Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 15 articles for you...
202
security advisorybug fiximportantopenSUSE Leap 16.0 Rqlite Important Bug Fix Vulnerabilities 2026-20854-1
An update that solves 2 vulnerabilities and has 2 bug fixes can now be installed.. openSUSE security update: security update for rqlite ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20854-1 Rating: important References: * bsc#1265706 * bsc#1266544 Cross-References: * CVE-2026-33814 * CVE-2026-39821 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39821 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39821 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves 2 vulnerabilities and has 2 bug fixes can now be installed. Description: This update for rqlite fixes the following issues: Changes in rqlite: - Update to version 10.2.0: * Support verifying mTLS peer Common Name * Console supports restore from SQLite data * Console "count rows" respects current Tables Expand/Collapse state * Console supports dropping indexes * Further Console app improvements - update go-net depdendency to address IDN Punycode validation bypass CVE-2026-39821 boo#1266544 - Update to version 10.1.0: * Add Schema management page to Console app * Display node TLS state in console's Cluster panel - includes changes from 10.0.6: * Limit number of redirects followed on cluster-join * fix HTTP auth reporting Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-packagehub-284=1 Package List: - openSUSE Leap 16.0: rqlite-10.2.0-bp160.1.1 References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://www.suse.com/security/cve/CVE-2026-39821.html . OpenSUSE fixesvulnerabilities in rqlite with important updates to enhance overall security and functionality.. openSUSE security update,rqlite vulnerabilities,update patch instructions. . Severity: Important. LinuxSecurity.com Team
Jun 02, 2026
•Important
OpenSUSE
217
security advisorymoderatesecurity issueOracle Linux 10 grub2 Moderate ELSA-2026-4649 CVE-2025-61662
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-4649 http://linux.oracle.com/errata/ELSA-2026-4649.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: grub2-common-2.12-29.0.1.el10_1.2.noarch.rpm grub2-efi-aa64-modules-2.12-29.0.1.el10_1.2.noarch.rpm grub2-efi-x64-2.12-29.0.1.el10_1.2.x86_64.rpm grub2-efi-x64-cdboot-2.12-29.0.1.el10_1.2.x86_64.rpm grub2-efi-x64-modules-2.12-29.0.1.el10_1.2.noarch.rpm grub2-pc-2.12-29.0.1.el10_1.2.x86_64.rpm grub2-pc-modules-2.12-29.0.1.el10_1.2.noarch.rpm grub2-tools-2.12-29.0.1.el10_1.2.x86_64.rpm grub2-tools-efi-2.12-29.0.1.el10_1.2.x86_64.rpm grub2-tools-extra-2.12-29.0.1.el10_1.2.x86_64.rpm grub2-tools-minimal-2.12-29.0.1.el10_1.2.x86_64.rpm aarch64: grub2-common-2.12-29.0.1.el10_1.2.noarch.rpm grub2-efi-aa64-2.12-29.0.1.el10_1.2.aarch64.rpm grub2-efi-aa64-cdboot-2.12-29.0.1.el10_1.2.aarch64.rpm grub2-efi-aa64-modules-2.12-29.0.1.el10_1.2.noarch.rpm grub2-efi-x64-modules-2.12-29.0.1.el10_1.2.noarch.rpm grub2-tools-2.12-29.0.1.el10_1.2.aarch64.rpm grub2-tools-extra-2.12-29.0.1.el10_1.2.aarch64.rpm grub2-tools-minimal-2.12-29.0.1.el10_1.2.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/grub2-2.12-29.0.1.el10_1.2.src.rpm Related CVEs: CVE-2025-61662 Description of changes: [2.12-29.0.1.el10_1.2] - efinet: Close and reopen card on failure [Orabug: 37808688] - Update grub2 dependencies to match new Secure Boot certificate chain of trust [Orabug: 37766761] - Fix typo in SBAT metadata [Orabug: 37693946] - Allow installation of grub2 only with shim-aa64 that allows booting it [Orabug: 37693946] - Enable btrfs module [Orabug: 37412995] - Restored shim related conflicts and provide. [Orabug: 37376920] - Rework the scripts to cover both in-place upgrade and update scenarios [Orabug: 36768566] - Support setting custom kernels as default kernels [Orabug: 36043978] - Bump SBAT metadata for grub to 3 [Orabug:34872719] - Fix CVE-2022-3775 [Orabug: 34871953] - Enable signing for aarch64 EFI - Fix signing certificate names - Enable back btrfs grub module for EFI pre-built image [Orabug: 34360986] - Replaced bugzilla.oracle.com references [Orabug: 34202300] - Update provided certificate version to 202204 [JIRA: OLDIS-16371] - Various coverity fixes [JIRA: OLDIS-16371] - bump SBAT generation - Update bug url [Orabug: 34202300] - Revert provided certificate version back to 202102 [JIRA: OLDIS-16371] - Update signing certificate [JIRA: OLDIS-16371] - fix SBAT data [JIRA: OLDIS-16371] - Update requires [JIRA: OLDIS-16371] - Rebuild for SecureBoot signatures [Orabug: 33801813] - Do not add shim and grub certificate deps for aarch64 packages [Orabug: 32670033] - Update Oracle SBAT data [Orabug: 32670033] - Use new signing certificate [Orabug: 32670033] - honor /etc/sysconfig/kernel DEFAULTKERNEL setting for BLS [Orabug: 30643497] - set EFIDIR as redhat for additional grub2 tools [Orabug: 29875597] - Update upstream references [Orabug: 26388226] - Insert Unbreakable Enterprise Kernel text into BLS config file [Orabug: 29417955] - Put "with" in menuentry instead of "using" [Orabug: 18504756] - Use different titles for UEK and RHCK kernels [Orabug: 18504756] [2.12-29.2] - Try to get gating tests running via fmf/tmt - Resolves: #RHEL-152849 [2.12-29.1] - Fixes CVE-2025-61662 Missing unregister call for gettext command may lead to use-after-free - Resolves: #RHEL-141580 _______________________________________________ El-errata mailing list
Mar 17, 2026
Oracle
100
security advisorysecurity issueSuSESUSE: Critical Kernel Security Update CVE-2022-50364 Fix 2025:4515-1
An update that solves 29 vulnerabilities and has six security fixes can now be installed.. # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:4515-1 Release Date: 2025-12-23T16:20:28Z Rating: important References: * bsc#1070872 * bsc#1220419 * bsc#1228688 * bsc#1247227 * bsc#1249650 * bsc#1250009 * bsc#1250083 * bsc#1250176 * bsc#1250206 * bsc#1250374 * bsc#1250650 * bsc#1250705 * bsc#1251154 * bsc#1251159 * bsc#1251173 * bsc#1251285 * bsc#1251322 * bsc#1251728 * bsc#1251786 * bsc#1252033 * bsc#1252303 * bsc#1252519 * bsc#1252640 * bsc#1252763 * bsc#1252773 * bsc#1252780 * bsc#1252821 * bsc#1252836 * bsc#1252862 * bsc#1252912 * bsc#1253237 * bsc#1253421 * bsc#1253436 * bsc#1253438 * bsc#1253456 Cross-References: * CVE-2022-50364 * CVE-2022-50368 * CVE-2022-50494 * CVE-2022-50545 * CVE-2022-50551 * CVE-2022-50569 * CVE-2022-50578 * CVE-2023-53229 * CVE-2023-53369 * CVE-2023-53431 * CVE-2023-53542 * CVE-2023-53597 * CVE-2023-53641 * CVE-2023-53676 * CVE-2025-38436 * CVE-2025-39819 * CVE-2025-39967 * CVE-2025-40001 * CVE-2025-40027 * CVE-2025-40030 * CVE-2025-40040 * CVE-2025-40048 * CVE-2025-40055 * CVE-2025-40070 * CVE-2025-40083 * CVE-2025-40173 * CVE-2025-40186 * CVE-2025-40204 * CVE-2025-40205 CVSS scores: * CVE-2022-50364 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50364 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50368 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2022-50368 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2022-50368 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-50494 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-50494 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50545 ( SUSE ): 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50551 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-50551 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50569 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-50569 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50578 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-50578 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53229 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53229 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53369 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53369 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53431 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53431 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53542 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-53542 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53597 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53641 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-53641 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53676 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-53676 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38436 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38436 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38436 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-39819 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N *CVE-2025-39819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-39967 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-39967 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-40001 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40001 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-40027 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40027 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-40030 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40030 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40040 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40040 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40048 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40055 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40055 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40070 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40083 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40083 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40173 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40173 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40186 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40186 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40204 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-40204 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N *CVE-2025-40205 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40205 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 29 vulnerabilities and has six security fixes can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-50364: i2c: mux: reg: check return value after calling platform_get_resource() (bsc#1250083). * CVE-2022-50368: drm/msm/dsi: fix memory corruption with too many bridges (bsc#1250009). * CVE-2022-50494: thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash (bsc#1251173). * CVE-2022-50545: r6040: Fix kmemleak in probe and remove (bsc#1251285). * CVE-2022-50551: wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request() (bsc#1251322). * CVE-2022-50569: xfrm: Update ipcomp_scratches with NULL when freed (bsc#1252640). * CVE-2022-50578: class: fix possible memory leak in __class_register() (bsc#1252519). * CVE-2023-53229: wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta (bsc#1249650). * CVE-2023-53369: net: dcb: choose correct policy to parse DCB_ATTR_BCN (bsc#1250206). * CVE-2023-53431: scsi: ses: Don't attach if enclosure has no components (bsc#1250374). * CVE-2023-53542: ARM: dts: exynos: Use Exynos5420 compatible for the MIPI video phy (bsc#1251154). * CVE-2023-53597: cifs: fix mid leak during reconnection after timeout threshold (bsc#1251159). * CVE-2023-53641: wifi: ath9k: hif_usb: fix memory leak ofremain_skbs (bsc#1251728). * CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251786). * CVE-2025-38436: drm/scheduler: signal scheduled fence when kill job (bsc#1247227). * CVE-2025-39819: fs/smb: Fix inconsistent refcnt update (bsc#1250176). * CVE-2025-39967: fbcon: fix integer overflow in fbcon_do_set_font (bsc#1252033). * CVE-2025-40001: scsi: mvsas: Fix use-after-free bugs in mvs_work_queue (bsc#1252303). * CVE-2025-40027: net/9p: fix double req put in p9_fd_cancelled (bsc#1252763). * CVE-2025-40030: pinctrl: check the return value of pinmux_ops::get_function_name() (bsc#1252773). * CVE-2025-40040: mm/ksm: fix flag-dropping behavior in ksm_madvise (bsc#1252780). * CVE-2025-40048: uio_hv_generic: Let userspace take care of interrupt mask (bsc#1252862). * CVE-2025-40055: ocfs2: fix double free in user_cluster_connect() (bsc#1252821). * CVE-2025-40070: pps: fix warning in pps_register_cdev when register device fail (bsc#1252836). * CVE-2025-40083: net/sched: sch_qfq: Fix null-deref in agg_dequeue (bsc#1252912). * CVE-2025-40173: net/ip6_tunnel: Prevent perpetual tunnel growth (bsc#1253421). * CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253436). * CVE-2025-40205: btrfs: avoid potential out-of-bounds in btrfs_encode_fh() (bsc#1253456). The following non-security bugs were fixed: * KVM: x86: Give a hint when Win2016 might fail to boot due to XSAVES erratum (git-fixes). * PCI: aardvark: Fix checking for MEM resource type (git-fixes). * cifs: Check the lease context if we actually got a lease (bsc#1228688). * cifs: return a single-use cfid if we did not get a lease (bsc#1228688). * dmaengine: bcm2835: Avoid GFP_KERNEL in device_prep_slave_sg (bsc#1070872). * kabi/severities: Update info about kvm_86_ops. * net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve (bsc#1220419). * skmsg: Return copied bytes insk_msg_memcopy_from_iter (bsc#1250650). * smb3: fix Open files on server counter going negative (git-fixes). * tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock-> cork (bsc#1250705). * tcp_bpf: Fix copied value in tcp_bpf_sendmsg (bsc#1250650). * thermal: intel_powerclamp: Use first online CPU as control_cpu (bsc#1251173). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-4515=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-4515=1 * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-4515=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * kernel-default-base-debuginfo-4.12.14-122.283.1 * cluster-md-kmp-default-4.12.14-122.283.1 * dlm-kmp-default-debuginfo-4.12.14-122.283.1 * gfs2-kmp-default-debuginfo-4.12.14-122.283.1 * kernel-default-debugsource-4.12.14-122.283.1 * kernel-default-debuginfo-4.12.14-122.283.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.283.1 * kernel-syms-4.12.14-122.283.1 * dlm-kmp-default-4.12.14-122.283.1 * gfs2-kmp-default-4.12.14-122.283.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.283.1 * ocfs2-kmp-default-4.12.14-122.283.1 * kernel-default-devel-4.12.14-122.283.1 * kernel-default-base-4.12.14-122.283.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-4.12.14-122.283.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * kernel-source-4.12.14-122.283.1 *kernel-macros-4.12.14-122.283.1 * kernel-devel-4.12.14-122.283.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x) * kernel-default-man-4.12.14-122.283.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.283.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * kernel-default-base-debuginfo-4.12.14-122.283.1 * cluster-md-kmp-default-4.12.14-122.283.1 * dlm-kmp-default-debuginfo-4.12.14-122.283.1 * gfs2-kmp-default-debuginfo-4.12.14-122.283.1 * kernel-default-devel-debuginfo-4.12.14-122.283.1 * kernel-default-debugsource-4.12.14-122.283.1 * kernel-default-debuginfo-4.12.14-122.283.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.283.1 * kernel-syms-4.12.14-122.283.1 * dlm-kmp-default-4.12.14-122.283.1 * gfs2-kmp-default-4.12.14-122.283.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.283.1 * ocfs2-kmp-default-4.12.14-122.283.1 * kernel-default-devel-4.12.14-122.283.1 * kernel-default-base-4.12.14-122.283.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (nosrc x86_64) * kernel-default-4.12.14-122.283.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * kernel-source-4.12.14-122.283.1 * kernel-macros-4.12.14-122.283.1 * kernel-devel-4.12.14-122.283.1 * SUSE Linux Enterprise Live Patching 12-SP5 (nosrc) * kernel-default-4.12.14-122.283.1 * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kernel-default-debugsource-4.12.14-122.283.1 * kgraft-patch-4_12_14-122_283-default-1-8.3.1 * kernel-default-kgraft-devel-4.12.14-122.283.1 * kernel-default-debuginfo-4.12.14-122.283.1 * kernel-default-kgraft-4.12.14-122.283.1 ## References: * https://www.suse.com/security/cve/CVE-2022-50364.html * https://www.suse.com/security/cve/CVE-2022-50368.html * https://www.suse.com/security/cve/CVE-2022-50494.html * https://www.suse.com/security/cve/CVE-2022-50545.html *https://www.suse.com/security/cve/CVE-2022-50551.html * https://www.suse.com/security/cve/CVE-2022-50569.html * https://www.suse.com/security/cve/CVE-2022-50578.html * https://www.suse.com/security/cve/CVE-2023-53229.html * https://www.suse.com/security/cve/CVE-2023-53369.html * https://www.suse.com/security/cve/CVE-2023-53431.html * https://www.suse.com/security/cve/CVE-2023-53542.html * https://www.suse.com/security/cve/CVE-2023-53597.html * https://www.suse.com/security/cve/CVE-2023-53641.html * https://www.suse.com/security/cve/CVE-2023-53676.html * https://www.suse.com/security/cve/CVE-2025-38436.html * https://www.suse.com/security/cve/CVE-2025-39819.html * https://www.suse.com/security/cve/CVE-2025-39967.html * https://www.suse.com/security/cve/CVE-2025-40001.html * https://www.suse.com/security/cve/CVE-2025-40027.html * https://www.suse.com/security/cve/CVE-2025-40030.html * https://www.suse.com/security/cve/CVE-2025-40040.html * https://www.suse.com/security/cve/CVE-2025-40048.html * https://www.suse.com/security/cve/CVE-2025-40055.html * https://www.suse.com/security/cve/CVE-2025-40070.html * https://www.suse.com/security/cve/CVE-2025-40083.html * https://www.suse.com/security/cve/CVE-2025-40173.html * https://www.suse.com/security/cve/CVE-2025-40186.html * https://www.suse.com/security/cve/CVE-2025-40204.html * https://www.suse.com/security/cve/CVE-2025-40205.html * https://bugzilla.suse.com/show_bug.cgi?id=1070872 * https://bugzilla.suse.com/show_bug.cgi?id=1220419 * https://bugzilla.suse.com/show_bug.cgi?id=1228688 * https://bugzilla.suse.com/show_bug.cgi?id=1247227 * https://bugzilla.suse.com/show_bug.cgi?id=1249650 * https://bugzilla.suse.com/show_bug.cgi?id=1250009 * https://bugzilla.suse.com/show_bug.cgi?id=1250083 * https://bugzilla.suse.com/show_bug.cgi?id=1250176 * https://bugzilla.suse.com/show_bug.cgi?id=1250206 * https://bugzilla.suse.com/show_bug.cgi?id=1250374 * https://bugzilla.suse.com/show_bug.cgi?id=1250650 *https://bugzilla.suse.com/show_bug.cgi?id=1250705 * https://bugzilla.suse.com/show_bug.cgi?id=1251154 * https://bugzilla.suse.com/show_bug.cgi?id=1251159 * https://bugzilla.suse.com/show_bug.cgi?id=1251173 * https://bugzilla.suse.com/show_bug.cgi?id=1251285 * https://bugzilla.suse.com/show_bug.cgi?id=1251322 * https://bugzilla.suse.com/show_bug.cgi?id=1251728 * https://bugzilla.suse.com/show_bug.cgi?id=1251786 * https://bugzilla.suse.com/show_bug.cgi?id=1252033 * https://bugzilla.suse.com/show_bug.cgi?id=1252303 * https://bugzilla.suse.com/show_bug.cgi?id=1252519 * https://bugzilla.suse.com/show_bug.cgi?id=1252640 * https://bugzilla.suse.com/show_bug.cgi?id=1252763 * https://bugzilla.suse.com/show_bug.cgi?id=1252773 * https://bugzilla.suse.com/show_bug.cgi?id=1252780 * https://bugzilla.suse.com/show_bug.cgi?id=1252821 * https://bugzilla.suse.com/show_bug.cgi?id=1252836 * https://bugzilla.suse.com/show_bug.cgi?id=1252862 * https://bugzilla.suse.com/show_bug.cgi?id=1252912 * https://bugzilla.suse.com/show_bug.cgi?id=1253237 * https://bugzilla.suse.com/show_bug.cgi?id=1253421 * https://bugzilla.suse.com/show_bug.cgi?id=1253436 * https://bugzilla.suse.com/show_bug.cgi?id=1253438 * https://bugzilla.suse.com/show_bug.cgi?id=1253456 . SUSE's important security update addresses 29 vulnerabilities in the kernel, requiring immediate action.. SUSE Linux, security update, kernel vulnerabilities, security fix, system update. . Severity: Important. LinuxSecurity.com Team
Dec 24, 2025
•Important
SuSE
217
security advisorymoderateremediationOracle Linux 9 Security Advisory ELSA-2025-22376 for libxml2 CVE-2025-9714
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-22376 http://linux.oracle.com/errata/ELSA-2025-22376.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: libxml2-2.9.13-14.el9_7.i686.rpm libxml2-2.9.13-14.el9_7.x86_64.rpm libxml2-devel-2.9.13-14.el9_7.i686.rpm libxml2-devel-2.9.13-14.el9_7.x86_64.rpm python3-libxml2-2.9.13-14.el9_7.x86_64.rpm aarch64: libxml2-2.9.13-14.el9_7.aarch64.rpm libxml2-devel-2.9.13-14.el9_7.aarch64.rpm python3-libxml2-2.9.13-14.el9_7.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/libxml2-2.9.13-14.el9_7.src.rpm Related CVEs: CVE-2025-9714 Description of changes: [2.9.13-14] - Rebuilt for the correct target in RHEL (9.7-z) (RHEL-119283) [2.9.13-13] - Fix CVE-2025-9714 (RHEL-119283) _______________________________________________ El-errata mailing list
Dec 03, 2025
•Important
Oracle
100
security advisorySuSEDoSSUSE: Kernel-Livepatch Important DoS Vulnerabilities 2025:20944-1
* bsc#1248631 * bsc#1249207 * bsc#1249208 Cross-References: . # Security update for kernel-livepatch-MICRO-6-0_Update_6 Announcement ID: SUSE-SU-2025:20944-1 Release Date: 2025-11-05T16:11:42Z Rating: important References: * bsc#1248631 * bsc#1249207 * bsc#1249208 Cross-References: * CVE-2025-38617 * CVE-2025-38618 * CVE-2025-38664 CVSS scores: * CVE-2025-38617 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38617 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38618 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38618 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves three vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_6 fixes the following issues: * CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631) * CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207) * CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-188=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-28-default-debuginfo-9-3.1 * kernel-livepatch-MICRO-6-0_Update_6-debugsource-9-3.1 * kernel-livepatch-6_4_0-28-default-9-3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38617.html *https://www.suse.com/security/cve/CVE-2025-38618.html * https://www.suse.com/security/cve/CVE-2025-38664.html * https://bugzilla.suse.com/show_bug.cgi?id=1248631 * https://bugzilla.suse.com/show_bug.cgi?id=1249207 * https://bugzilla.suse.com/show_bug.cgi?id=1249208 . Critical update for SUSE Linux Micro 6.0 addressing vulnerabilities affecting kernel-livepatch. Immediate action required.. kernel-livepatch, SUSE Linux Micro 6.0, security update, critical vulnerabilities. . Severity: Important. LinuxSecurity.com Team
Nov 11, 2025
•Important
SuSE
217
security advisorysecurity updateimportantOracle Linux 8: ELSA-2025-19909 tigervnc Important Security Fixes
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-19909 http://linux.oracle.com/errata/ELSA-2025-19909.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: tigervnc-1.15.0-8.el8_10.x86_64.rpm tigervnc-icons-1.15.0-8.el8_10.noarch.rpm tigervnc-license-1.15.0-8.el8_10.noarch.rpm tigervnc-selinux-1.15.0-8.el8_10.noarch.rpm tigervnc-server-1.15.0-8.el8_10.x86_64.rpm tigervnc-server-minimal-1.15.0-8.el8_10.x86_64.rpm tigervnc-server-module-1.15.0-8.el8_10.x86_64.rpm aarch64: tigervnc-1.15.0-8.el8_10.aarch64.rpm tigervnc-icons-1.15.0-8.el8_10.noarch.rpm tigervnc-license-1.15.0-8.el8_10.noarch.rpm tigervnc-selinux-1.15.0-8.el8_10.noarch.rpm tigervnc-server-1.15.0-8.el8_10.aarch64.rpm tigervnc-server-minimal-1.15.0-8.el8_10.aarch64.rpm tigervnc-server-module-1.15.0-8.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/tigervnc-1.15.0-8.el8_10.src.rpm Related CVEs: CVE-2025-62229 CVE-2025-62230 CVE-2025-62231 Description of changes: [1.15.0-8] - Fix CVE-2025-62229: xorg-x11-server: Use-after-free in XPresentNotify structures creation Resolves: RHEL-119979 - Fix CVE-2025-62230: xorg-x11-server: Use-after-free in Xkb client resource removal Resolves: RHEL-120001 - Fix CVE-2025-62231: xorg-x11-server: Value overflow in Xkb extension XkbSetCompatMap() Resolves: RHEL-120762 _______________________________________________ El-errata mailing list
Nov 07, 2025
•Important
Oracle
89
security advisoryfedorathreatFedora 41: Kubernetes v1.33.4 Fixes Self-Deleting Nodes CVE-2025-5187
Update to release v1.33.4 Resolves: rhbz#2388412 Fixes CVE-2025-5187: Nodes can delete themselves by adding an OwnerReference Upstream fixes. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-51e8d5ec56 2025-08-23 01:31:19.590130+00:00 -------------------------------------------------------------------------------- Name : kubernetes1.33 Product : Fedora 41 Version : 1.33.4 Release : 1.fc41 URL : https://github.com/kubernetes/kubernetes Summary : Open Source Production-Grade Container Scheduling And Management Platform Description : Production-Grade Container Scheduling and Management. Installs kubelet, the kubernetes agent on each machine in a cluster. The kubernetes-client sub-package, containing kubectl, is recommended but not strictly required. The kubernetes-client sub-package should be installed on control plane machines. -------------------------------------------------------------------------------- Update Information: Update to release v1.33.4 Resolves: rhbz#2388412 Fixes CVE-2025-5187: Nodes can delete themselves by adding an OwnerReference Upstream fixes -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 13 2025 Bradley G Smith - 1.33.4-1 - Update to release v1.33.4 - Resolves: rhbz#2388412 - Fixes CVE-2025-5187: Nodes can delete themselves by adding an OwnerReference - Upstream fixes * Thu Jul 24 2025 Fedora Release Engineering - 1.33.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild * Wed Jul 16 2025 Bradley G Smith - 1.33.3-1 - Update to release v1.33.3 - Resolves: rhbz#2380409 - Upstream fixes * Wed Jun 18 2025 Bradley G Smith - 1.33.2-1 - Update to release v1.33.2 - Resolves CVE-2025-4563 - Upstream fixes and cleanups * Thu May 15 2025 Bradley G Smith - 1.33.1-1 - Update to v1.33.1 - Resolves: rhbz#2366642 - Upstream fixes - Read upstream changelog forimportant details if upgrading cluster from v1.32.x or earlier. * Wed Apr 23 2025 Bradley G Smith - 1.33.0-1 - Initial release v1.33.0 - Resolves: rhbz#2361917 - Initial release for Kubernetes 1.33. - Major changes, updates and fixes; See upstream changelog. - Upstream changelog has a 'Must Read' statement * Wed Feb 19 2025 Bradley G Smith - 1.33.0~alpha.2-1 - Add initial v1.33 spec file * Tue Oct 29 2024 Bradley G Smith - RPMAUTOSPEC: unresolvable merge -------------------------------------------------------------------------------- References: [ 1 ] Bug #2388412 - kubernetes1.32-1.33.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2388412 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-51e8d5ec56' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Aug 23, 2025
•Important
Fedora
217
security advisoryupdateimportantOracle Linux 7: ELSA-2025-11984 python-setuptools Moderate CVE-2025-47273
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-11984 http://linux.oracle.com/errata/ELSA-2025-11984.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: python-setuptools-0.9.8-7.0.3.el7.noarch.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/python-setuptools-0.9.8-7.0.3.el7.src.rpm Related CVEs: CVE-2025-47273 Description of changes: [0.9.8-7.0.3] - Fix CVE-2025-47273 [Orabug: 38247921] _______________________________________________ El-errata mailing list
Aug 06, 2025
Oracle
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!