Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 524
Alerts This Week
Warning Icon 1 524

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 31 articles for you...
219

Rocky Linux libinput Moderate Local Privilege Escalation RLSA-2026-39296

Moderate: libinput security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:39296", "synopsis": "Moderate: libinput security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for libinput.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "libinput is a library that handles input devices for display servers and other applications that need to directly deal with input devices.\n\nSecurity Fix(es):\n\n* libinput: local privilege escalation via crafted uinput devices (CVE-2026-50292)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2485390", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485390", "description": ""}], "cves": [{"name": "CVE-2026-50292", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50292", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "6.7", "cwe": "CWE-78"}], "references": [], "publishedAt": "2026-07-15T12:06:01.640959Z", "rpms": {"Rocky Linux 10": {"nvras": ["libinput-debugsource-0:1.30.1-2.el10_2.aarch64.rpm", "libinput-0:1.30.1-2.el10_2.aarch64.rpm", "libinput-debugsource-0:1.30.1-2.el10_2.x86_64.rpm", "libinput-devel-0:1.30.1-2.el10_2.aarch64.rpm", "libinput-utils-debuginfo-0:1.30.1-2.el10_2.aarch64.rpm", "libinput-debuginfo-0:1.30.1-2.el10_2.ppc64le.rpm", "libinput-utils-debuginfo-0:1.30.1-2.el10_2.s390x.rpm", "libinput-utils-0:1.30.1-2.el10_2.x86_64.rpm", "libinput-devel-0:1.30.1-2.el10_2.s390x.rpm", "libinput-debugsource-0:1.30.1-2.el10_2.s390x.rpm", "libinput-devel-0:1.30.1-2.el10_2.ppc64le.rpm", "libinput-utils-0:1.30.1-2.el10_2.ppc64le.rpm","libinput-0:1.30.1-2.el10_2.s390x.rpm", "libinput-utils-debuginfo-0:1.30.1-2.el10_2.x86_64.rpm", "libinput-debuginfo-0:1.30.1-2.el10_2.aarch64.rpm", "libinput-debuginfo-0:1.30.1-2.el10_2.x86_64.rpm", "libinput-0:1.30.1-2.el10_2.ppc64le.rpm", "libinput-debugsource-0:1.30.1-2.el10_2.ppc64le.rpm", "libinput-utils-0:1.30.1-2.el10_2.aarch64.rpm", "libinput-debuginfo-0:1.30.1-2.el10_2.s390x.rpm", "libinput-0:1.30.1-2.el10_2.x86_64.rpm", "libinput-utils-0:1.30.1-2.el10_2.s390x.rpm", "libinput-utils-debuginfo-0:1.30.1-2.el10_2.ppc64le.rpm", "libinput-0:1.30.1-2.el10_2.src.rpm", "libinput-devel-0:1.30.1-2.el10_2.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. A moderate security update available for libinput in Rocky Linux addresses local privilege escalation risks.. Rocky Linux, libinput, security update, local privilege escalation. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jul 15, 2026 moderate Rocky Linux
100

SUSE Firewalld Moderate Local State Change Risk CVE-2026-4948 2026-22343-1

An update that solves one vulnerability can now be installed.. # Security update for firewalld Announcement ID: SUSE-SU-2026:22343-1 Release Date: 2026-06-22T15:10:04Z Rating: moderate References: * bsc#1260903 Cross-References: * CVE-2026-4948 CVSS scores: * CVE-2026-4948 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-4948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2026-4948 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for firewalld fixes the following issue * CVE-2026-4948: local unprivileged users can modify firewall state due to D-Bus setter mis-authorizations (bsc#1260903). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-1045=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-1045=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (noarch) * python3-firewall-2.1.2-160000.3.1 * firewalld-2.1.2-160000.3.1 * firewalld-zsh-completion-2.1.2-160000.3.1 * firewalld-bash-completion-2.1.2-160000.3.1 * firewalld-lang-2.1.2-160000.3.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * python3-firewall-2.1.2-160000.3.1 * firewalld-2.1.2-160000.3.1 * firewalld-zsh-completion-2.1.2-160000.3.1 * firewalld-bash-completion-2.1.2-160000.3.1 * firewalld-lang-2.1.2-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-4948.html * https://bugzilla.suse.com/show_bug.cgi?id=1260903 . Update released to fix moderatesecurity issue in firewalld affecting SUSE systems. Install promptly to mitigate risk.. SUSE Linux Enterprise Server, firewalld update, local user privileges. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 moderate SuSE
217

Important Security Advisory ELSA-2026-19351 for Grafana on Oracle Linux 9

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-19351 http://linux.oracle.com/errata/ELSA-2026-19351.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: grafana-pcp-5.1.1-15.el9_8.x86_64.rpm aarch64: grafana-pcp-5.1.1-15.el9_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/grafana-pcp-5.1.1-15.el9_8.src.rpm Related CVEs: CVE-2026-32282 CVE-2026-32283 Description of changes: [5.1.1-15] - Resolves RHEL-166679: CVE-2026-32282 - Resolves RHEL-167679: CVE-2026-32283 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 9 Security Advisory ELSA-2026-19351 covers important updates for grafana-pcp addressing security concerns.. Oracle Linux Security Grafana PCP Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 24, 2026 Important Oracle
202

openSUSE libinput Important Local Privilege Escalation Fix 2026-2523-1

An update that solves two vulnerabilities can now be installed.. # Security update for libinput Announcement ID: SUSE-SU-2026:2523-1 Release Date: 2026-06-23T08:52:48Z Rating: important References: * bsc#1267852 Cross-References: * CVE-2026-50265 * CVE-2026-50292 CVSS scores: * CVE-2026-50265 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-50265 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-50265 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-50292 ( NVD ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-50292 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for libinput fixes the following issues * CVE-2026-50265,CVE-2026-50292: crafted uinput devices can lead to local privilege escalation (bsc#1267852). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2523=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2523=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2523=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2523=1 * SUSE Linux EnterpriseHigh Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2523=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libinput-debugsource-1.21.0-150500.3.3.1 * libinput10-debuginfo-1.21.0-150500.3.3.1 * libinput-udev-debuginfo-1.21.0-150500.3.3.1 * libinput-tools-debuginfo-1.21.0-150500.3.3.1 * libinput10-1.21.0-150500.3.3.1 * libinput-devel-1.21.0-150500.3.3.1 * libinput-udev-1.21.0-150500.3.3.1 * libinput-tools-1.21.0-150500.3.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libinput-debugsource-1.21.0-150500.3.3.1 * libinput10-debuginfo-1.21.0-150500.3.3.1 * libinput-udev-debuginfo-1.21.0-150500.3.3.1 * libinput-tools-debuginfo-1.21.0-150500.3.3.1 * libinput10-1.21.0-150500.3.3.1 * libinput-devel-1.21.0-150500.3.3.1 * libinput-udev-1.21.0-150500.3.3.1 * libinput-tools-1.21.0-150500.3.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libinput-debugsource-1.21.0-150500.3.3.1 * libinput10-debuginfo-1.21.0-150500.3.3.1 * libinput-udev-debuginfo-1.21.0-150500.3.3.1 * libinput-tools-debuginfo-1.21.0-150500.3.3.1 * libinput10-1.21.0-150500.3.3.1 * libinput-devel-1.21.0-150500.3.3.1 * libinput-udev-1.21.0-150500.3.3.1 * libinput-tools-1.21.0-150500.3.3.1 * openSUSE Leap 15.5 (aarch64 i586 ppc64le s390x x86_64) * libinput-debugsource-1.21.0-150500.3.3.1 * libinput10-debuginfo-1.21.0-150500.3.3.1 * libinput-udev-debuginfo-1.21.0-150500.3.3.1 * libinput-tools-debuginfo-1.21.0-150500.3.3.1 * libinput10-1.21.0-150500.3.3.1 * libinput-devel-1.21.0-150500.3.3.1 * libinput-debug-gui-1.21.0-150500.3.3.1 * libinput-udev-1.21.0-150500.3.3.1 * libinput-tools-1.21.0-150500.3.3.1 * libinput-debug-gui-debuginfo-1.21.0-150500.3.3.1 * libinput-extra-debugsource-1.21.0-150500.3.3.1 * openSUSE Leap 15.5 (x86_64) *libinput10-32bit-debuginfo-1.21.0-150500.3.3.1 * libinput10-32bit-1.21.0-150500.3.3.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libinput10-64bit-1.21.0-150500.3.3.1 * libinput10-64bit-debuginfo-1.21.0-150500.3.3.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libinput-debugsource-1.21.0-150500.3.3.1 * libinput10-debuginfo-1.21.0-150500.3.3.1 * libinput-udev-debuginfo-1.21.0-150500.3.3.1 * libinput-tools-debuginfo-1.21.0-150500.3.3.1 * libinput10-1.21.0-150500.3.3.1 * libinput-devel-1.21.0-150500.3.3.1 * libinput-udev-1.21.0-150500.3.3.1 * libinput-tools-1.21.0-150500.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-50265.html * https://www.suse.com/security/cve/CVE-2026-50292.html * https://bugzilla.suse.com/show_bug.cgi?id=1267852 . # Security update for libinput Announcement ID: SUSE-SU-2026:2523-1 Release Date: 2026-06-23T08:52:4. update, solves, vulnerabilities, installed, security, libinput, annou. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 23, 2026 Important OpenSUSE
100

SUSE Libinput Important Local Escalation Fix Advisory 2026-2524-1

An update that solves two vulnerabilities can now be installed.. # Security update for libinput Announcement ID: SUSE-SU-2026:2524-1 Release Date: 2026-06-23T08:53:03Z Rating: important References: * bsc#1267852 Cross-References: * CVE-2026-50265 * CVE-2026-50292 CVSS scores: * CVE-2026-50265 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-50265 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-50265 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-50292 ( NVD ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-50292 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for libinput fixes the following issues * CVE-2026-50265,CVE-2026-50292: crafted uinput devices can lead to local privilege escalation (bsc#1267852). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2524=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libinput-udev-1.27.1-150700.3.3.1 * libinput10-debuginfo-1.27.1-150700.3.3.1 * libinput-tools-1.27.1-150700.3.3.1 * libinput-devel-1.27.1-150700.3.3.1 * libinput-tools-debuginfo-1.27.1-150700.3.3.1 * libinput-udev-debuginfo-1.27.1-150700.3.3.1 * libinput10-1.27.1-150700.3.3.1 * libinput-debugsource-1.27.1-150700.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-50265.html *https://www.suse.com/security/cve/CVE-2026-50292.html * https://bugzilla.suse.com/show_bug.cgi?id=1267852 . Critical update for SUSE libinput addresses important vulnerabilities with local privilege escalation risks.. SUSE Linux, libinput update, security risks, privilege escalation, system security. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 23, 2026 Important SuSE
100

SUSE Linux Enterprise 16 Core Key Security Update SUSE-SU-2026-21501-6

An update that solves two vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21385-1 Release Date: 2026-04-22T23:22:40Z Rating: important References: * bsc#1255066 * bsc#1259859 Cross-References: * CVE-2025-40309 * CVE-2026-23268 CVSS scores: * CVE-2025-40309 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40309 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23268 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.5.1 fixes various security issues The following security issues were fixed: * CVE-2025-40309: Bluetooth: SCO: Fix UAF on sco_conn_free (bsc#1255066). * CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management (bsc#1259859). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-630=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-630=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * kernel-livepatch-6_12_0-160000_5-default-10-160000.4.3 * kernel-livepatch-6_12_0-160000_5-default-debuginfo-10-160000.4.3 * kernel-livepatch-SLE16_Update_0-debugsource-10-160000.4.3 *SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-livepatch-6_12_0-160000_5-default-10-160000.4.3 * kernel-livepatch-6_12_0-160000_5-default-debuginfo-10-160000.4.3 * kernel-livepatch-SLE16_Update_0-debugsource-10-160000.4.3 ## References: * https://www.suse.com/security/cve/CVE-2025-40309.html * https://www.suse.com/security/cve/CVE-2026-23268.html * https://bugzilla.suse.com/show_bug.cgi?id=1255066 * https://bugzilla.suse.com/show_bug.cgi?id=1259859 . SUSE Linux Enterprise Security Advisory for kernel update fixing important vulnerabilities regarding Bluetooth and AppArmor.. SUSE Linux Kernel Update, Important Security Advisory, Local Privilege Escalation, Bluetooth UAF Safety. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Apr 28, 2026 Important SuSE
100

SUSE Linux Micro 6.0 Important Kernel RT Update 2026-21323-1

An update that solves two vulnerabilities can now be installed.. # Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21323-1 Release Date: 2026-04-22T16:51:39Z Rating: important References: * bsc#1255066 * bsc#1259859 Cross-References: * CVE-2025-40309 * CVE-2026-23268 CVSS scores: * CVE-2025-40309 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40309 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23268 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-28.1 fixes various security issues The following security issues were fixed: * CVE-2025-40309: Bluetooth: SCO: Fix UAF on sco_conn_free (bsc#1255066). * CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management (bsc#1259859). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-345=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_6-debugsource-16-3.1 * kernel-livepatch-6_4_0-28-rt-debuginfo-16-3.1 * kernel-livepatch-6_4_0-28-rt-16-3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-40309.html * https://www.suse.com/security/cve/CVE-2026-23268.html * https://bugzilla.suse.com/show_bug.cgi?id=1255066 * https://bugzilla.suse.com/show_bug.cgi?id=1259859 . Update for SUSELinux Micro 6.0 addresses important kernel RT vulnerabilities. Install patch to enhance system security promptly.. SUSE Linux Micro 6.0, kernel RT, patch update, local privilege escalation. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Apr 27, 2026 Important SuSE
100

SUSE Linux Micro 6.0 Kernel RT Significant Security Update 2026-21331-1

An update that solves one vulnerability can now be installed.. # Security update for the Linux Kernel RT (Live Patch 18 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21331-1 Release Date: 2026-04-22T16:59:00Z Rating: important References: * bsc#1259859 Cross-References: * CVE-2026-23268 CVSS scores: * CVE-2026-23268 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23268 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-40.1 fixes one security issue The following security issue was fixed: * CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management (bsc#1259859). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-354=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_18-debugsource-2-1.1 * kernel-livepatch-6_4_0-40-rt-debuginfo-2-1.1 * kernel-livepatch-6_4_0-40-rt-2-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23268.html * https://bugzilla.suse.com/show_bug.cgi?id=1259859 . SUSE Kernel RT Live Patch 18 update addresses important privilege management issue. Install now for better security.. SUSE Linux, kernel update, local user issue, privilege escalation, apparmor security. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Apr 27, 2026 Important SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200