Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Can sandbox isolation stop malware?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/154-can-sandbox-isolation-stop-malware?task=poll.vote&format=json
154
radio
0
[{"id":497,"title":"Breaches happen despite container barriers.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":498,"title":"Supply chain flaws exploit trust.","votes":2,"type":"x","order":2,"pct":100,"resources":[]},{"id":499,"title":"Flawed configurations expose vital files.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -8 articles for you...
100

SUSE Linux Enterprise 16 Helm Critical Memory Issue SUSE-SA-2026-21435-3

An update that solves two vulnerabilities can now be installed.. # Security update for helm Announcement ID: SUSE-SU-2026:21434-1 Release Date: 2026-04-30T13:26:15Z Rating: moderate References: * bsc#1248093 * bsc#1261938 Cross-References: * CVE-2025-55199 * CVE-2026-35206 CVSS scores: * CVE-2025-55199 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-55199 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-55199 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-35206 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-35206 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2026-35206 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-35206 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for helm fixes the following issues: Update to version 3.20.2. Security issued fixed: * CVE-2025-55199: specially crafted JSON Schema can lead to out of memory (OOM) termination (bsc#1248093). * CVE-2026-35206: specially crafted Chart will have contents extracted to immediate output directory rather than to expected output directory suffixed by the Chart's name (bsc#1261938). Other updates and bugfixes: * Version 3.20.1: * chore(deps): bump the k8s-io group with 7 updates a2369ca (dependabot[bot]) * add image index test 90e1056 (Pedro Trres) * fix pulling charts from OCI indices 911f2e9 (Pedro Trres) * Remove refactorringchanges from coalesce_test.go 76dad33 (Evans Mungai) * Fix import 45c12f7 (Evans Mungai) * Update pkg/chart/common/util/coalesce_test.go 26c6f19 (Evans Mungai) * Fix lint warning 09f5129 (Evans Mungai) * Preserve nil values in chart already 417deb2 (Evans Mungai) * fix(values): preserve nil values when chart default is empty map 5417bfa (Evans Mungai) * Version 3.20.0: * SDK: bump k8s API versions to v0.35.0 * v3 backport: Fixed a bug where helm uninstall with --keep-history did not suspend previous deployed releases #12564 * v3 backport: Bump Go version to v1.25 * bump version to v3.20 * chore(deps): bump golang.org/x/text from 0.32.0 to 0.33.0 * chore(deps): bump golang.org/x/term from 0.38.0 to 0.39.0 * chore(deps): bump github.com/foxcpp/go-mockdns from 1.1.0 to 1.2.0 * chore(deps): bump the k8s-io group with 7 updates * [dev-v3] Replace deprecated `NewSimpleClientset` * [dev-v3] Bump Go v1.25, `golangci-lint` v2 * chore(deps): bump github.com/BurntSushi/toml from 1.5.0 to 1.6.0 * chore(deps): bump github.com/containerd/containerd from 1.7.29 to 1.7.30 * fix(rollback): `errors.Is` instead of string comp * fix(uninstall): supersede deployed releases * Use latest patch release of Go in releases * chore(deps): bump golang.org/x/crypto from 0.45.0 to 0.46.0 * chore(deps): bump golang.org/x/text from 0.31.0 to 0.32.0 * chore(deps): bump golang.org/x/term from 0.37.0 to 0.38.0 * chore(deps): bump github.com/spf13/cobra from 1.10.1 to 1.10.2 * chore(deps): bump github.com/rubenv/sql-migrate from 1.8.0 to 1.8.1 * chore(deps): bump golang.org/x/crypto from 0.44.0 to 0.45.0 * chore(deps): bump github.com/cyphar/filepath-securejoin * chore(deps): bump golang.org/x/text from 0.30.0 to 0.31.0 * chore(deps): bump golang.org/x/crypto from 0.43.0 to 0.44.0 * Remove dev-v3 `helm-latest-version` publish * chore(deps): bump golang.org/x/term from 0.36.0 to 0.37.0 1.7.28 to 1.7.29 * Revert "pkg/registry: Login option for passing TLS config in memory" *jsonschema: warn and ignore unresolved URN $ref to match v3.18.4 * Fix `helm pull` untar dir check with repo urls * chore(deps): bump golang.org/x/crypto from 0.42.0 to 0.43.0 * chore(deps): bump github.com/gofrs/flock from 0.12.1 to 0.13.0 * chore(deps): bump golang.org/x/text from 0.29.0 to 0.30.0 * [backport] fix: get-helm-3 script use helm3-latest-version * pkg/registry: Login option for passing TLS config in memory * Fix deprecation warning * chore(deps): bump golang.org/x/crypto from 0.41.0 to 0.42.0 * chore(deps): bump golang.org/x/term from 0.34.0 to 0.35.0 * Avoid "panic: interface conversion: interface {} is nil" * bump version to v3.19.0 * chore(deps): bump github.com/spf13/pflag from 1.0.7 to 1.0.10 * fix: set repo authorizer in registry.Client.Resolve() * fix null merge * Add timeout flag to repo add and update flags * Version 3.19.5: * Fixed bug where removing subchart value via override resulted in warning #31118 * Fixed bug where helm uninstall with --keep-history did not suspend previous deployed releases #12556 * fix(rollback): errors.Is instead of string comp 4a19a5b (Hidde Beydals) * fix(uninstall): supersede deployed releases 7a00235 (Hidde Beydals) * fix null merge 578564e (Ben Foster) * Version 3.19.4: * Use latest patch release of Go in releases 7cfb6e4 (Matt Farina) * chore(deps): bump github.com/gofrs/flock from 0.12.1 to 0.13.0 59c951f (dependabot[bot]) * chore(deps): bump github.com/cyphar/filepath-securejoin d45f3f1 * chore(deps): bump golang.org/x/crypto from 0.44.0 to 0.45.0 d459544 (dependabot[bot]) * chore(deps): bump golang.org/x/term from 0.36.0 to 0.37.0 becd387 (dependabot[bot]) * chore(deps): bump the k8s-io group with 7 updates edb1579 * Version 3.19.3: * Bump golang.org/x/crypto to v0.45.0 * Version 3.19.2: * [backport] fix: get-helm-3 script use helm3-latest-version 8766e71 (George Jenkins) ## Patch Instructions: To install this SUSE update use the SUSE recommended installationmethods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-661=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-661=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * helm-3.20.2-160000.1.1 * helm-debuginfo-3.20.2-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * helm-fish-completion-3.20.2-160000.1.1 * helm-bash-completion-3.20.2-160000.1.1 * helm-zsh-completion-3.20.2-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * helm-3.20.2-160000.1.1 * helm-debuginfo-3.20.2-160000.1.1 * SUSE Linux Enterprise Server 16.0 (noarch) * helm-fish-completion-3.20.2-160000.1.1 * helm-bash-completion-3.20.2-160000.1.1 * helm-zsh-completion-3.20.2-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-55199.html * https://www.suse.com/security/cve/CVE-2026-35206.html * https://bugzilla.suse.com/show_bug.cgi?id=1248093 * https://bugzilla.suse.com/show_bug.cgi?id=1261938 . Two vulnerabilities fixed in helm software update, addressing memory issues and output directory extraction errors.. SUSE helm security update memory issue output directory. . LinuxSecurity.com Team

Calendar%202 May 04, 2026 SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Can sandbox isolation stop malware?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/154-can-sandbox-isolation-stop-malware?task=poll.vote&format=json
154
radio
0
[{"id":497,"title":"Breaches happen despite container barriers.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":498,"title":"Supply chain flaws exploit trust.","votes":2,"type":"x","order":2,"pct":100,"resources":[]},{"id":499,"title":"Flawed configurations expose vital files.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Your message here