Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -7 articles for you...
100
security advisorySuSEimportantSUSE Linux Micro 6.0 Kernel Update 2026-20861-1 Important Six Fixes
An update that solves six vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:20861-1 Release Date: 2026-03-24T16:49:24Z Rating: important References: * bsc#1247240 * bsc#1255053 * bsc#1255895 * bsc#1256624 * bsc#1256644 * bsc#1257669 Cross-References: * CVE-2025-38488 * CVE-2025-40258 * CVE-2025-40284 * CVE-2025-40297 * CVE-2025-68813 * CVE-2025-71085 CVSS scores: * CVE-2025-38488 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38488 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38488 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40258 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40258 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40284 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40284 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40297 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40297 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68813 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68813 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71085 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-71085 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71085 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues The following security issues were fixed: *CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240). * CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053). * CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669). * CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895). * CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644). * CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-311=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_9-debugsource-13-1.2 * kernel-livepatch-6_4_0-31-default-13-1.2 * kernel-livepatch-6_4_0-31-default-debuginfo-13-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-38488.html * https://www.suse.com/security/cve/CVE-2025-40258.html * https://www.suse.com/security/cve/CVE-2025-40284.html * https://www.suse.com/security/cve/CVE-2025-40297.html * https://www.suse.com/security/cve/CVE-2025-68813.html * https://www.suse.com/security/cve/CVE-2025-71085.html * https://bugzilla.suse.com/show_bug.cgi?id=1247240 * https://bugzilla.suse.com/show_bug.cgi?id=1255053 * https://bugzilla.suse.com/show_bug.cgi?id=1255895 * https://bugzilla.suse.com/show_bug.cgi?id=1256624 * https://bugzilla.suse.com/show_bug.cgi?id=1256644 * https://bugzilla.suse.com/show_bug.cgi?id=1257669 . Update resolves six important kernel issues for SUSE Linux Micro 6.0 to enhance security and performance.. SUSE Linux Micro 6.0 security update kernel important exploits. . Severity: Important. LinuxSecurity.com Team
Mar 27, 2026
•Important
SuSE
98
security advisoryred hatRed Hat Enterprise LinuxRed Hat 7: RHSA-2019-4041 Important: SSO Security Update
New Red Hat Single Sign-On 7.3.5 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat Single Sign-On 7.3.5 security update on RHEL 7 Advisory ID: RHSA-2019:4041-01 Product: Red Hat Single Sign-On Advisory URL: https://access.redhat.com/errata/RHSA-2019:4041 Issue date: 2019-12-02 CVE Names: CVE-2019-9512 CVE-2019-9514 CVE-2019-9515 CVE-2019-14837 CVE-2019-14838 CVE-2019-14843 ==================================================================== 1. Summary: New Red Hat Single Sign-On 7.3.5 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Single Sign-On 7.3 for RHEL 7 Server - noarch 3. Description: Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.5 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.3.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix(es): * keycloak: Service accounts reset password flow not using placeholder.org domain anymore (CVE-2019-14837) * undertow: HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512) * undertow: HTTP/2: flood using HEADERS framesresults in unbounded memory growth (CVE-2019-9514) * undertow: HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515) * wildfly-core: Incorrect privileges for 'Monitor', 'Auditor' and 'Deployer' user by default (CVE-2019-14838) * wildfly: wildfly-security-manager: security manager authorization bypass (CVE-2019-14843) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1730227 - CVE-2019-14837 keycloak: keycloak uses hardcoded open dummy domain for new accounts enabling information disclosure 1735645 - CVE-2019-9512 HTTP/2: flood using PING frames results in unbounded memory growth 1735744 - CVE-2019-9514 HTTP/2: flood using HEADERS frames results in unbounded memory growth 1735745 - CVE-2019-9515 HTTP/2: flood using SETTINGS frames results in unbounded memory growth 1751227 - CVE-2019-14838 wildfly-core: Incorrect privileges for 'Monitor', 'Auditor' and 'Deployer' user by default 1752980 - CVE-2019-14843 wildfly-security-manager: security manager authorization bypass 6. JIRA issues fixed (https://redhat.atlassian.net/jira/projects): KEYCLOAK-11816 - Tracker bug for the RH-SSO 7.3.5 release for RHEL7 7. Package List: Red Hat Single Sign-On 7.3 for RHEL 7 Server: Source: rh-sso7-keycloak-4.8.15-1.Final_redhat_00001.1.el7sso.src.rpm noarch: rh-sso7-keycloak-4.8.15-1.Final_redhat_00001.1.el7sso.noarch.rpm rh-sso7-keycloak-server-4.8.15-1.Final_redhat_00001.1.el7sso.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 8.References: https://access.redhat.com/security/cve/CVE-2019-9512 https://access.redhat.com/security/cve/CVE-2019-9514 https://access.redhat.com/security/cve/CVE-2019-9515 https://access.redhat.com/security/cve/CVE-2019-14837 https://access.redhat.com/security/cve/CVE-2019-14838 https://access.redhat.com/security/cve/CVE-2019-14843 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/ 9. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXeVEEtzjgjWX9erEAQgesg//R4pP92wdQAOoszGF9SatZxHsxUUQD5N7 omclF3WrLjuFOuPD3t+jGYRkgi6ffGPFvkWMQr06htWnpqwtWNl9uaRwsKJqb9Gi HZ/0+d+BZp9yH7OAGKFu1GhuYVKB1o9t5m93VkmtAD+zaVz4zOliREPNkhfltmAP Cy++gJH9+Qpt0RxKsErqIShkb3IpQCL+nyf+IcBgwZg4HcU7rMIPkbF9yV7BrdCX UQM+4sFoxS8E8l2CH/P7Y6Q1iQdWYFnpnWH2e0EIJpUAipMTwusEn++8EO4CyRuA 9Y6I9zlt7fik8WmtGGEvHDX4HZn1GlL56/1GSw2qVOD7T2NrQIq9qnPVUIUOKvog EnxRGbrmKCUQbaqyNKaXwL7A3khIjop9hKmoG6LbP9yuSU6vbm67haULVSbHvGzA yQrt+KHCJK73DacQTZC8gPDNQ9+Xki61T95yUWgIVz8nf1KbD13DzjL/BK5zz13U z5kUKqs+tQpuL8yhXA4BXK5jJhM9MDYuFvk5c31TIYMv5vgh3ZF6+pBi9usO8nsI rivLaueMVBcyTEMimGk1xB1S4CnJUfQro3ABt+SMDImxCNhHQAA23Pmmm+d+BDI1 yk/E8Y2VnfCmiyZEfZfGh6YmxLKYR0+NTFj1nR0A7ndWjs08RM8/qJLWCv9S6H0q j1+EaEULW6w=RwsK -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Dec 02, 2019
•Important
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!