Module 15-SP7 (x86_64) * krb5-32bit-debuginfo-1.20.1-150600.11.19.1 * krb5-32bit-1.20.1-150600.11.19.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150600.11.19.1 * krb5-1.20.1-150600.11.19.1 * krb5-debugsource-1.20.1-150600.11.19.1 * krb5-devel-1.20.1-150600.11.19.1 * krb5-server-debuginfo-1.20.1-150600.11.19.1 * krb5-client-1.20.1-150600.11.19.1 * krb5-plugin-preauth-pkinit-1.20.1-150600.11.19.1 * krb5-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-preauth-otp-1.20.1-150600.11.19.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-kdb-ldap-1.20.1-150600.11.19.1 * krb5-server-1.20.1-150600.11.19.1 * krb5-client-debuginfo-1.20.1-150600.11.19.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (x86_64) * krb5-32bit-debuginfo-1.20.1-150600.11.19.1 * krb5-32bit-1.20.1-150600.11.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150600.11.19.1 * krb5-1.20.1-150600.11.19.1 * krb5-debugsource-1.20.1-150600.11.19.1 * krb5-devel-1.20.1-150600.11.19.1 * krb5-client-1.20.1-150600.11.19.1 * krb5-server-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-preauth-pkinit-1.20.1-150600.11.19.1 * krb5-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-preauth-otp-1.20.1-150600.11.19.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-kdb-ldap-1.20.1-150600.11.19.1 * krb5-server-1.20.1-150600.11.19.1 * krb5-client-debuginfo-1.20.1-150600.11.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64) * krb5-32bit-debuginfo-1.20.1-150600.11.19.1 * krb5-32bit-1.20.1-150600.11.19.1 * openSUSE Leap 15.6 (aarch64 i586 ppc64le s390x x86_64) * krb5-1.20.1-150600.11.19.1 * krb5-debugsource-1.20.1-150600.11.19.1 * krb5-debuginfo-1.20.1-150600.11.19.1 * krb5-mini-devel-1.20.1-150600.11.19.1 * krb5-plugin-preauth-otp-1.20.1-150600.11.19.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-kdb-ldap-1.20.1-150600.11.19.1 * krb5-client-debuginfo-1.20.1-150600.11.19.1 * krb5-devel-1.20.1-150600.11.19.1 * krb5-mini-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-preauth-spake-1.20.1-150600.11.19.1 * krb5-server-debuginfo-1.20.1-150600.11.19.1 * krb5-client-1.20.1-150600.11.19.1 * krb5-server-1.20.1-150600.11.19.1 * krb5-mini-debugsource-1.20.1-150600.11.19.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-preauth-spake-debuginfo-1.20.1-150600.11.19.1 * krb5-mini-1.20.1-150600.11.19.1 * krb5-plugin-preauth-pkinit-1.20.1-150600.11.19.1 *krb5-plugin-preauth-otp-debuginfo-1.20.1-150600.11.19.1 * openSUSE Leap 15.6 (x86_64) * krb5-devel-32bit-1.20.1-150600.11.19.1 * krb5-32bit-1.20.1-150600.11.19.1 * krb5-32bit-debuginfo-1.20.1-150600.11.19.1 * openSUSE Leap 15.6 (aarch64_ilp32) * krb5-64bit-debuginfo-1.20.1-150600.11.19.1 * krb5-64bit-1.20.1-150600.11.19.1 * krb5-devel-64bit-1.20.1-150600.11.19.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * krb5-debugsource-1.20.1-150600.11.19.1 * krb5-server-debuginfo-1.20.1-150600.11.19.1 * krb5-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-kdb-ldap-1.20.1-150600.11.19.1 * krb5-server-1.20.1-150600.11.19.1 ## References: * https://www.suse.com/security/cve/CVE-2026-11850.html * https://www.suse.com/security/cve/CVE-2026-40355.html * https://www.suse.com/security/cve/CVE-2026-40356.html * https://bugzilla.suse.com/show_bug.cgi?id=1263366 * https://bugzilla.suse.com/show_bug.cgi?id=1263367 * https://bugzilla.suse.com/show_bug.cgi?id=1268131 . Important SUSE security update for krb5 and krb5-mini addresses multiple vulnerabilities and recommends immediate patching.. SUSE security update, krb5 vulnerabilities, important security advisory. . Severity: Important. LinuxSecurity.com Team
An update that solves three vulnerabilities can now be installed.. # Security update for krb5, krb5-mini Announcement ID: SUSE-SU-2026:2848-1 Release Date: 2026-07-10T11:39:12Z Rating: important References: * bsc#1263366 * bsc#1263367 * bsc#1268131 Cross-References: * CVE-2026-11850 * CVE-2026-40355 * CVE-2026-40356 CVSS scores: * CVE-2026-11850 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2026-11850 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:H * CVE-2026-40355 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-40355 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-40355 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-40356 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-40356 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-40356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities can now be installed. ## Description: This update for krb5, krb5-mini fixes the following issues * CVE-2026-11850: integer underflow in berval2tl_data() leads to heap out-of- bounds read (bsc#1268131). * CVE-2026-40355: Denial of Service via NULL pointer dereference in NegoEx mechanism (bsc#1263366). * CVE-2026-40356: Denial of Service via integer underflow and out-of-bounds read (bsc#1263367). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2848=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-2848=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2848=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2848=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2848=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * krb5-1.20.1-150600.11.19.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150600.11.19.1 * krb5-debugsource-1.20.1-150600.11.19.1 * krb5-devel-1.20.1-150600.11.19.1 * krb5-client-1.20.1-150600.11.19.1 * krb5-plugin-preauth-pkinit-1.20.1-150600.11.19.1 * krb5-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-preauth-otp-1.20.1-150600.11.19.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150600.11.19.1 * krb5-client-debuginfo-1.20.1-150600.11.19.1 * Basesystem Module 15-SP7 (x86_64) * krb5-32bit-debuginfo-1.20.1-150600.11.19.1 * krb5-32bit-1.20.1-150600.11.19.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150600.11.19.1 * krb5-1.20.1-150600.11.19.1 * krb5-debugsource-1.20.1-150600.11.19.1 * krb5-devel-1.20.1-150600.11.19.1 * krb5-server-debuginfo-1.20.1-150600.11.19.1 * krb5-client-1.20.1-150600.11.19.1 * krb5-plugin-preauth-pkinit-1.20.1-150600.11.19.1 * krb5-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-preauth-otp-1.20.1-150600.11.19.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-kdb-ldap-1.20.1-150600.11.19.1 * krb5-server-1.20.1-150600.11.19.1 * krb5-client-debuginfo-1.20.1-150600.11.19.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (x86_64) * krb5-32bit-debuginfo-1.20.1-150600.11.19.1 * krb5-32bit-1.20.1-150600.11.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150600.11.19.1 * krb5-1.20.1-150600.11.19.1 * krb5-debugsource-1.20.1-150600.11.19.1 * krb5-devel-1.20.1-150600.11.19.1 * krb5-client-1.20.1-150600.11.19.1 * krb5-server-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-preauth-pkinit-1.20.1-150600.11.19.1 * krb5-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-preauth-otp-1.20.1-150600.11.19.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-kdb-ldap-1.20.1-150600.11.19.1 * krb5-server-1.20.1-150600.11.19.1 * krb5-client-debuginfo-1.20.1-150600.11.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64) * krb5-32bit-debuginfo-1.20.1-150600.11.19.1 * krb5-32bit-1.20.1-150600.11.19.1 * openSUSE Leap 15.6 (aarch64 i586 ppc64le s390x x86_64) * krb5-1.20.1-150600.11.19.1 * krb5-debugsource-1.20.1-150600.11.19.1 * krb5-debuginfo-1.20.1-150600.11.19.1 * krb5-mini-devel-1.20.1-150600.11.19.1 * krb5-plugin-preauth-otp-1.20.1-150600.11.19.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-kdb-ldap-1.20.1-150600.11.19.1 * krb5-client-debuginfo-1.20.1-150600.11.19.1 * krb5-devel-1.20.1-150600.11.19.1 * krb5-mini-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-preauth-spake-1.20.1-150600.11.19.1 * krb5-server-debuginfo-1.20.1-150600.11.19.1 * krb5-client-1.20.1-150600.11.19.1 * krb5-server-1.20.1-150600.11.19.1 * krb5-mini-debugsource-1.20.1-150600.11.19.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-preauth-spake-debuginfo-1.20.1-150600.11.19.1 * krb5-mini-1.20.1-150600.11.19.1 * krb5-plugin-preauth-pkinit-1.20.1-150600.11.19.1 *krb5-plugin-preauth-otp-debuginfo-1.20.1-150600.11.19.1 * openSUSE Leap 15.6 (x86_64) * krb5-devel-32bit-1.20.1-150600.11.19.1 * krb5-32bit-1.20.1-150600.11.19.1 * krb5-32bit-debuginfo-1.20.1-150600.11.19.1 * openSUSE Leap 15.6 (aarch64_ilp32) * krb5-64bit-debuginfo-1.20.1-150600.11.19.1 * krb5-64bit-1.20.1-150600.11.19.1 * krb5-devel-64bit-1.20.1-150600.11.19.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * krb5-debugsource-1.20.1-150600.11.19.1 * krb5-server-debuginfo-1.20.1-150600.11.19.1 * krb5-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150600.11.19.1 * krb5-plugin-kdb-ldap-1.20.1-150600.11.19.1 * krb5-server-1.20.1-150600.11.19.1 ## References: * https://www.suse.com/security/cve/CVE-2026-11850.html * https://www.suse.com/security/cve/CVE-2026-40355.html * https://www.suse.com/security/cve/CVE-2026-40356.html * https://bugzilla.suse.com/show_bug.cgi?id=1263366 * https://bugzilla.suse.com/show_bug.cgi?id=1263367 * https://bugzilla.suse.com/show_bug.cgi?id=1268131 . # Security update for krb5, krb5-mini Announcement ID: SUSE-SU-2026:2848-1 Release Date: 2026-07-10T. update, solves, three, vulnerabilities, installed, security, krb5-m. . Severity: Important. LinuxSecurity.com Team
An update that solves one vulnerability can now be installed.. # Security update for krb5 Announcement ID: SUSE-SU-2026:2849-1 Release Date: 2026-07-10T11:39:24Z Rating: important References: * bsc#1268131 Cross-References: * CVE-2026-11850 CVSS scores: * CVE-2026-11850 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2026-11850 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for krb5 fixes the following issue * CVE-2026-11850: integer underflow in berval2tl_data() leads to heap out-of- bounds read (bsc#1268131). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-2849=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2849=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * krb5-debugsource-1.16.3-46.24.1 * krb5-server-debuginfo-1.16.3-46.24.1 * krb5-doc-1.16.3-46.24.1 * krb5-client-1.16.3-46.24.1 * krb5-plugin-preauth-otp-1.16.3-46.24.1 * krb5-plugin-kdb-ldap-1.16.3-46.24.1 * krb5-client-debuginfo-1.16.3-46.24.1 * krb5-1.16.3-46.24.1 * krb5-plugin-preauth-pkinit-debuginfo-1.16.3-46.24.1 * krb5-debuginfo-1.16.3-46.24.1 * krb5-devel-1.16.3-46.24.1 * krb5-plugin-preauth-otp-debuginfo-1.16.3-46.24.1 *krb5-plugin-kdb-ldap-debuginfo-1.16.3-46.24.1 * krb5-plugin-preauth-pkinit-1.16.3-46.24.1 * krb5-server-1.16.3-46.24.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * krb5-32bit-1.16.3-46.24.1 * krb5-debuginfo-32bit-1.16.3-46.24.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * krb5-debugsource-1.16.3-46.24.1 * krb5-server-debuginfo-1.16.3-46.24.1 * krb5-doc-1.16.3-46.24.1 * krb5-client-1.16.3-46.24.1 * krb5-plugin-preauth-otp-1.16.3-46.24.1 * krb5-client-debuginfo-1.16.3-46.24.1 * krb5-debuginfo-32bit-1.16.3-46.24.1 * krb5-plugin-kdb-ldap-1.16.3-46.24.1 * krb5-1.16.3-46.24.1 * krb5-debuginfo-1.16.3-46.24.1 * krb5-plugin-preauth-pkinit-debuginfo-1.16.3-46.24.1 * krb5-devel-1.16.3-46.24.1 * krb5-plugin-kdb-ldap-debuginfo-1.16.3-46.24.1 * krb5-plugin-preauth-otp-debuginfo-1.16.3-46.24.1 * krb5-32bit-1.16.3-46.24.1 * krb5-plugin-preauth-pkinit-1.16.3-46.24.1 * krb5-server-1.16.3-46.24.1 ## References: * https://www.suse.com/security/cve/CVE-2026-11850.html * https://bugzilla.suse.com/show_bug.cgi?id=1268131 . A key SUSE security advisory update for krb5 addresses integer underflow issues and improves system safety.. SUSE krb5 security important update integer underflow heap overflow. . Severity: Important. LinuxSecurity.com Team
An update that solves one vulnerability and has one bug fix can now be installed.. openSUSE security update: security update for krb5 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21238-1 Rating: important References: * bsc#1268131 Cross-References: * CVE-2026-11850 CVSS scores: * CVE-2026-11850 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability and has one bug fix can now be installed. Description: This update for krb5 fixes the following issue - CVE-2026-11850: integer underflow in berval2tl_data() leads to heap out-of-bounds read (bsc#1268131). Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-1159=1 Package List: - openSUSE Leap 16.0: krb5-1.21.3-160000.4.1 krb5-client-1.21.3-160000.4.1 krb5-devel-1.21.3-160000.4.1 krb5-plugin-kdb-ldap-1.21.3-160000.4.1 krb5-plugin-preauth-otp-1.21.3-160000.4.1 krb5-plugin-preauth-pkinit-1.21.3-160000.4.1 krb5-plugin-preauth-spake-1.21.3-160000.4.1 krb5-server-1.21.3-160000.4.1 References: * https://www.suse.com/security/cve/CVE-2026-11850.html . Install the important openSUSE update addressing a heap attack issue in krb5. Secure your system now!. openSUSE updates, krb5 vulnerabilities, important security patches. . Severity: Important. LinuxSecurity.com Team
An update that solves one vulnerability can now be installed.. # Security update for krb5 Announcement ID: SUSE-SU-2026:22450-1 Release Date: 2026-06-30T09:20:36Z Rating: important References: * bsc#1268131 Cross-References: * CVE-2026-11850 CVSS scores: * CVE-2026-11850 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-11850 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for krb5 fixes the following issue * CVE-2026-11850: integer underflow in berval2tl_data() leads to heap out-of- bounds read (bsc#1268131). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-602=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * krb5-client-debuginfo-1.21.3-slfo.1.1_5.1 * krb5-client-1.21.3-slfo.1.1_5.1 * krb5-debugsource-1.21.3-slfo.1.1_5.1 * krb5-1.21.3-slfo.1.1_5.1 * krb5-debuginfo-1.21.3-slfo.1.1_5.1 ## References: * https://www.suse.com/security/cve/CVE-2026-11850.html * https://bugzilla.suse.com/show_bug.cgi?id=1268131 . SUSE Linux Micro 6.1 security update fixes integer underflow vulnerability in krb5. Immediate patch recommended for stability.. SUSE Linux Micro 6.1, krb5 security update, integer underflow, heap out of bounds. . Severity: Important. LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.