Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 26 articles for you...
202
security advisorybuffer overflowimportantopenSUSE Leap 16.0 Severe Fixes for Mapserver Vulnerabilities 2026-20857-1
An update that solves 2 vulnerabilities and has 2 bug fixes can now be installed.. openSUSE security update: security update for mapserver ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20857-1 Rating: important References: * bsc#1260869 * bsc#1266663 Cross-References: * CVE-2026-33721 * CVE-2026-45104 Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves 2 vulnerabilities and has 2 bug fixes can now be installed. Description: This update for mapserver fixes the following issues: Changes in mapserver: - Update to releasee 8.6.3 * SLD parser: fix out of bounds access on SLD with only a Rule with a ElseFilter but without a symbolizer [CVE-2026-33721, boo#1260869] [CVE-2026-45104, boo#1266663] Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-packagehub-287=1 Package List: - openSUSE Leap 16.0: libjavamapscript-8.6.3-bp160.1.1 libmapserver2-8.6.3-bp160.1.1 mapserver-8.6.3-bp160.1.1 mapserver-devel-8.6.3-bp160.1.1 perl-mapscript-8.6.3-bp160.1.1 php-mapscriptng-8.6.3-bp160.1.1 python313-mapserver-8.6.3-bp160.1.1 References: * https://www.suse.com/security/cve/CVE-2026-33721.html * https://www.suse.com/security/cve/CVE-2026-45104.html . Update for openSUSE Leap 16.0 mapserver addresses critical bugs and security issues requiring immediate attention.. openSUSE mapserver update security vulnerabilities. . Severity: Important. LinuxSecurity.com Team
Jun 02, 2026 •Important OpenSUSE 202
security advisorymoderatesecurity updateopenSUSE Leap 16.0 Mesa Moderate Out-Of-Bounds Access Vuln 2026-20688-1
An update that solves one vulnerability and has 2 bug fixes can now be installed.. openSUSE security update: security update for mesa ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20688-1 Rating: moderate References: * bsc#1261911 * bsc#1261998 Cross-References: * CVE-2026-40393 Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability and has 2 bug fixes can now be installed. Description: This update for Mesa fixes the following issue: - CVE-2026-40393: out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party (bsc#1261998). Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-707=1 Package List: - openSUSE Leap 16.0: Mesa-24.3.3-160000.3.1 Mesa-KHR-devel-24.3.3-160000.3.1 Mesa-devel-24.3.3-160000.3.1 Mesa-dri-24.3.3-160000.3.1 Mesa-dri-devel-24.3.3-160000.3.1 Mesa-dri-nouveau-24.3.3-160000.3.1 Mesa-dri-vc4-24.3.3-160000.3.1 Mesa-gallium-24.3.3-160000.3.1 Mesa-libEGL-devel-24.3.3-160000.3.1 Mesa-libEGL1-24.3.3-160000.3.1 Mesa-libGL-devel-24.3.3-160000.3.1 Mesa-libGL1-24.3.3-160000.3.1 Mesa-libGLESv1_CM-devel-24.3.3-160000.3.1 Mesa-libGLESv2-devel-24.3.3-160000.3.1 Mesa-libGLESv3-devel-24.3.3-160000.3.1 Mesa-libOpenCL-24.3.3-160000.3.1 Mesa-libRusticlOpenCL-24.3.3-160000.3.1 Mesa-libd3d-24.3.3-160000.3.1 Mesa-libd3d-devel-24.3.3-160000.3.1 Mesa-libglapi-devel-24.3.3-160000.3.1 Mesa-libglapi0-24.3.3-160000.3.1 Mesa-libva-24.3.3-160000.3.1 Mesa-vulkan-device-select-24.3.3-160000.3.1 Mesa-vulkan-overlay-24.3.3-160000.3.1 libOSMesa-devel-24.3.3-160000.3.1 libOSMesa8-24.3.3-160000.3.1 libgbm-devel-24.3.3-160000.3.1 libgbm1-24.3.3-160000.3.1 libvdpau_d3d12-24.3.3-160000.3.1 libvdpau_nouveau-24.3.3-160000.3.1 libvdpau_r600-24.3.3-160000.3.1 libvdpau_radeonsi-24.3.3-160000.3.1 libvdpau_virtio_gpu-24.3.3-160000.3.1 libvulkan_broadcom-24.3.3-160000.3.1 libvulkan_freedreno-24.3.3-160000.3.1 libvulkan_intel-24.3.3-160000.3.1 libvulkan_lvp-24.3.3-160000.3.1 libvulkan_radeon-24.3.3-160000.3.1 libxatracker-devel-1.0.0-160000.3.1 libxatracker2-1.0.0-160000.3.1 References: * https://www.suse.com/security/cve/CVE-2026-40393.html . An installation note regarding openSUSE security update addressing moderate issues in Mesa software with critical bug fixes.. openSUSE security patch Mesa vulnerability update. . LinuxSecurity.com Team
May 08, 2026 OpenSUSE 
100
security advisorymoderateSuSESUSE Linux Micro 6.1 Mesa Moderate Out-of-Bounds Access Vuln 2026-21292-1
An update that solves one vulnerability can now be installed.. # Security update for Mesa Announcement ID: SUSE-SU-2026:21292-1 Release Date: 2026-04-23T12:57:06Z Rating: moderate References: * bsc#1261998 Cross-References: * CVE-2026-40393 CVSS scores: * CVE-2026-40393 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2026-40393 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-40393 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for Mesa fixes the following issue: * CVE-2026-40393: out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party (bsc#1261998). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-504=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * Mesa-23.3.4-slfo.1.1_3.1 * Mesa-libEGL1-23.3.4-slfo.1.1_3.1 * Mesa-drivers-debugsource-23.3.4-slfo.1.1_3.1 * Mesa-libGL1-debuginfo-23.3.4-slfo.1.1_3.1 * libgbm1-debuginfo-23.3.4-slfo.1.1_3.1 * Mesa-libglapi0-23.3.4-slfo.1.1_3.1 * Mesa-libGL1-23.3.4-slfo.1.1_3.1 * Mesa-dri-debuginfo-23.3.4-slfo.1.1_3.1 * Mesa-debugsource-23.3.4-slfo.1.1_3.1 * Mesa-libEGL1-debuginfo-23.3.4-slfo.1.1_3.1 * libgbm1-23.3.4-slfo.1.1_3.1 * Mesa-libglapi0-debuginfo-23.3.4-slfo.1.1_3.1 * Mesa-dri-23.3.4-slfo.1.1_3.1 * SUSE Linux Micro 6.1 (aarch64 ppc64le x86_64) * Mesa-gallium-debuginfo-23.3.4-slfo.1.1_3.1 * Mesa-gallium-23.3.4-slfo.1.1_3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40393.html * https://bugzilla.suse.com/show_bug.cgi?id=1261998 . SUSEupdates Mesa to address an out-of-bounds access issue with moderate severity. Apply the security patch promptly.. SUSE Linux Micro Mesa Security Moderate Patch. . LinuxSecurity.com Team
Apr 27, 2026 SuSE 219
security advisorymoderatesecurity issueRocky Linux 9 RLSA-2026-6392 Rsync Controlled Buffer Overflow Vulnerability
Moderate: rsync security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:6390", "synopsis": "Moderate: rsync security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for rsync.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool.\n\nSecurity Fix(es):\n\n* rsync: Rsync: Out of bounds array access via negative index (CVE-2025-10158)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2415637", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2415637", "description": ""}], "cves": [{"name": "CVE-2025-10158", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-10158", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "cvss3BaseScore": "4.3", "cwe": "CWE-129"}], "references": [], "publishedAt": "2026-04-07T12:03:55.701474Z", "rpms": {"Rocky Linux 9": {"nvras": ["rsync-0:3.2.5-3.el9_7.2.aarch64.rpm", "rsync-0:3.2.5-3.el9_7.2.ppc64le.rpm", "rsync-0:3.2.5-3.el9_7.2.s390x.rpm", "rsync-0:3.2.5-3.el9_7.2.src.rpm", "rsync-0:3.2.5-3.el9_7.2.x86_64.rpm", "rsync-daemon-0:3.2.5-3.el9_7.2.noarch.rpm", "rsync-debuginfo-0:3.2.5-3.el9_7.2.aarch64.rpm", "rsync-debuginfo-0:3.2.5-3.el9_7.2.ppc64le.rpm", "rsync-debuginfo-0:3.2.5-3.el9_7.2.s390x.rpm", "rsync-debuginfo-0:3.2.5-3.el9_7.2.x86_64.rpm", "rsync-debugsource-0:3.2.5-3.el9_7.2.aarch64.rpm","rsync-debugsource-0:3.2.5-3.el9_7.2.ppc64le.rpm", "rsync-debugsource-0:3.2.5-3.el9_7.2.s390x.rpm", "rsync-debugsource-0:3.2.5-3.el9_7.2.x86_64.rpm", "rsync-rrsync-0:3.2.5-3.el9_7.2.noarch.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Rsync security update for Rocky Linux fixes a moderate issue of out of bounds access. Stay secure with the latest patch!. Rsync Update, Rocky Linux Security, Moderate Threat, Out of Bounds Fix. . LinuxSecurity.com Team
Apr 07, 2026 Rocky Linux 219
security advisorymoderatesecurity updateUbuntu 22 Focal-2026-6391 curl Minor Memory Vulnerability Detected
Moderate: rsync security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:6390", "synopsis": "Moderate: rsync security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for rsync.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool.\n\nSecurity Fix(es):\n\n* rsync: Rsync: Out of bounds array access via negative index (CVE-2025-10158)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2415637", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2415637", "description": ""}], "cves": [{"name": "CVE-2025-10158", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-10158", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "cvss3BaseScore": "4.3", "cwe": "CWE-129"}], "references": [], "publishedAt": "2026-04-07T12:03:55.701474Z", "rpms": {"Rocky Linux 9": {"nvras": ["rsync-0:3.2.5-3.el9_7.2.aarch64.rpm", "rsync-0:3.2.5-3.el9_7.2.ppc64le.rpm", "rsync-0:3.2.5-3.el9_7.2.s390x.rpm", "rsync-0:3.2.5-3.el9_7.2.src.rpm", "rsync-0:3.2.5-3.el9_7.2.x86_64.rpm", "rsync-daemon-0:3.2.5-3.el9_7.2.noarch.rpm", "rsync-debuginfo-0:3.2.5-3.el9_7.2.aarch64.rpm", "rsync-debuginfo-0:3.2.5-3.el9_7.2.ppc64le.rpm", "rsync-debuginfo-0:3.2.5-3.el9_7.2.s390x.rpm", "rsync-debuginfo-0:3.2.5-3.el9_7.2.x86_64.rpm", "rsync-debugsource-0:3.2.5-3.el9_7.2.aarch64.rpm","rsync-debugsource-0:3.2.5-3.el9_7.2.ppc64le.rpm", "rsync-debugsource-0:3.2.5-3.el9_7.2.s390x.rpm", "rsync-debugsource-0:3.2.5-3.el9_7.2.x86_64.rpm", "rsync-rrsync-0:3.2.5-3.el9_7.2.noarch.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. A moderate security update for rsync in Rocky Linux 9 addresses out-of-bounds access flaws to ensure better protection.. Rsync Security Update, Rocky Linux 9 Update, Security Advisories, Moderate Severity Issues, Out-of-Bounds Access. . LinuxSecurity.com Team
Apr 07, 2026 Rocky Linux 219
security advisorymoderatesecurity updateRaspberry Pi OS 2023-1324 samba Elevated Buffer Overflow Threat
Moderate: rsync security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:6390", "synopsis": "Moderate: rsync security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for rsync.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool.\n\nSecurity Fix(es):\n\n* rsync: Rsync: Out of bounds array access via negative index (CVE-2025-10158)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2415637", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2415637", "description": ""}], "cves": [{"name": "CVE-2025-10158", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-10158", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "cvss3BaseScore": "4.3", "cwe": "CWE-129"}], "references": [], "publishedAt": "2026-04-07T12:03:55.701474Z", "rpms": {"Rocky Linux 9": {"nvras": ["rsync-0:3.2.5-3.el9_7.2.aarch64.rpm", "rsync-0:3.2.5-3.el9_7.2.ppc64le.rpm", "rsync-0:3.2.5-3.el9_7.2.s390x.rpm", "rsync-0:3.2.5-3.el9_7.2.src.rpm", "rsync-0:3.2.5-3.el9_7.2.x86_64.rpm", "rsync-daemon-0:3.2.5-3.el9_7.2.noarch.rpm", "rsync-debuginfo-0:3.2.5-3.el9_7.2.aarch64.rpm", "rsync-debuginfo-0:3.2.5-3.el9_7.2.ppc64le.rpm", "rsync-debuginfo-0:3.2.5-3.el9_7.2.s390x.rpm", "rsync-debuginfo-0:3.2.5-3.el9_7.2.x86_64.rpm", "rsync-debugsource-0:3.2.5-3.el9_7.2.aarch64.rpm","rsync-debugsource-0:3.2.5-3.el9_7.2.ppc64le.rpm", "rsync-debugsource-0:3.2.5-3.el9_7.2.s390x.rpm", "rsync-debugsource-0:3.2.5-3.el9_7.2.x86_64.rpm", "rsync-rrsync-0:3.2.5-3.el9_7.2.noarch.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. A moderate security update is available for rsync on Rocky Linux 9 addressing an out-of-bounds access issue. Patching recommended.. Rsync Security Update, Rocky Linux 9, Out-of-bounds Access, CVSS Score, Security Patch. . LinuxSecurity.com Team
Apr 07, 2026 Rocky Linux 219
security advisorymoderatersyncAlpine OS 3.17 RLSB-2026-8474 wget Memory Saturation Vulnerability Alert
Moderate: rsync security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:6390", "synopsis": "Moderate: rsync security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for rsync.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool.\n\nSecurity Fix(es):\n\n* rsync: Rsync: Out of bounds array access via negative index (CVE-2025-10158)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2415637", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2415637", "description": ""}], "cves": [{"name": "CVE-2025-10158", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-10158", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "cvss3BaseScore": "4.3", "cwe": "CWE-129"}], "references": [], "publishedAt": "2026-04-07T12:03:55.701474Z", "rpms": {"Rocky Linux 9": {"nvras": ["rsync-0:3.2.5-3.el9_7.2.aarch64.rpm", "rsync-0:3.2.5-3.el9_7.2.ppc64le.rpm", "rsync-0:3.2.5-3.el9_7.2.s390x.rpm", "rsync-0:3.2.5-3.el9_7.2.src.rpm", "rsync-0:3.2.5-3.el9_7.2.x86_64.rpm", "rsync-daemon-0:3.2.5-3.el9_7.2.noarch.rpm", "rsync-debuginfo-0:3.2.5-3.el9_7.2.aarch64.rpm", "rsync-debuginfo-0:3.2.5-3.el9_7.2.ppc64le.rpm", "rsync-debuginfo-0:3.2.5-3.el9_7.2.s390x.rpm", "rsync-debuginfo-0:3.2.5-3.el9_7.2.x86_64.rpm", "rsync-debugsource-0:3.2.5-3.el9_7.2.aarch64.rpm","rsync-debugsource-0:3.2.5-3.el9_7.2.ppc64le.rpm", "rsync-debugsource-0:3.2.5-3.el9_7.2.s390x.rpm", "rsync-debugsource-0:3.2.5-3.el9_7.2.x86_64.rpm", "rsync-rrsync-0:3.2.5-3.el9_7.2.noarch.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Learn about the rsync security update addressing moderate vulnerabilities in Rocky Linux 9. Secure your systems now!. rsync security update, Rocky Linux rsync, moderate security fix, CVE-2025-10158, rsync vulnerabilities. . LinuxSecurity.com Team
Apr 07, 2026 Rocky Linux 100
security advisorycritical issueSuSESUSE Linux Micro 6.0 Kernel Important Threat 20500-1 CVE-2025-38111
An update that solves five vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:20500-1 Release Date: 2026-02-19T09:17:44Z Rating: important References: * bsc#1249205 * bsc#1249455 * bsc#1249480 * bsc#1253439 * bsc#1253473 Cross-References: * CVE-2025-38111 * CVE-2025-38352 * CVE-2025-39742 * CVE-2025-40129 * CVE-2025-40186 CVSS scores: * CVE-2025-38111 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38111 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38111 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-38352 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38352 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38352 ( NVD ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39742 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39742 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39742 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40129 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40129 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40186 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40186 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 6.4.0-25.1 fixes various security issues The following security issues were fixed: * CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455). * CVE-2025-38352: posix-cpu-timers: fix racebetween handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205). * CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480). * CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473). * CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-271=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-25-default-debuginfo-15-1.2 * kernel-livepatch-6_4_0-25-default-15-1.2 * kernel-livepatch-MICRO-6-0_Update_5-debugsource-15-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-38111.html * https://www.suse.com/security/cve/CVE-2025-38352.html * https://www.suse.com/security/cve/CVE-2025-39742.html * https://www.suse.com/security/cve/CVE-2025-40129.html * https://www.suse.com/security/cve/CVE-2025-40186.html * https://bugzilla.suse.com/show_bug.cgi?id=1249205 * https://bugzilla.suse.com/show_bug.cgi?id=1249455 * https://bugzilla.suse.com/show_bug.cgi?id=1249480 * https://bugzilla.suse.com/show_bug.cgi?id=1253439 * https://bugzilla.suse.com/show_bug.cgi?id=1253473 . An important security update for SUSE Linux Enterprise Micro 6.0 fixes critical issues in the kernel affecting various components.. SUSE Linux Kernel Patch Important Update Security. . Severity: Important. LinuxSecurity.com Team
Feb 27, 2026 •Important SuSE 
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!