Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 262 articles for you...
100

SUSE Linux Enterprise 15 SP4 Kernel Important Patch 2026-2888-1

An update that solves 20 vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 52 for SUSE Linux Enterprise 15 SP4) Announcement ID: SUSE-SU-2026:2888-1 Release Date: 2026-07-13T10:19:55Z Rating: important References: * bsc#1260524 * bsc#1262759 * bsc#1263118 * bsc#1263177 * bsc#1263670 * bsc#1264094 * bsc#1264252 * bsc#1264253 * bsc#1264849 * bsc#1265127 * bsc#1265197 * bsc#1265945 * bsc#1266015 * bsc#1266265 * bsc#1267206 * bsc#1267698 * bsc#1267723 * bsc#1267893 * bsc#1268662 * bsc#1269023 Cross-References: * CVE-2026-23393 * CVE-2026-31533 * CVE-2026-31570 * CVE-2026-31586 * CVE-2026-31685 * CVE-2026-31758 * CVE-2026-43025 * CVE-2026-43027 * CVE-2026-43037 * CVE-2026-43190 * CVE-2026-43437 * CVE-2026-43494 * CVE-2026-43501 * CVE-2026-45970 * CVE-2026-46120 * CVE-2026-46173 * CVE-2026-46227 * CVE-2026-46243 * CVE-2026-52909 * CVE-2026-52943 CVSS scores: * CVE-2026-23393 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23393 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31533 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:N/SA:N * CVE-2026-31570 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31586 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H *CVE-2026-31685 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31685 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31685 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31758 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31758 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31758 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-43027 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43027 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43190 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43190 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43190 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43437 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43437 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43494 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43501 ( SUSE): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43501 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43501 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43501 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45970 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46120 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46227 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-52909 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-52909 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-52909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-52943 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-52943 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-52943 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-52943 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves 20 vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.209 fixes various security issues The following security issues were fixed: * CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260524). * CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (bsc#1262759). * CVE-2026-31570: can: gw: fix OOB heap access in cgw_csum_crc8_rel() (bsc#1263118). * CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (bsc#1263177). * CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263670). * CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmc_release (bsc#1264094). * CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new expectations (bsc#1264253). * CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect cleanup (bsc#1264252). * CVE-2026-43037: ip6_tunnel: clear skb2-> cb[] in ip4ip6_err() (bsc#1265197). * CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264849). * CVE-2026-43437: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (bsc#1265127). * CVE-2026-43494: RDS zerocopy attack aka PinTheft(bsc#1265945). * CVE-2026-43501: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (bsc#1266015). * CVE-2026-45970: bonding: alb: fix UAF in rlb_arp_recv during bond up/down (bsc#1267206). * CVE-2026-46120: ip6_gre: Use cached t-> net in ip6erspan_changelink() (bsc#1267893). * CVE-2026-46173: exit: prevent preemption of oopsing TASK_DEAD task (bsc#1267723). * CVE-2026-46227: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (bsc#1267698). * CVE-2026-46243: smb: client: reject userspace cifs.spnego descriptions (CIFSwitch) (bsc#1266265). * CVE-2026-52909: ip6_vti: set netns_immutable on the fallback device (bsc#1268662). * CVE-2026-52943: net: skbuff: fix missing zerocopy reference in pskb_carve helpers (bsc#1269023). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-2888=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2888=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_209-default-debuginfo-4-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_52-debugsource-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_209-default-4-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_52-debugsource-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_209-default-debuginfo-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_209-default-4-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23393.html * https://www.suse.com/security/cve/CVE-2026-31533.html * https://www.suse.com/security/cve/CVE-2026-31570.html * https://www.suse.com/security/cve/CVE-2026-31586.html *https://www.suse.com/security/cve/CVE-2026-31685.html * https://www.suse.com/security/cve/CVE-2026-31758.html * https://www.suse.com/security/cve/CVE-2026-43025.html * https://www.suse.com/security/cve/CVE-2026-43027.html * https://www.suse.com/security/cve/CVE-2026-43037.html * https://www.suse.com/security/cve/CVE-2026-43190.html * https://www.suse.com/security/cve/CVE-2026-43437.html * https://www.suse.com/security/cve/CVE-2026-43494.html * https://www.suse.com/security/cve/CVE-2026-43501.html * https://www.suse.com/security/cve/CVE-2026-45970.html * https://www.suse.com/security/cve/CVE-2026-46120.html * https://www.suse.com/security/cve/CVE-2026-46173.html * https://www.suse.com/security/cve/CVE-2026-46227.html * https://www.suse.com/security/cve/CVE-2026-46243.html * https://www.suse.com/security/cve/CVE-2026-52909.html * https://www.suse.com/security/cve/CVE-2026-52943.html * https://bugzilla.suse.com/show_bug.cgi?id=1260524 * https://bugzilla.suse.com/show_bug.cgi?id=1262759 * https://bugzilla.suse.com/show_bug.cgi?id=1263118 * https://bugzilla.suse.com/show_bug.cgi?id=1263177 * https://bugzilla.suse.com/show_bug.cgi?id=1263670 * https://bugzilla.suse.com/show_bug.cgi?id=1264094 * https://bugzilla.suse.com/show_bug.cgi?id=1264252 * https://bugzilla.suse.com/show_bug.cgi?id=1264253 * https://bugzilla.suse.com/show_bug.cgi?id=1264849 * https://bugzilla.suse.com/show_bug.cgi?id=1265127 * https://bugzilla.suse.com/show_bug.cgi?id=1265197 * https://bugzilla.suse.com/show_bug.cgi?id=1265945 * https://bugzilla.suse.com/show_bug.cgi?id=1266015 * https://bugzilla.suse.com/show_bug.cgi?id=1266265 * https://bugzilla.suse.com/show_bug.cgi?id=1267206 * https://bugzilla.suse.com/show_bug.cgi?id=1267698 * https://bugzilla.suse.com/show_bug.cgi?id=1267723 * https://bugzilla.suse.com/show_bug.cgi?id=1267893 * https://bugzilla.suse.com/show_bug.cgi?id=1268662 * https://bugzilla.suse.com/show_bug.cgi?id=1269023 . Critical update fixes 20 importantissues in SUSE Linux kernel Live Patch 52, ensuring system security and performance.. SUSE Linux, kernel update, security patch, important issues. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 Important SuSE
89

Fedora 44 opkssh 0.15.0 Important Denial of Service Vulnern 2026-a7570524a7

Update to opkssh 0.15.0. This release fixes several CVEs in bundled/vendored dependencies: CVE-2026-39829: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters CVE-2026-39835: golang.org/x/crypto/ssh: Denial of Service via crafted SSH. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-a7570524a7 2026-07-09 00:54:37.609359+00:00 -------------------------------------------------------------------------------- Name : opkssh Product : Fedora 44 Version : 0.15.0 Release : 2.fc44 URL : https://github.com/openpubkey/opkssh Summary : OpenPubkey SSH Description : OpenPubkey SSH is a tool which enables ssh to be used with OpenID Connect allowing SSH access to be managed via identities like This email address is being protected from spambots. You need JavaScript enabled to view it. instead of long-lived SSH keys. -------------------------------------------------------------------------------- Update Information: Update to opkssh 0.15.0. This release fixes several CVEs in bundled/vendored dependencies: CVE-2026-39829: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters CVE-2026-39835: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate CVE-2026-39833: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced key confirmation CVE-2026-27145: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries (fixed via the Go toolchain used to build this package) -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 2 2026 Till Hofmann - 0.15.0-2 - Drop obsolete golang.org/x/crypto override * Thu Jul 2 2026 Till Hofmann - 0.15.0-1 - Update to 0.15.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2490078 - CVE-2026-39829 opkssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters[fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490078 [ 2 ] Bug #2492509 - opkssh-0.15.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2492509 [ 3 ] Bug #2493536 - CVE-2026-39835 opkssh: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2493536 [ 4 ] Bug #2494282 - CVE-2026-27145 opkssh: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2494282 [ 5 ] Bug #2494472 - CVE-2026-39833 opkssh: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced key confirmation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2494472 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-a7570524a7' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . The opkssh 0.15.0 update for Fedora 44 resolves critical Denial of Service issuesaffecting its dependencies.. Denial of Service, Fedora updates, opkssh security, package management, Linux security. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 08, 2026 Important Fedora
172

Ubuntu 14.04 LTS Linux Kernel Privilege Escalation Vulnerability USN-8501-1

Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-8501-1 July 02, 2026 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel Details: It was discovered that a logic flaw existed in the XFRM ESP-in-TCP subsystem in the Linux kernel when handling socket buffer fragments. This flaw is known as Fragnesia. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-43503) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - USB over IP driver; - Network file system (NFS) server daemon; - SMB network file system; - Tracing infrastructure; - Ethernet bridge; - Ceph Core library; - IPv4 networking; - IPv6 networking; - Netfilter; - RxRPC session sockets; - X.25 network layer; (CVE-2024-35896, CVE-2026-23455, CVE-2026-31402, CVE-2026-31607, CVE-2026-31637, CVE-2026-43011, CVE-2026-43037, CVE-2026-43038, CVE-2026-43383, CVE-2026-43407, CVE-2026-45988, CVE-2026-46119, CVE-2026-46243) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS linux-image-3.13.0-214-generic 3.13.0-214.265 Available with Ubuntu Pro linux-image-3.13.0-214-lowlatency 3.13.0-214.265 Available with Ubuntu Pro linux-image-generic 3.13.0.214.224 Available with Ubuntu Pro linux-image-generic-lts-trusty 3.13.0.214.224 Available with Ubuntu Pro linux-image-lowlatency 3.13.0.214.224 Available with Ubuntu Pro linux-image-server 3.13.0.214.224 Available with Ubuntu Pro linux-image-virtual 3.13.0.214.224 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8501-1 CVE-2024-35896, CVE-2026-23455, CVE-2026-31402, CVE-2026-31607, CVE-2026-31637, CVE-2026-43011, CVE-2026-43037, CVE-2026-43038, CVE-2026-43383, CVE-2026-43407, CVE-2026-43503, CVE-2026-45988, CVE-2026-46119, CVE-2026-46243 . Several security issues fixed in the Ubuntu Linux kernel. Ensure your system is updated for enhanced security and stability.. Ubuntu kernel security update, Linux kernel vulnerabilities, security patch Ubuntu, privilege escalation Ubuntu. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 02, 2026 Important Ubuntu
217

Oracle Linux 9 ELSA-2026-25925 valkey Important Updates

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-25925 http://linux.oracle.com/errata/ELSA-2026-25925.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: valkey-8.0.9-1.el9_8.x86_64.rpm valkey-devel-8.0.9-1.el9_8.x86_64.rpm aarch64: valkey-8.0.9-1.el9_8.aarch64.rpm valkey-devel-8.0.9-1.el9_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/valkey-8.0.9-1.el9_8.src.rpm Related CVEs: CVE-2026-23479 CVE-2026-23631 CVE-2026-25243 Description of changes: [8.0.9-1] - Rebase to 8.0.9 for CVE-2026-23479 CVE-2026-25243 CVE-2026-23631 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Important Security Advisory for Oracle Linux 9, update valkey for multiple CVEs. Details within advisory.. Oracle Linux, ELSA-2026-25925, valkey update, Important advisory, Linux security. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Important Oracle
202

openSUSE Kernel Releases Critical Security Update 2026-2630-1 Now

An update that solves 29 vulnerabilities and has four security fixes can now be installed.. # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:2630-1 Release Date: 2026-06-25T11:55:03Z Rating: important References: * bsc#1247954 * bsc#1255416 * bsc#1258538 * bsc#1260531 * bsc#1261700 * bsc#1262663 * bsc#1262993 * bsc#1263769 * bsc#1263879 * bsc#1263880 * bsc#1264076 * bsc#1264093 * bsc#1264116 * bsc#1264470 * bsc#1264610 * bsc#1265116 * bsc#1265211 * bsc#1265960 * bsc#1266214 * bsc#1266290 * bsc#1266810 * bsc#1266969 * bsc#1267205 * bsc#1267214 * bsc#1267220 * bsc#1267361 * bsc#1267369 * bsc#1267387 * bsc#1267621 * bsc#1267640 * bsc#1267651 * bsc#1267652 * bsc#1267697 Cross-References: * CVE-2025-10263 * CVE-2025-68324 * CVE-2026-23392 * CVE-2026-31405 * CVE-2026-31473 * CVE-2026-31500 * CVE-2026-31613 * CVE-2026-31697 * CVE-2026-31698 * CVE-2026-31699 * CVE-2026-31758 * CVE-2026-31759 * CVE-2026-43077 * CVE-2026-43198 * CVE-2026-43366 * CVE-2026-43503 * CVE-2026-45886 * CVE-2026-45970 * CVE-2026-45984 * CVE-2026-46021 * CVE-2026-46037 * CVE-2026-46113 * CVE-2026-46116 * CVE-2026-46120 * CVE-2026-46123 * CVE-2026-46150 * CVE-2026-46159 * CVE-2026-46227 * CVE-2026-46273 CVSS scores: * CVE-2025-10263 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-68324 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23392 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31405 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31405 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H *CVE-2026-31473 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31473 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31473 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31500 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31500 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31500 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31613 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31613 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31613 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2026-31697 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31697 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31698 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31698 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31699 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31699 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31758 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31758 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31758 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31759 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31759 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-31759 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43077 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43077 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43198 ( SUSE): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43198 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43198 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43366 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43366 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43366 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43503 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43503 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43503 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-45886 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45886 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45970 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45984 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45984 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45984 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46021 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46021 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46021 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46037 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46037 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-46037 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-46113 ( SUSE ): 9.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-46113 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46113 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46116 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46116 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46116 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46120 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46123 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46123 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-46123 ( NVD ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-46150 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-46150 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46150 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46159 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46159 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46227 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46227 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46273 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46273 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Micro 5.5 An update that solves 29 vulnerabilities and has four security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issueswere fixed: * CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs (bsc#1266290). * CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work (bsc#1255416). * CVE-2026-23392: netfilter: nf_tables: release flowtable after rcu grace period on error (bsc#1260531). * CVE-2026-31405: media: dvb-net: fix OOB access in ULE extension header tables (bsc#1261700). * CVE-2026-31473: media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex (bsc#1262663). * CVE-2026-31500: Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock (bsc#1262993). * CVE-2026-31613: smb: client: fix OOB reads parsing symlink error response (bsc#1263769). * CVE-2026-31697: crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed (bsc#1264116). * CVE-2026-31698: crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed (bsc#1263880). * CVE-2026-31699: crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed (bsc#1263879). * CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmc_release (bsc#1264093). * CVE-2026-31759: usb: ulpi: fix double free in ulpi_register_interface() error path (bsc#1264076). * CVE-2026-43077: crypto: algif_aead - Fix minimum RX size check for decryption (bsc#1264470). * CVE-2026-43198: tcp: fix potential race in tcp_v6_syn_recv_sock() (bsc#1264610). * CVE-2026-43366: io_uring/kbuf: check if target buffer list is still legacy on recycle (bsc#1265116). * CVE-2026-45886: bpf: Fix bpf_xdp_store_bytes proto for read-only arg (bsc#1266810). * CVE-2026-45970: bonding: alb: fix UAF in rlb_arp_recv during bond up/down (bsc#1267205). * CVE-2026-45984: gfs2: Move the inode glock locking to gfs2_file_buffered_write (bsc#1267214). * CVE-2026-46021: thermal: core: Fix thermal zone governor cleanup issues (bsc#1267220). * CVE-2026-46037: ipv4: icmp: validate reply type before using icmp_pointers (bsc#1267361). * CVE-2026-46113: KVM: x86/mmu: Add helper to convert SPTE value to its shadow page (bsc#1266969). * CVE-2026-46116: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete (bsc#1267369). * CVE-2026-46120: ip6_gre: Use cached t-> net in ip6erspan_changelink() (bsc#1267640). * CVE-2026-46123: Bluetooth: virtio_bt: clamp rx length before skb_put (bsc#1267621). * CVE-2026-46150: fanotify: fix false positive on permission events (bsc#1267387). * CVE-2026-46159: btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak (bsc#1267652). * CVE-2026-46227: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (bsc#1267697). * CVE-2026-46273: ibmveth: Disable GSO for packets with small MSS (bsc#1265211 bsc#1267651). The following non security issues were fixed: * arm64: tlb: Allow XZR argument to TLBI ops (git-fixes). * arm64: tlb: Optimize ARM64_WORKAROUND_REPEAT_TLBI (git-fixes). * KVM: x86: Constrain guest-supported xfeatures only at KVM_GET_XSAVE{2} (bsc#1247954). * KVM: x86: Remove 'return void' expression for 'void function' (bsc#1247954). * smb: client: correctly handle ErrorContextData as a flexible array (git- fixes). * x86/fpu: Allow caller to constrain xfeatures when copying to uabi buffer (bsc#1247954). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2630=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2630=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-rt-devel-debuginfo-5.14.21-150500.13.146.1 * kernel-rt-livepatch-5.14.21-150500.13.146.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.146.1 *dlm-kmp-rt-5.14.21-150500.13.146.1 * kernel-rt-livepatch-devel-5.14.21-150500.13.146.1 * kernel-syms-rt-5.14.21-150500.13.146.1 * kernel-rt-debuginfo-5.14.21-150500.13.146.1 * kernel-rt-extra-5.14.21-150500.13.146.1 * kernel-rt_debug-vdso-5.14.21-150500.13.146.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.146.1 * kernel-rt-vdso-5.14.21-150500.13.146.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.146.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.146.1 * ocfs2-kmp-rt-5.14.21-150500.13.146.1 * reiserfs-kmp-rt-5.14.21-150500.13.146.1 * kernel-rt-optional-5.14.21-150500.13.146.1 * gfs2-kmp-rt-5.14.21-150500.13.146.1 * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.146.1 * cluster-md-kmp-rt-5.14.21-150500.13.146.1 * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.146.1 * kernel-rt-extra-debuginfo-5.14.21-150500.13.146.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.146.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.146.1 * kernel-rt-devel-5.14.21-150500.13.146.1 * kernel-rt-debugsource-5.14.21-150500.13.146.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.146.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.146.1 * kernel-rt-optional-debuginfo-5.14.21-150500.13.146.1 * kselftests-kmp-rt-5.14.21-150500.13.146.1 * kernel-rt_debug-devel-5.14.21-150500.13.146.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.146.1 * openSUSE Leap 15.5 (noarch) * kernel-devel-rt-5.14.21-150500.13.146.1 * kernel-source-rt-5.14.21-150500.13.146.1 * openSUSE Leap 15.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.146.1 * kernel-rt_debug-5.14.21-150500.13.146.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-devel-rt-5.14.21-150500.13.146.1 * kernel-source-rt-5.14.21-150500.13.146.1 * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.146.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kernel-rt-debugsource-5.14.21-150500.13.146.1 *kernel-rt-debuginfo-5.14.21-150500.13.146.1 ## References: * https://www.suse.com/security/cve/CVE-2025-10263.html * https://www.suse.com/security/cve/CVE-2025-68324.html * https://www.suse.com/security/cve/CVE-2026-23392.html * https://www.suse.com/security/cve/CVE-2026-31405.html * https://www.suse.com/security/cve/CVE-2026-31473.html * https://www.suse.com/security/cve/CVE-2026-31500.html * https://www.suse.com/security/cve/CVE-2026-31613.html * https://www.suse.com/security/cve/CVE-2026-31697.html * https://www.suse.com/security/cve/CVE-2026-31698.html * https://www.suse.com/security/cve/CVE-2026-31699.html * https://www.suse.com/security/cve/CVE-2026-31758.html * https://www.suse.com/security/cve/CVE-2026-31759.html * https://www.suse.com/security/cve/CVE-2026-43077.html * https://www.suse.com/security/cve/CVE-2026-43198.html * https://www.suse.com/security/cve/CVE-2026-43366.html * https://www.suse.com/security/cve/CVE-2026-43503.html * https://www.suse.com/security/cve/CVE-2026-45886.html * https://www.suse.com/security/cve/CVE-2026-45970.html * https://www.suse.com/security/cve/CVE-2026-45984.html * https://www.suse.com/security/cve/CVE-2026-46021.html * https://www.suse.com/security/cve/CVE-2026-46037.html * https://www.suse.com/security/cve/CVE-2026-46113.html * https://www.suse.com/security/cve/CVE-2026-46116.html * https://www.suse.com/security/cve/CVE-2026-46120.html * https://www.suse.com/security/cve/CVE-2026-46123.html * https://www.suse.com/security/cve/CVE-2026-46150.html * https://www.suse.com/security/cve/CVE-2026-46159.html * https://www.suse.com/security/cve/CVE-2026-46227.html * https://www.suse.com/security/cve/CVE-2026-46273.html * https://bugzilla.suse.com/show_bug.cgi?id=1247954 * https://bugzilla.suse.com/show_bug.cgi?id=1255416 * https://bugzilla.suse.com/show_bug.cgi?id=1258538 * https://bugzilla.suse.com/show_bug.cgi?id=1260531 * https://bugzilla.suse.com/show_bug.cgi?id=1261700 *https://bugzilla.suse.com/show_bug.cgi?id=1262663 * https://bugzilla.suse.com/show_bug.cgi?id=1262993 * https://bugzilla.suse.com/show_bug.cgi?id=1263769 * https://bugzilla.suse.com/show_bug.cgi?id=1263879 * https://bugzilla.suse.com/show_bug.cgi?id=1263880 * https://bugzilla.suse.com/show_bug.cgi?id=1264076 * https://bugzilla.suse.com/show_bug.cgi?id=1264093 * https://bugzilla.suse.com/show_bug.cgi?id=1264116 * https://bugzilla.suse.com/show_bug.cgi?id=1264470 * https://bugzilla.suse.com/show_bug.cgi?id=1264610 * https://bugzilla.suse.com/show_bug.cgi?id=1265116 * https://bugzilla.suse.com/show_bug.cgi?id=1265211 * https://bugzilla.suse.com/show_bug.cgi?id=1265960 * https://bugzilla.suse.com/show_bug.cgi?id=1266214 * https://bugzilla.suse.com/show_bug.cgi?id=1266290 * https://bugzilla.suse.com/show_bug.cgi?id=1266810 * https://bugzilla.suse.com/show_bug.cgi?id=1266969 * https://bugzilla.suse.com/show_bug.cgi?id=1267205 * https://bugzilla.suse.com/show_bug.cgi?id=1267214 * https://bugzilla.suse.com/show_bug.cgi?id=1267220 * https://bugzilla.suse.com/show_bug.cgi?id=1267361 * https://bugzilla.suse.com/show_bug.cgi?id=1267369 * https://bugzilla.suse.com/show_bug.cgi?id=1267387 * https://bugzilla.suse.com/show_bug.cgi?id=1267621 * https://bugzilla.suse.com/show_bug.cgi?id=1267640 * https://bugzilla.suse.com/show_bug.cgi?id=1267651 * https://bugzilla.suse.com/show_bug.cgi?id=1267652 * https://bugzilla.suse.com/show_bug.cgi?id=1267697 . OpenSUSE releases a secure kernel update addressing 29 key issues, ensuring better performance and safety.. Linux Kernel Security, OpenSUSE Updates, Vulnerability Management, Patch Installation, System Security. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 25, 2026 Important OpenSUSE
87

Debian Linux DSA-6355-1 Multiple Threats Privilege Escalation DoS

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. For the stable distribution (trixie), these problems have been fixed in version 6.12.94-1.. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6355-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso June 21, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : linux CVE ID : CVE-2025-22069 CVE-2025-68251 CVE-2025-68768 CVE-2025-71289 CVE-2026-23247 CVE-2026-23272 CVE-2026-23346 CVE-2026-23394 CVE-2026-23469 CVE-2026-31420 CVE-2026-31486 CVE-2026-31560 CVE-2026-31613 CVE-2026-31663 CVE-2026-31717 CVE-2026-43116 CVE-2026-43219 CVE-2026-43245 CVE-2026-43303 CVE-2026-43331 CVE-2026-45838 CVE-2026-45839 CVE-2026-45840 CVE-2026-45841 CVE-2026-45842 CVE-2026-45843 CVE-2026-45844 CVE-2026-45845 CVE-2026-45846 CVE-2026-45850 CVE-2026-45930 CVE-2026-46117 CVE-2026-46137 CVE-2026-46158 CVE-2026-46160 CVE-2026-46170 CVE-2026-46203 CVE-2026-46216 CVE-2026-46244 CVE-2026-46274 CVE-2026-46275 CVE-2026-46315 CVE-2026-46316 CVE-2026-46319 CVE-2026-46320 CVE-2026-46321 CVE-2026-46322 CVE-2026-46323 CVE-2026-46331 CVE-2026-52908 CVE-2026-52909 CVE-2026-52910 CVE-2026-52911 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. For the stable distribution (trixie), these problems have been fixed in version 6.12.94-1. We recommend that you upgrade your linux packages. For the detailed security status of linux please refer to its security tracker pageat: https://security-tracker.debian.org/tracker/linux Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Upgrade the Debian Linux kernel to patch several vulnerabilities leading to denial of service and privilege escalation threats.. Linux Kernel Security, Debian Security Update, Privilege Escalation Fix, Denial of Service Patch. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 21, 2026 Critical Debian
197

Debian 12 Linux Base Update Brings Important Security Fix DLA-4628-1

. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4628-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Ben Hutchings June 12, 2026 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : linux-base Version : 4.12.1~deb12u1 The linux-base package has been updated to support installation of a backport of Linux 6.12. For Debian 12 bookworm, the new version is 4.12.1~deb12u1. For the detailed security status of linux-base please refer to its security tracker page at: https://security-tracker.debian.org/tracker/linux-base Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Update your linux-base package to support installation of Linux 6.12 on Debian 12. Important security advisory details included.. Debian Security Advisory, Linux Base Update, Linux Security, Linux Administration. . Severity: Informational. LinuxSecurity.com Team

Calendar%202 Jun 12, 2026 Informational Debian LTS
197

Debian 12 Kernel-Wedge Update for Linux 6.12 DLA-4627-1

. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4627-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Ben Hutchings June 12, 2026 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : kernel-wedge Version : 2.106~deb12u1 The kernel-wedge package has been updated to support building a backport of Linux 6.12. For Debian 12 bookworm, the new version is 2.106~deb12u1. For the detailed security status of kernel-wedge please refer to its security tracker page at: https://security-tracker.debian.org/tracker/kernel-wedge Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Kernel-wedge updated in Debian LTS DLA-4627-1 to support building backports of Linux 6.12.. Debian LTS, Kernel Update, Linux Backport, Security Advisory, Package Management. . Severity: Informational. LinuxSecurity.com Team

Calendar%202 Jun 12, 2026 Informational Debian LTS
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200