Explore top 10 tips to secure your open-source projects now. Read More
×Several security issues were fixed in curl.. ========================================================================== Ubuntu Security Notice USN-8487-1 June 30, 2026 curl vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in curl. Software Description: - curl: HTTP, HTTPS, and FTP client and client libraries Details: Andrew Nesbitt discovered that curl could reuse an existing live connection during STARTTLS-based connection upgrades even when the TLS configuration did not match. A remote attacker could possibly use this issue to cause curl to use an unintended TLS configuration. (CVE-2026-8286) Muhamad Arga Reksapati discovered that curl incorrectly reused connections for Negotiate-authenticated requests when different services were involved. A remote attacker could possibly use this issue to access resources authenticated for another service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-8458) It was discovered that curl incorrectly handled cookie parsing in certain circumstances. A remote attacker could possibly use this issue to set cookies that would be transmitted to unrelated third-party domains. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-8924) Joshua Rogers discovered that curl could double-free a GSASL context when handling SASL authentication. A remote attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-8925) Joshua Rogersdiscovered that curl could select the wrong password from a .netrc file when a username was specified in the URL without a password. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS. (CVE-2026-8926) Ady Elouej discovered that curl did not clear proxy authentication state between requests when reusing a handle with environment-variable proxy configuration. A remote attacker could possibly use this issue to obtain sensitive credentials. (CVE-2026-8927) Guannan Wang, Zhanpeng Liu, Jiashuo Liang, and Guancheng Li discovered that curl did not properly clear proxy authentication credentials when instructed to do so. A remote attacker could possibly use this issue to obtain sensitive credentials. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS. (CVE-2026-9079) Joshua Rogers discovered that curl contained a use-after-free when curl_easy_pause() was called within the event-based socket callback. A remote attacker could possibly use this issue to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS. (CVE-2026-9080) Eunsoo Kim discovered that curl could send early data on a resumed TLS session before enforcing certificate verification failure. A machine-in-the-middle attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS. (CVE-2026-9545) Joshua Rogers discovered that curl did not properly reject host key type mismatches when using the SSH key callback for SCP and SFTP transfers. A machine-in-the-middle attacker could possibly use this issue to impersonate a trusted server. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-9547) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS curl 8.18.0-1ubuntu2.2 libcurl3t64-gnutls 8.18.0-1ubuntu2.2 libcurl4-gnutls-dev 8.18.0-1ubuntu2.2 libcurl4-openssl-dev 8.18.0-1ubuntu2.2 libcurl4t64 8.18.0-1ubuntu2.2 Ubuntu 25.10 curl 8.14.1-2ubuntu1.4 libcurl3t64-gnutls 8.14.1-2ubuntu1.4 libcurl4-gnutls-dev 8.14.1-2ubuntu1.4 libcurl4-openssl-dev 8.14.1-2ubuntu1.4 libcurl4t64 8.14.1-2ubuntu1.4 Ubuntu 24.04 LTS curl 8.5.0-2ubuntu10.10 libcurl3t64-gnutls 8.5.0-2ubuntu10.10 libcurl4-gnutls-dev 8.5.0-2ubuntu10.10 libcurl4-openssl-dev 8.5.0-2ubuntu10.10 libcurl4t64 8.5.0-2ubuntu10.10 Ubuntu 22.04 LTS curl 7.81.0-1ubuntu1.25 libcurl3-gnutls 7.81.0-1ubuntu1.25 libcurl3-nss 7.81.0-1ubuntu1.25 libcurl4 7.81.0-1ubuntu1.25 libcurl4-gnutls-dev 7.81.0-1ubuntu1.25 libcurl4-nss-dev 7.81.0-1ubuntu1.25 libcurl4-openssl-dev 7.81.0-1ubuntu1.25 Ubuntu 20.04 LTS curl 7.68.0-1ubuntu2.25+esm4 Available with Ubuntu Pro libcurl3-gnutls 7.68.0-1ubuntu2.25+esm4 Available with Ubuntu Pro libcurl3-nss 7.68.0-1ubuntu2.25+esm4 Available with Ubuntu Pro libcurl4 7.68.0-1ubuntu2.25+esm4 Available with Ubuntu Pro libcurl4-gnutls-dev 7.68.0-1ubuntu2.25+esm4 Available with Ubuntu Pro libcurl4-nss-dev 7.68.0-1ubuntu2.25+esm4 Available with Ubuntu Pro libcurl4-openssl-dev 7.68.0-1ubuntu2.25+esm4 Available with Ubuntu Pro Ubuntu 18.04 LTS curl 7.58.0-2ubuntu3.24+esm9 Available with Ubuntu Pro libcurl3-gnutls 7.58.0-2ubuntu3.24+esm9 Available with Ubuntu Pro libcurl3-nss 7.58.0-2ubuntu3.24+esm9 Available with Ubuntu Pro libcurl4 7.58.0-2ubuntu3.24+esm9 Available with Ubuntu Pro libcurl4-gnutls-dev 7.58.0-2ubuntu3.24+esm9 Available with Ubuntu Pro libcurl4-nss-dev 7.58.0-2ubuntu3.24+esm9 Available with Ubuntu Pro libcurl4-openssl-dev 7.58.0-2ubuntu3.24+esm9 Available with Ubuntu Pro Ubuntu 16.04 LTS curl 7.47.0-1ubuntu2.19+esm16 Available with Ubuntu Pro libcurl3 7.47.0-1ubuntu2.19+esm16 Available with Ubuntu Pro libcurl3-gnutls 7.47.0-1ubuntu2.19+esm16 Available with Ubuntu Pro libcurl3-nss 7.47.0-1ubuntu2.19+esm16 Available with Ubuntu Pro libcurl4-gnutls-dev 7.47.0-1ubuntu2.19+esm16 Available with Ubuntu Pro libcurl4-nss-dev 7.47.0-1ubuntu2.19+esm16 Available with Ubuntu Pro libcurl4-openssl-dev 7.47.0-1ubuntu2.19+esm16 Available with Ubuntu Pro Ubuntu 14.04 LTS curl 7.35.0-1ubuntu2.20+esm20 Available with Ubuntu Pro libcurl3 7.35.0-1ubuntu2.20+esm20 Available with Ubuntu Pro libcurl3-gnutls 7.35.0-1ubuntu2.20+esm20 Available with Ubuntu Pro libcurl3-nss 7.35.0-1ubuntu2.20+esm20 Available with Ubuntu Pro libcurl4-gnutls-dev 7.35.0-1ubuntu2.20+esm20 Available with Ubuntu Pro libcurl4-nss-dev 7.35.0-1ubuntu2.20+esm20 Available with Ubuntu Pro libcurl4-openssl-dev 7.35.0-1ubuntu2.20+esm20 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8487-1 CVE-2026-8286, CVE-2026-8458, CVE-2026-8924, CVE-2026-8925, CVE-2026-8926, CVE-2026-8927, CVE-2026-9079, CVE-2026-9080, CVE-2026-9545, CVE-2026-9547 Package Information: https://launchpad.net/ubuntu/+source/curl/8.18.0-1ubuntu2.2 https://launchpad.net/ubuntu/+source/curl/8.14.1-2ubuntu1.4 https://launchpad.net/ubuntu/+source/curl/8.5.0-2ubuntu10.10 https://launchpad.net/ubuntu/+source/curl/7.81.0-1ubuntu1.25 . Multiple security issues were addressed in curl for various Ubuntu releases to enhance system integrity and security.. curl security update, ubuntu package update, system vulnerability fix, TLS configuration issues. . Severity: Important. LinuxSecurity.com Team
An update that solves 29 vulnerabilities and has four security fixes can now be installed.. # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:2658-1 Release Date: 2026-06-26T13:07:34Z Rating: important References: * bsc#1247954 * bsc#1255416 * bsc#1258538 * bsc#1260531 * bsc#1261700 * bsc#1262663 * bsc#1262993 * bsc#1263769 * bsc#1263879 * bsc#1263880 * bsc#1264076 * bsc#1264093 * bsc#1264116 * bsc#1264470 * bsc#1264610 * bsc#1265116 * bsc#1265211 * bsc#1265960 * bsc#1266214 * bsc#1266290 * bsc#1266810 * bsc#1266969 * bsc#1267205 * bsc#1267214 * bsc#1267220 * bsc#1267361 * bsc#1267369 * bsc#1267387 * bsc#1267621 * bsc#1267640 * bsc#1267651 * bsc#1267652 * bsc#1267697 Cross-References: * CVE-2025-10263 * CVE-2025-68324 * CVE-2026-23392 * CVE-2026-31405 * CVE-2026-31473 * CVE-2026-31500 * CVE-2026-31613 * CVE-2026-31697 * CVE-2026-31698 * CVE-2026-31699 * CVE-2026-31758 * CVE-2026-31759 * CVE-2026-43077 * CVE-2026-43198 * CVE-2026-43366 * CVE-2026-43503 * CVE-2026-45886 * CVE-2026-45970 * CVE-2026-45984 * CVE-2026-46021 * CVE-2026-46037 * CVE-2026-46113 * CVE-2026-46116 * CVE-2026-46120 * CVE-2026-46123 * CVE-2026-46150 * CVE-2026-46159 * CVE-2026-46227 * CVE-2026-46273 CVSS scores: * CVE-2025-10263 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-68324 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23392 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31405 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31405 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H *CVE-2026-31473 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31473 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31473 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31500 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31500 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31500 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31613 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31613 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31613 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2026-31697 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31697 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31698 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31698 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31699 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31699 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31758 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31758 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31758 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31759 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31759 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-31759 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43077 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43077 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43198 ( SUSE): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43198 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43198 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43366 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43366 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43366 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43503 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43503 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43503 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-45886 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45886 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45886 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-45970 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45970 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45984 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45984 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45984 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46021 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46021 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46021 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46037 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46037 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-46037 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-46113 ( SUSE ): 9.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-46113 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46113 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46116 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46116 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46116 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46120 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46123 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46123 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-46123 ( NVD ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-46150 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-46150 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46150 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46159 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46159 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46227 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46227 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46273 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46273 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Live Patching15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 29 vulnerabilities and has four security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs (bsc#1266290). * CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work (bsc#1255416). * CVE-2026-23392: netfilter: nf_tables: release flowtable after rcu grace period on error (bsc#1260531). * CVE-2026-31405: media: dvb-net: fix OOB access in ULE extension header tables (bsc#1261700). * CVE-2026-31473: media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex (bsc#1262663). * CVE-2026-31500: Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock (bsc#1262993). * CVE-2026-31613: smb: client: fix OOB reads parsing symlink error response (bsc#1263769). * CVE-2026-31697: crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed (bsc#1264116). * CVE-2026-31698: crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed (bsc#1263880). * CVE-2026-31699: crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed (bsc#1263879). * CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmc_release (bsc#1264093). * CVE-2026-31759: usb: ulpi: fix double free in ulpi_register_interface() error path (bsc#1264076). * CVE-2026-43077: crypto: algif_aead - Fix minimum RX size check for decryption (bsc#1264470). * CVE-2026-43198: tcp: fix potential race in tcp_v6_syn_recv_sock() (bsc#1264610). * CVE-2026-43366: io_uring/kbuf: check if target buffer list is still legacy on recycle (bsc#1265116). *CVE-2026-45886: bpf: Fix bpf_xdp_store_bytes proto for read-only arg (bsc#1266810). * CVE-2026-45970: bonding: alb: fix UAF in rlb_arp_recv during bond up/down (bsc#1267205). * CVE-2026-45984: gfs2: Move the inode glock locking to gfs2_file_buffered_write (bsc#1267214). * CVE-2026-46021: thermal: core: Fix thermal zone governor cleanup issues (bsc#1267220). * CVE-2026-46037: ipv4: icmp: validate reply type before using icmp_pointers (bsc#1267361). * CVE-2026-46113: KVM: x86/mmu: Add helper to convert SPTE value to its shadow page (bsc#1266969). * CVE-2026-46116: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete (bsc#1267369). * CVE-2026-46120: ip6_gre: Use cached t-> net in ip6erspan_changelink() (bsc#1267640). * CVE-2026-46123: Bluetooth: virtio_bt: clamp rx length before skb_put (bsc#1267621). * CVE-2026-46150: fanotify: fix false positive on permission events (bsc#1267387). * CVE-2026-46159: btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak (bsc#1267652). * CVE-2026-46227: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (bsc#1267697). * CVE-2026-46273: ibmveth: Disable GSO for packets with small MSS (bsc#1265211 bsc#1267651). The following non security issues were fixed: * arm64: tlb: Allow XZR argument to TLBI ops (git-fixes). * arm64: tlb: Optimize ARM64_WORKAROUND_REPEAT_TLBI (git-fixes). * KVM: x86: Constrain guest-supported xfeatures only at KVM_GET_XSAVE{2} (bsc#1247954). * KVM: x86: Remove 'return void' expression for 'void function' (bsc#1247954). * smb: client: correctly handle ErrorContextData as a flexible array (git- fixes). * x86/fpu: Allow caller to constrain xfeatures when copying to uabi buffer (bsc#1247954). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaSTonline_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2658=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2658=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2658=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-2658=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2658=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2658=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2658=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * kernel-default-devel-5.14.21-150500.55.172.2 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.172.2 * kernel-syms-5.14.21-150500.55.172.1 * ocfs2-kmp-default-5.14.21-150500.55.172.2 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.172.2 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.172.2 * kernel-default-debugsource-5.14.21-150500.55.172.2 * gfs2-kmp-default-5.14.21-150500.55.172.2 * kernel-default-debuginfo-5.14.21-150500.55.172.2 * dlm-kmp-default-5.14.21-150500.55.172.2 * cluster-md-kmp-default-5.14.21-150500.55.172.2 * kernel-default-base-5.14.21-150500.55.172.2.150500.6.81.2 * reiserfs-kmp-default-5.14.21-150500.55.172.2 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.172.2 * kernel-obs-build-debugsource-5.14.21-150500.55.172.2 * dlm-kmp-default-debuginfo-5.14.21-150500.55.172.2 * kernel-obs-build-5.14.21-150500.55.172.2 * kernel-default-devel-debuginfo-5.14.21-150500.55.172.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (nosrcppc64le x86_64) * kernel-default-5.14.21-150500.55.172.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * kernel-devel-5.14.21-150500.55.172.2 * kernel-macros-5.14.21-150500.55.172.2 * kernel-source-5.14.21-150500.55.172.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.172.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * kernel-default-devel-5.14.21-150500.55.172.2 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.172.2 * kernel-syms-5.14.21-150500.55.172.1 * ocfs2-kmp-default-5.14.21-150500.55.172.2 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.172.2 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.172.2 * kernel-default-debugsource-5.14.21-150500.55.172.2 * gfs2-kmp-default-5.14.21-150500.55.172.2 * kernel-default-debuginfo-5.14.21-150500.55.172.2 * dlm-kmp-default-5.14.21-150500.55.172.2 * cluster-md-kmp-default-5.14.21-150500.55.172.2 * kernel-default-base-5.14.21-150500.55.172.2.150500.6.81.2 * kernel-obs-build-debugsource-5.14.21-150500.55.172.2 * dlm-kmp-default-debuginfo-5.14.21-150500.55.172.2 * kernel-obs-build-5.14.21-150500.55.172.2 * kernel-default-devel-debuginfo-5.14.21-150500.55.172.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.172.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64) * kernel-64kb-debuginfo-5.14.21-150500.55.172.2 * kernel-64kb-debugsource-5.14.21-150500.55.172.2 * kernel-64kb-devel-5.14.21-150500.55.172.2 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.172.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150500.55.172.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * kernel-devel-5.14.21-150500.55.172.2 *kernel-macros-5.14.21-150500.55.172.2 * kernel-source-5.14.21-150500.55.172.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.172.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * kernel-default-devel-5.14.21-150500.55.172.2 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.172.2 * kernel-syms-5.14.21-150500.55.172.1 * ocfs2-kmp-default-5.14.21-150500.55.172.2 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.172.2 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.172.2 * kernel-default-debugsource-5.14.21-150500.55.172.2 * gfs2-kmp-default-5.14.21-150500.55.172.2 * kernel-default-debuginfo-5.14.21-150500.55.172.2 * dlm-kmp-default-5.14.21-150500.55.172.2 * cluster-md-kmp-default-5.14.21-150500.55.172.2 * kernel-default-base-5.14.21-150500.55.172.2.150500.6.81.2 * kernel-obs-build-debugsource-5.14.21-150500.55.172.2 * dlm-kmp-default-debuginfo-5.14.21-150500.55.172.2 * kernel-obs-build-5.14.21-150500.55.172.2 * kernel-default-devel-debuginfo-5.14.21-150500.55.172.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150500.55.172.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * kernel-devel-5.14.21-150500.55.172.2 * kernel-macros-5.14.21-150500.55.172.2 * kernel-source-5.14.21-150500.55.172.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.172.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.172.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64) * kernel-64kb-debuginfo-5.14.21-150500.55.172.2 * kernel-64kb-debugsource-5.14.21-150500.55.172.2 * kernel-64kb-devel-5.14.21-150500.55.172.2 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.172.2 * SUSE LinuxEnterprise Live Patching 15-SP5 (nosrc) * kernel-default-5.14.21-150500.55.172.2 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_172-default-1-150500.11.3.2 * kernel-default-debugsource-5.14.21-150500.55.172.2 * kernel-livepatch-5_14_21-150500_55_172-default-debuginfo-1-150500.11.3.2 * kernel-livepatch-SLE15-SP5_Update_42-debugsource-1-150500.11.3.2 * kernel-default-debuginfo-5.14.21-150500.55.172.2 * kernel-default-livepatch-5.14.21-150500.55.172.2 * kernel-default-livepatch-devel-5.14.21-150500.55.172.2 * openSUSE Leap 15.5 (aarch64) * dtb-amazon-5.14.21-150500.55.172.1 * dtb-amd-5.14.21-150500.55.172.1 * dtb-broadcom-5.14.21-150500.55.172.1 * dtb-allwinner-5.14.21-150500.55.172.1 * dlm-kmp-64kb-debuginfo-5.14.21-150500.55.172.2 * ocfs2-kmp-64kb-debuginfo-5.14.21-150500.55.172.2 * kernel-64kb-devel-5.14.21-150500.55.172.2 * reiserfs-kmp-64kb-debuginfo-5.14.21-150500.55.172.2 * dtb-rockchip-5.14.21-150500.55.172.1 * dtb-lg-5.14.21-150500.55.172.1 * kernel-64kb-extra-debuginfo-5.14.21-150500.55.172.2 * dtb-apm-5.14.21-150500.55.172.1 * cluster-md-kmp-64kb-debuginfo-5.14.21-150500.55.172.2 * dtb-amlogic-5.14.21-150500.55.172.1 * dtb-xilinx-5.14.21-150500.55.172.1 * dtb-hisilicon-5.14.21-150500.55.172.1 * dtb-altera-5.14.21-150500.55.172.1 * dtb-cavium-5.14.21-150500.55.172.1 * dtb-socionext-5.14.21-150500.55.172.1 * gfs2-kmp-64kb-5.14.21-150500.55.172.2 * gfs2-kmp-64kb-debuginfo-5.14.21-150500.55.172.2 * kernel-64kb-debugsource-5.14.21-150500.55.172.2 * reiserfs-kmp-64kb-5.14.21-150500.55.172.2 * kselftests-kmp-64kb-5.14.21-150500.55.172.2 * dtb-freescale-5.14.21-150500.55.172.1 * dtb-qcom-5.14.21-150500.55.172.1 * dtb-exynos-5.14.21-150500.55.172.1 * kernel-64kb-optional-5.14.21-150500.55.172.2 * dtb-apple-5.14.21-150500.55.172.1 * kselftests-kmp-64kb-debuginfo-5.14.21-150500.55.172.2 *dtb-mediatek-5.14.21-150500.55.172.1 * dtb-sprd-5.14.21-150500.55.172.1 * ocfs2-kmp-64kb-5.14.21-150500.55.172.2 * kernel-64kb-optional-debuginfo-5.14.21-150500.55.172.2 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.172.2 * dtb-arm-5.14.21-150500.55.172.1 * cluster-md-kmp-64kb-5.14.21-150500.55.172.2 * dtb-nvidia-5.14.21-150500.55.172.1 * kernel-64kb-debuginfo-5.14.21-150500.55.172.2 * kernel-64kb-extra-5.14.21-150500.55.172.2 * dlm-kmp-64kb-5.14.21-150500.55.172.2 * dtb-renesas-5.14.21-150500.55.172.1 * dtb-marvell-5.14.21-150500.55.172.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-5.14.21-150500.55.172.2 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.172.2 * ocfs2-kmp-default-5.14.21-150500.55.172.2 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.172.2 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.172.2 * kernel-default-optional-5.14.21-150500.55.172.2 * kernel-default-debugsource-5.14.21-150500.55.172.2 * kernel-obs-qa-5.14.21-150500.55.172.1 * kernel-default-livepatch-5.14.21-150500.55.172.2 * kernel-default-extra-5.14.21-150500.55.172.2 * gfs2-kmp-default-5.14.21-150500.55.172.2 * kernel-default-debuginfo-5.14.21-150500.55.172.2 * dlm-kmp-default-5.14.21-150500.55.172.2 * dlm-kmp-default-debuginfo-5.14.21-150500.55.172.2 * kselftests-kmp-default-debuginfo-5.14.21-150500.55.172.2 * cluster-md-kmp-default-5.14.21-150500.55.172.2 * kernel-obs-build-5.14.21-150500.55.172.2 * kernel-syms-5.14.21-150500.55.172.1 * kselftests-kmp-default-5.14.21-150500.55.172.2 * kernel-default-optional-debuginfo-5.14.21-150500.55.172.2 * reiserfs-kmp-default-5.14.21-150500.55.172.2 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.172.2 * kernel-obs-build-debugsource-5.14.21-150500.55.172.2 * kernel-default-extra-debuginfo-5.14.21-150500.55.172.2 * kernel-default-devel-debuginfo-5.14.21-150500.55.172.2 * openSUSE Leap 15.5 (nosrc) *dtb-aarch64-5.14.21-150500.55.172.1 * openSUSE Leap 15.5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.172.2 * openSUSE Leap 15.5 (aarch64 nosrc ppc64le s390x x86_64) * kernel-default-5.14.21-150500.55.172.2 * openSUSE Leap 15.5 (aarch64 ppc64le x86_64) * kernel-kvmsmall-devel-debuginfo-5.14.21-150500.55.172.2 * kernel-default-base-5.14.21-150500.55.172.2.150500.6.81.2 * kernel-kvmsmall-debugsource-5.14.21-150500.55.172.2 * kernel-kvmsmall-debuginfo-5.14.21-150500.55.172.2 * kernel-default-base-rebuild-5.14.21-150500.55.172.2.150500.6.81.2 * kernel-kvmsmall-devel-5.14.21-150500.55.172.2 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-5.14.21-150500.55.172.2 * kernel-livepatch-5_14_21-150500_55_172-default-1-150500.11.3.2 * kernel-livepatch-SLE15-SP5_Update_42-debugsource-1-150500.11.3.2 * kernel-livepatch-5_14_21-150500_55_172-default-debuginfo-1-150500.11.3.2 * openSUSE Leap 15.5 (x86_64) * kernel-default-vdso-5.14.21-150500.55.172.2 * kernel-default-vdso-debuginfo-5.14.21-150500.55.172.2 * kernel-kvmsmall-vdso-debuginfo-5.14.21-150500.55.172.2 * kernel-kvmsmall-vdso-5.14.21-150500.55.172.2 * openSUSE Leap 15.5 (noarch) * kernel-docs-html-5.14.21-150500.55.172.1 * kernel-source-vanilla-5.14.21-150500.55.172.2 * kernel-devel-5.14.21-150500.55.172.2 * kernel-macros-5.14.21-150500.55.172.2 * kernel-source-5.14.21-150500.55.172.2 * openSUSE Leap 15.5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.172.1 * openSUSE Leap 15.5 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150500.55.172.2 * openSUSE Leap 15.5 (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.172.2 * openSUSE Leap 15.5 (s390x) * kernel-zfcpdump-debugsource-5.14.21-150500.55.172.2 * kernel-zfcpdump-debuginfo-5.14.21-150500.55.172.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 nosrc ppc64le s390x x86_64) * kernel-default-5.14.21-150500.55.172.2 * SUSE Linux Enterprise Micro 5.5 (aarch64x86_64) * kernel-default-base-5.14.21-150500.55.172.2.150500.6.81.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-5.14.21-150500.55.172.2 * kernel-default-debugsource-5.14.21-150500.55.172.2 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-macros-5.14.21-150500.55.172.2 * kernel-source-5.14.21-150500.55.172.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * kernel-default-devel-5.14.21-150500.55.172.2 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.172.2 * kernel-syms-5.14.21-150500.55.172.1 * ocfs2-kmp-default-5.14.21-150500.55.172.2 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.172.2 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.172.2 * kernel-default-debugsource-5.14.21-150500.55.172.2 * gfs2-kmp-default-5.14.21-150500.55.172.2 * kernel-default-debuginfo-5.14.21-150500.55.172.2 * dlm-kmp-default-5.14.21-150500.55.172.2 * cluster-md-kmp-default-5.14.21-150500.55.172.2 * reiserfs-kmp-default-5.14.21-150500.55.172.2 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.172.2 * kernel-obs-build-debugsource-5.14.21-150500.55.172.2 * dlm-kmp-default-debuginfo-5.14.21-150500.55.172.2 * kernel-obs-build-5.14.21-150500.55.172.2 * kernel-default-devel-debuginfo-5.14.21-150500.55.172.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 nosrc ppc64le s390x x86_64) * kernel-default-5.14.21-150500.55.172.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150500.55.172.2.150500.6.81.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * kernel-devel-5.14.21-150500.55.172.2 * kernel-macros-5.14.21-150500.55.172.2 * kernel-source-5.14.21-150500.55.172.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch nosrc) * kernel-docs-5.14.21-150500.55.172.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.172.2 * SUSE LinuxEnterprise Server 15 SP5 LTSS (s390x) * kernel-zfcpdump-debugsource-5.14.21-150500.55.172.2 * kernel-zfcpdump-debuginfo-5.14.21-150500.55.172.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.172.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64) * kernel-64kb-debuginfo-5.14.21-150500.55.172.2 * kernel-64kb-debugsource-5.14.21-150500.55.172.2 * kernel-64kb-devel-5.14.21-150500.55.172.2 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.172.2 ## References: * https://www.suse.com/security/cve/CVE-2025-10263.html * https://www.suse.com/security/cve/CVE-2025-68324.html * https://www.suse.com/security/cve/CVE-2026-23392.html * https://www.suse.com/security/cve/CVE-2026-31405.html * https://www.suse.com/security/cve/CVE-2026-31473.html * https://www.suse.com/security/cve/CVE-2026-31500.html * https://www.suse.com/security/cve/CVE-2026-31613.html * https://www.suse.com/security/cve/CVE-2026-31697.html * https://www.suse.com/security/cve/CVE-2026-31698.html * https://www.suse.com/security/cve/CVE-2026-31699.html * https://www.suse.com/security/cve/CVE-2026-31758.html * https://www.suse.com/security/cve/CVE-2026-31759.html * https://www.suse.com/security/cve/CVE-2026-43077.html * https://www.suse.com/security/cve/CVE-2026-43198.html * https://www.suse.com/security/cve/CVE-2026-43366.html * https://www.suse.com/security/cve/CVE-2026-43503.html * https://www.suse.com/security/cve/CVE-2026-45886.html * https://www.suse.com/security/cve/CVE-2026-45970.html * https://www.suse.com/security/cve/CVE-2026-45984.html * https://www.suse.com/security/cve/CVE-2026-46021.html * https://www.suse.com/security/cve/CVE-2026-46037.html * https://www.suse.com/security/cve/CVE-2026-46113.html * https://www.suse.com/security/cve/CVE-2026-46116.html * https://www.suse.com/security/cve/CVE-2026-46120.html * https://www.suse.com/security/cve/CVE-2026-46123.html * https://www.suse.com/security/cve/CVE-2026-46150.html * https://www.suse.com/security/cve/CVE-2026-46159.html * https://www.suse.com/security/cve/CVE-2026-46227.html * https://www.suse.com/security/cve/CVE-2026-46273.html * https://bugzilla.suse.com/show_bug.cgi?id=1247954 * https://bugzilla.suse.com/show_bug.cgi?id=1255416 * https://bugzilla.suse.com/show_bug.cgi?id=1258538 * https://bugzilla.suse.com/show_bug.cgi?id=1260531 * https://bugzilla.suse.com/show_bug.cgi?id=1261700 * https://bugzilla.suse.com/show_bug.cgi?id=1262663 * https://bugzilla.suse.com/show_bug.cgi?id=1262993 * https://bugzilla.suse.com/show_bug.cgi?id=1263769 * https://bugzilla.suse.com/show_bug.cgi?id=1263879 * https://bugzilla.suse.com/show_bug.cgi?id=1263880 * https://bugzilla.suse.com/show_bug.cgi?id=1264076 * https://bugzilla.suse.com/show_bug.cgi?id=1264093 * https://bugzilla.suse.com/show_bug.cgi?id=1264116 * https://bugzilla.suse.com/show_bug.cgi?id=1264470 * https://bugzilla.suse.com/show_bug.cgi?id=1264610 * https://bugzilla.suse.com/show_bug.cgi?id=1265116 * https://bugzilla.suse.com/show_bug.cgi?id=1265211 * https://bugzilla.suse.com/show_bug.cgi?id=1265960 * https://bugzilla.suse.com/show_bug.cgi?id=1266214 * https://bugzilla.suse.com/show_bug.cgi?id=1266290 * https://bugzilla.suse.com/show_bug.cgi?id=1266810 * https://bugzilla.suse.com/show_bug.cgi?id=1266969 * https://bugzilla.suse.com/show_bug.cgi?id=1267205 * https://bugzilla.suse.com/show_bug.cgi?id=1267214 * https://bugzilla.suse.com/show_bug.cgi?id=1267220 * https://bugzilla.suse.com/show_bug.cgi?id=1267361 * https://bugzilla.suse.com/show_bug.cgi?id=1267369 * https://bugzilla.suse.com/show_bug.cgi?id=1267387 * https://bugzilla.suse.com/show_bug.cgi?id=1267621 * https://bugzilla.suse.com/show_bug.cgi?id=1267640 * https://bugzilla.suse.com/show_bug.cgi?id=1267651 * https://bugzilla.suse.com/show_bug.cgi?id=1267652 * https://bugzilla.suse.com/show_bug.cgi?id=1267697 . SUSE security update fixes 29 vulnerabilities for kernel, enhancing system stabilityand protection.. SUSE Linux kernel patch, security update, SUSE vulnerabilities, Linux kernel security. . Severity: Important. LinuxSecurity.com Team
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-28999 http://linux.oracle.com/errata/ELSA-2026-28999.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable LinuxNetwork: x86_64: postgresql-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.x86_64.rpm postgresql-contrib-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.x86_64.rpm postgresql-docs-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.x86_64.rpm postgresql-plperl-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.x86_64.rpm postgresql-plpython3-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.x86_64.rpm postgresql-pltcl-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.x86_64.rpm postgresql-server-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.x86_64.rpm postgresql-server-devel-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.x86_64.rpm postgresql-static-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.x86_64.rpm postgresql-test-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.x86_64.rpm postgresql-test-rpm-macros-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.noarch.rpm postgresql-upgrade-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.x86_64.rpm postgresql-upgrade-devel-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.x86_64.rpm aarch64: postgresql-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.aarch64.rpm postgresql-contrib-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.aarch64.rpm postgresql-docs-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.aarch64.rpm postgresql-plperl-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.aarch64.rpm postgresql-plpython3-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.aarch64.rpm postgresql-pltcl-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.aarch64.rpm postgresql-server-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.aarch64.rpm postgresql-server-devel-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.aarch64.rpm postgresql-static-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.aarch64.rpm postgresql-test-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.aarch64.rpm postgresql-test-rpm-macros-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.noarch.rpm postgresql-upgrade-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.aarch64.rpm postgresql-upgrade-devel-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/postgresql-12.22-6.0.1.module+el8.10.0+90932+f6d78e3c.src.rpm Related CVEs: CVE-2026-6473 CVE-2026-6478 Description of changes: [12.22-6.0.1] - Add backport of CVE-2025-8714 [Orabug: 38667546] [12.22-6] - Fix CVE-2026-2004 CVE-2026-2005 CVE-2026-2006 [12.22-5] - Fix previous Backport [12.22-4] - Backport CVE-2025-8715 [12.22-3] - Fix backport for CVE-2025-1094 [12.22-2] - Backport fix for CVE-2025-1094 [12.22-1] - Update to 12.22 - Fixes: CVE-2024-10976 CVE-2024-10978 [12.20-1] - Update to 12.20 - Fix CVE-2024-7348 [12.18-1] - Update to 12.18 - Fix CVE-2024-0985 [12.17-1] - Update to version 12.17 Fix: CVE-2023-5868, CVE-2023-5869, CVE-2023-5870 _______________________________________________ El-errata mailing list
An update that solves 27 vulnerabilities and has nine security fixes can now be installed.. # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:2632-1 Release Date: 2026-06-25T12:36:10Z Rating: important References: * bsc#1255416 * bsc#1258538 * bsc#1260531 * bsc#1261256 * bsc#1262993 * bsc#1263879 * bsc#1263880 * bsc#1264076 * bsc#1264116 * bsc#1264137 * bsc#1264145 * bsc#1264263 * bsc#1264470 * bsc#1264610 * bsc#1265170 * bsc#1265211 * bsc#1265579 * bsc#1266214 * bsc#1266290 * bsc#1266767 * bsc#1266810 * bsc#1266827 * bsc#1267214 * bsc#1267361 * bsc#1267381 * bsc#1267387 * bsc#1267388 * bsc#1267531 * bsc#1267621 * bsc#1267640 * bsc#1267651 * bsc#1267652 * bsc#1267663 * bsc#1267682 * bsc#1267697 * bsc#1268307 Cross-References: * CVE-2025-10263 * CVE-2025-68324 * CVE-2026-23392 * CVE-2026-31500 * CVE-2026-31697 * CVE-2026-31698 * CVE-2026-31699 * CVE-2026-31759 * CVE-2026-31771 * CVE-2026-43023 * CVE-2026-43074 * CVE-2026-43077 * CVE-2026-43198 * CVE-2026-45878 * CVE-2026-45886 * CVE-2026-45932 * CVE-2026-45984 * CVE-2026-46037 * CVE-2026-46090 * CVE-2026-46120 * CVE-2026-46123 * CVE-2026-46150 * CVE-2026-46159 * CVE-2026-46197 * CVE-2026-46209 * CVE-2026-46227 * CVE-2026-46273 CVSS scores: * CVE-2025-10263 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-68324 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23392 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31500 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31500 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31500 ( NVD ): 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31697 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31697 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31698 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31698 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31699 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31699 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31759 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31759 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-31759 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31771 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31771 ( SUSE ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31771 ( NVD ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-43023 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43023 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43023 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43074 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43074 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43074 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43077 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43077 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43198 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43198 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43198 ( NVD ): 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45878 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-45878 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45886 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45886 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45932 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45932 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45932 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2026-45984 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45984 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45984 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46037 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46037 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-46037 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-46090 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46090 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46120 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46123 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46123 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-46123 ( NVD ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-46150 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-46150 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46150 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46159 ( SUSE ): 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46159 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46197 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46197 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46197 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46209 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46227 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46273 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46273 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 27 vulnerabilities and has nine security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs (bsc#1266290). * CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work (bsc#1255416). * CVE-2026-23392: netfilter: nf_tables: release flowtable after rcu grace period on error (bsc#1260531). * CVE-2026-31500: Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock (bsc#1262993). * CVE-2026-31697: crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed (bsc#1264116). * CVE-2026-31698: crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed (bsc#1263880). * CVE-2026-31699: crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed (bsc#1263879). * CVE-2026-31759: usb: ulpi: fix double free in ulpi_register_interface() error path (bsc#1264076). * CVE-2026-31771: Bluetooth: hci_event: move wake reason storage into validated event handlers (bsc#1264145). * CVE-2026-43023: Bluetooth: SCO: fix race conditions in sco_sock_connect() (bsc#1264137). * CVE-2026-43074: eventpoll: defer struct eventpoll free to RCU grace period (bsc#1264263). * CVE-2026-43077: crypto: algif_aead - Fix minimum RX size check for decryption (bsc#1264470). * CVE-2026-43198: tcp: fix potential race in tcp_v6_syn_recv_sock() (bsc#1264610). * CVE-2026-45878: drm/amdkfd: Fix watch_id bounds checking in debug address watch v2 (bsc#1266767). * CVE-2026-45886: bpf: Fix bpf_xdp_store_bytes proto for read-only arg (bsc#1266810). * CVE-2026-45932: bpf: Fix tcx/netkit detach permissions when prog fd isn't given (bsc#1266827). * CVE-2026-45984: gfs2: Move the inode glock locking to gfs2_file_buffered_write (bsc#1267214). * CVE-2026-46037: ipv4: icmp: validate reply type before using icmp_pointers (bsc#1267361). * CVE-2026-46090: ALSA: aloop: Use guard() for spin locks (bsc#1267531). * CVE-2026-46120: ip6_gre: Use cached t-> net in ip6erspan_changelink() (bsc#1267640). * CVE-2026-46123: Bluetooth: virtio_bt: clamp rx length before skb_put (bsc#1267621). * CVE-2026-46150: fanotify: fix false positive on permission events (bsc#1267387). * CVE-2026-46159: btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak (bsc#1267652). * CVE-2026-46197: drm/amdkfd: validate SVM ioctl nattr against buffer size (bsc#1267381). * CVE-2026-46209: drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs()(bsc#1267663). * CVE-2026-46227: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (bsc#1267697). * CVE-2026-46273: ibmveth: Disable GSO for packets with small MSS (bsc#1265211 bsc#1267651). The following non security issues were fixed: * bnxt_en: Fix NULL pointer dereference (bsc#1268307). * Drivers: hv: vmbus: Improve the logic of reserving fb_mmio on Gen2 VMs (git- fixes). * ethtool: provide customized dim profile management (bsc#1261256). * hv: utils: handle and propagate errors in kvp_register (git-fixes). * hyperv: Clean up and fix the guest ID comment in hvgdk.h (git-fixes). * linux/dim: move useful macros to .h file (bsc#1261256). * net: ethtool: add ethtool COALESCE_RX_CQE_FRAMES/NSECS (bsc#1261256). * net: mana: Add ethtool counters for RX CQEs in coalesced type (bsc#1261256). * net: mana: Add support for RX CQE Coalescing (bsc#1261256). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2632=1 * SUSE Linux Enterprise High Availability Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2026-2632=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-2632=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2632=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2632=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * kernel-default-debugsource-6.4.0-150600.23.118.1 * kernel-syms-6.4.0-150600.23.118.1 * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.118.1 *kernel-obs-build-debugsource-6.4.0-150600.23.118.1 * kernel-default-base-6.4.0-150600.23.118.1.150600.12.56.1 * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.118.1 * kernel-obs-build-6.4.0-150600.23.118.1 * dlm-kmp-default-6.4.0-150600.23.118.1 * reiserfs-kmp-default-6.4.0-150600.23.118.1 * dlm-kmp-default-debuginfo-6.4.0-150600.23.118.1 * cluster-md-kmp-default-6.4.0-150600.23.118.1 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.118.1 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.118.1 * kernel-default-devel-debuginfo-6.4.0-150600.23.118.1 * kernel-default-debuginfo-6.4.0-150600.23.118.1 * gfs2-kmp-default-6.4.0-150600.23.118.1 * ocfs2-kmp-default-6.4.0-150600.23.118.1 * kernel-default-devel-6.4.0-150600.23.118.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (nosrc ppc64le x86_64) * kernel-default-6.4.0-150600.23.118.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * kernel-devel-6.4.0-150600.23.118.1 * kernel-macros-6.4.0-150600.23.118.1 * kernel-source-6.4.0-150600.23.118.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch nosrc) * kernel-docs-6.4.0-150600.23.118.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (nosrc) * kernel-default-6.4.0-150600.23.118.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-6.4.0-150600.23.118.1 * kernel-default-debugsource-6.4.0-150600.23.118.1 * SUSE Linux Enterprise Live Patching 15-SP6 (nosrc) * kernel-default-6.4.0-150600.23.118.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_118-default-1-150600.13.3.1 * kernel-default-debugsource-6.4.0-150600.23.118.1 * kernel-default-livepatch-devel-6.4.0-150600.23.118.1 * kernel-default-livepatch-6.4.0-150600.23.118.1 * kernel-livepatch-6_4_0-150600_23_118-default-debuginfo-1-150600.13.3.1 *kernel-default-debuginfo-6.4.0-150600.23.118.1 * kernel-livepatch-SLE15-SP6_Update_28-debugsource-1-150600.13.3.1 * openSUSE Leap 15.6 (aarch64) * dtb-amd-6.4.0-150600.23.118.1 * reiserfs-kmp-64kb-6.4.0-150600.23.118.1 * dtb-apple-6.4.0-150600.23.118.1 * dtb-freescale-6.4.0-150600.23.118.1 * dtb-sprd-6.4.0-150600.23.118.1 * dtb-apm-6.4.0-150600.23.118.1 * kernel-64kb-extra-6.4.0-150600.23.118.1 * dtb-renesas-6.4.0-150600.23.118.1 * kernel-64kb-extra-debuginfo-6.4.0-150600.23.118.1 * gfs2-kmp-64kb-6.4.0-150600.23.118.1 * kernel-64kb-debuginfo-6.4.0-150600.23.118.1 * dtb-lg-6.4.0-150600.23.118.1 * dtb-cavium-6.4.0-150600.23.118.1 * dtb-amazon-6.4.0-150600.23.118.1 * cluster-md-kmp-64kb-6.4.0-150600.23.118.1 * dtb-socionext-6.4.0-150600.23.118.1 * dtb-xilinx-6.4.0-150600.23.118.1 * dlm-kmp-64kb-debuginfo-6.4.0-150600.23.118.1 * cluster-md-kmp-64kb-debuginfo-6.4.0-150600.23.118.1 * dtb-marvell-6.4.0-150600.23.118.1 * dlm-kmp-64kb-6.4.0-150600.23.118.1 * dtb-allwinner-6.4.0-150600.23.118.1 * kselftests-kmp-64kb-6.4.0-150600.23.118.1 * reiserfs-kmp-64kb-debuginfo-6.4.0-150600.23.118.1 * dtb-broadcom-6.4.0-150600.23.118.1 * kernel-64kb-optional-6.4.0-150600.23.118.1 * kselftests-kmp-64kb-debuginfo-6.4.0-150600.23.118.1 * dtb-amlogic-6.4.0-150600.23.118.1 * dtb-hisilicon-6.4.0-150600.23.118.1 * dtb-mediatek-6.4.0-150600.23.118.1 * kernel-64kb-devel-debuginfo-6.4.0-150600.23.118.1 * dtb-altera-6.4.0-150600.23.118.1 * dtb-nvidia-6.4.0-150600.23.118.1 * gfs2-kmp-64kb-debuginfo-6.4.0-150600.23.118.1 * kernel-64kb-debugsource-6.4.0-150600.23.118.1 * kernel-64kb-optional-debuginfo-6.4.0-150600.23.118.1 * ocfs2-kmp-64kb-debuginfo-6.4.0-150600.23.118.1 * dtb-rockchip-6.4.0-150600.23.118.1 * ocfs2-kmp-64kb-6.4.0-150600.23.118.1 * kernel-64kb-devel-6.4.0-150600.23.118.1 * dtb-exynos-6.4.0-150600.23.118.1 * dtb-arm-6.4.0-150600.23.118.1 *dtb-qcom-6.4.0-150600.23.118.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * dlm-kmp-default-debuginfo-6.4.0-150600.23.118.1 * cluster-md-kmp-default-6.4.0-150600.23.118.1 * kernel-default-optional-debuginfo-6.4.0-150600.23.118.1 * kernel-default-debugsource-6.4.0-150600.23.118.1 * kernel-syms-6.4.0-150600.23.118.1 * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.118.1 * kernel-default-extra-debuginfo-6.4.0-150600.23.118.1 * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.118.1 * reiserfs-kmp-default-6.4.0-150600.23.118.1 * kselftests-kmp-default-6.4.0-150600.23.118.1 * kernel-default-devel-debuginfo-6.4.0-150600.23.118.1 * gfs2-kmp-default-6.4.0-150600.23.118.1 * kernel-obs-build-debugsource-6.4.0-150600.23.118.1 * kernel-obs-build-6.4.0-150600.23.118.1 * dlm-kmp-default-6.4.0-150600.23.118.1 * kernel-default-optional-6.4.0-150600.23.118.1 * kernel-default-livepatch-6.4.0-150600.23.118.1 * kernel-obs-qa-6.4.0-150600.23.118.1 * kselftests-kmp-default-debuginfo-6.4.0-150600.23.118.1 * kernel-default-extra-6.4.0-150600.23.118.1 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.118.1 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.118.1 * kernel-default-debuginfo-6.4.0-150600.23.118.1 * ocfs2-kmp-default-6.4.0-150600.23.118.1 * kernel-default-devel-6.4.0-150600.23.118.1 * openSUSE Leap 15.6 (nosrc) * dtb-aarch64-6.4.0-150600.23.118.1 * openSUSE Leap 15.6 (aarch64 nosrc) * kernel-64kb-6.4.0-150600.23.118.1 * openSUSE Leap 15.6 (nosrc ppc64le x86_64) * kernel-debug-6.4.0-150600.23.118.1 * openSUSE Leap 15.6 (ppc64le x86_64) * kernel-debug-devel-debuginfo-6.4.0-150600.23.118.1 * kernel-debug-debuginfo-6.4.0-150600.23.118.1 * kernel-debug-debugsource-6.4.0-150600.23.118.1 * kernel-debug-devel-6.4.0-150600.23.118.1 * openSUSE Leap 15.6 (x86_64) * kernel-default-vdso-6.4.0-150600.23.118.1 * kernel-default-vdso-debuginfo-6.4.0-150600.23.118.1 *kernel-kvmsmall-vdso-6.4.0-150600.23.118.1 * kernel-debug-vdso-6.4.0-150600.23.118.1 * kernel-kvmsmall-vdso-debuginfo-6.4.0-150600.23.118.1 * kernel-debug-vdso-debuginfo-6.4.0-150600.23.118.1 * openSUSE Leap 15.6 (aarch64 nosrc ppc64le s390x x86_64) * kernel-default-6.4.0-150600.23.118.1 * openSUSE Leap 15.6 (aarch64 ppc64le x86_64) * kernel-kvmsmall-debuginfo-6.4.0-150600.23.118.1 * kernel-default-base-rebuild-6.4.0-150600.23.118.1.150600.12.56.1 * kernel-default-base-6.4.0-150600.23.118.1.150600.12.56.1 * kernel-kvmsmall-devel-debuginfo-6.4.0-150600.23.118.1 * kernel-kvmsmall-devel-6.4.0-150600.23.118.1 * kernel-kvmsmall-debugsource-6.4.0-150600.23.118.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-6.4.0-150600.23.118.1 * kernel-livepatch-6_4_0-150600_23_118-default-1-150600.13.3.1 * kernel-livepatch-SLE15-SP6_Update_28-debugsource-1-150600.13.3.1 * kernel-livepatch-6_4_0-150600_23_118-default-debuginfo-1-150600.13.3.1 * openSUSE Leap 15.6 (noarch) * kernel-devel-6.4.0-150600.23.118.1 * kernel-macros-6.4.0-150600.23.118.1 * kernel-source-vanilla-6.4.0-150600.23.118.1 * kernel-source-6.4.0-150600.23.118.1 * kernel-docs-html-6.4.0-150600.23.118.1 * openSUSE Leap 15.6 (noarch nosrc) * kernel-docs-6.4.0-150600.23.118.1 * openSUSE Leap 15.6 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-6.4.0-150600.23.118.1 * openSUSE Leap 15.6 (nosrc s390x) * kernel-zfcpdump-6.4.0-150600.23.118.1 * openSUSE Leap 15.6 (s390x) * kernel-zfcpdump-debugsource-6.4.0-150600.23.118.1 * kernel-zfcpdump-debuginfo-6.4.0-150600.23.118.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * kernel-default-debugsource-6.4.0-150600.23.118.1 * kernel-syms-6.4.0-150600.23.118.1 * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.118.1 * kernel-obs-build-debugsource-6.4.0-150600.23.118.1 * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.118.1 *kernel-obs-build-6.4.0-150600.23.118.1 * dlm-kmp-default-6.4.0-150600.23.118.1 * reiserfs-kmp-default-6.4.0-150600.23.118.1 * dlm-kmp-default-debuginfo-6.4.0-150600.23.118.1 * cluster-md-kmp-default-6.4.0-150600.23.118.1 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.118.1 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.118.1 * kernel-default-devel-debuginfo-6.4.0-150600.23.118.1 * kernel-default-debuginfo-6.4.0-150600.23.118.1 * gfs2-kmp-default-6.4.0-150600.23.118.1 * ocfs2-kmp-default-6.4.0-150600.23.118.1 * kernel-default-devel-6.4.0-150600.23.118.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 nosrc ppc64le s390x x86_64) * kernel-default-6.4.0-150600.23.118.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * kernel-devel-6.4.0-150600.23.118.1 * kernel-macros-6.4.0-150600.23.118.1 * kernel-source-6.4.0-150600.23.118.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch nosrc) * kernel-docs-6.4.0-150600.23.118.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (nosrc s390x) * kernel-zfcpdump-6.4.0-150600.23.118.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (s390x) * kernel-zfcpdump-debugsource-6.4.0-150600.23.118.1 * kernel-zfcpdump-debuginfo-6.4.0-150600.23.118.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 nosrc) * kernel-64kb-6.4.0-150600.23.118.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64) * kernel-64kb-devel-6.4.0-150600.23.118.1 * kernel-64kb-debugsource-6.4.0-150600.23.118.1 * kernel-64kb-debuginfo-6.4.0-150600.23.118.1 * kernel-64kb-devel-debuginfo-6.4.0-150600.23.118.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le x86_64) * kernel-default-base-6.4.0-150600.23.118.1.150600.12.56.1 ## References: * https://www.suse.com/security/cve/CVE-2025-10263.html * https://www.suse.com/security/cve/CVE-2025-68324.html * https://www.suse.com/security/cve/CVE-2026-23392.html * https://www.suse.com/security/cve/CVE-2026-31500.html *https://www.suse.com/security/cve/CVE-2026-31697.html * https://www.suse.com/security/cve/CVE-2026-31698.html * https://www.suse.com/security/cve/CVE-2026-31699.html * https://www.suse.com/security/cve/CVE-2026-31759.html * https://www.suse.com/security/cve/CVE-2026-31771.html * https://www.suse.com/security/cve/CVE-2026-43023.html * https://www.suse.com/security/cve/CVE-2026-43074.html * https://www.suse.com/security/cve/CVE-2026-43077.html * https://www.suse.com/security/cve/CVE-2026-43198.html * https://www.suse.com/security/cve/CVE-2026-45878.html * https://www.suse.com/security/cve/CVE-2026-45886.html * https://www.suse.com/security/cve/CVE-2026-45932.html * https://www.suse.com/security/cve/CVE-2026-45984.html * https://www.suse.com/security/cve/CVE-2026-46037.html * https://www.suse.com/security/cve/CVE-2026-46090.html * https://www.suse.com/security/cve/CVE-2026-46120.html * https://www.suse.com/security/cve/CVE-2026-46123.html * https://www.suse.com/security/cve/CVE-2026-46150.html * https://www.suse.com/security/cve/CVE-2026-46159.html * https://www.suse.com/security/cve/CVE-2026-46197.html * https://www.suse.com/security/cve/CVE-2026-46209.html * https://www.suse.com/security/cve/CVE-2026-46227.html * https://www.suse.com/security/cve/CVE-2026-46273.html * https://bugzilla.suse.com/show_bug.cgi?id=1255416 * https://bugzilla.suse.com/show_bug.cgi?id=1258538 * https://bugzilla.suse.com/show_bug.cgi?id=1260531 * https://bugzilla.suse.com/show_bug.cgi?id=1261256 * https://bugzilla.suse.com/show_bug.cgi?id=1262993 * https://bugzilla.suse.com/show_bug.cgi?id=1263879 * https://bugzilla.suse.com/show_bug.cgi?id=1263880 * https://bugzilla.suse.com/show_bug.cgi?id=1264076 * https://bugzilla.suse.com/show_bug.cgi?id=1264116 * https://bugzilla.suse.com/show_bug.cgi?id=1264137 * https://bugzilla.suse.com/show_bug.cgi?id=1264145 * https://bugzilla.suse.com/show_bug.cgi?id=1264263 * https://bugzilla.suse.com/show_bug.cgi?id=1264470 *https://bugzilla.suse.com/show_bug.cgi?id=1264610 * https://bugzilla.suse.com/show_bug.cgi?id=1265170 * https://bugzilla.suse.com/show_bug.cgi?id=1265211 * https://bugzilla.suse.com/show_bug.cgi?id=1265579 * https://bugzilla.suse.com/show_bug.cgi?id=1266214 * https://bugzilla.suse.com/show_bug.cgi?id=1266290 * https://bugzilla.suse.com/show_bug.cgi?id=1266767 * https://bugzilla.suse.com/show_bug.cgi?id=1266810 * https://bugzilla.suse.com/show_bug.cgi?id=1266827 * https://bugzilla.suse.com/show_bug.cgi?id=1267214 * https://bugzilla.suse.com/show_bug.cgi?id=1267361 * https://bugzilla.suse.com/show_bug.cgi?id=1267381 * https://bugzilla.suse.com/show_bug.cgi?id=1267387 * https://bugzilla.suse.com/show_bug.cgi?id=1267388 * https://bugzilla.suse.com/show_bug.cgi?id=1267531 * https://bugzilla.suse.com/show_bug.cgi?id=1267621 * https://bugzilla.suse.com/show_bug.cgi?id=1267640 * https://bugzilla.suse.com/show_bug.cgi?id=1267651 * https://bugzilla.suse.com/show_bug.cgi?id=1267652 * https://bugzilla.suse.com/show_bug.cgi?id=1267663 * https://bugzilla.suse.com/show_bug.cgi?id=1267682 * https://bugzilla.suse.com/show_bug.cgi?id=1267697 * https://bugzilla.suse.com/show_bug.cgi?id=1268307 . A significant security update for SUSE addresses 27 vulnerabilities in the kernel with crucial fixes available for installation.. SUSE Linux update, kernel security, important security patch. . Severity: Important. LinuxSecurity.com Team
An update that solves 9 vulnerabilities can now be installed.. # kubevirt1.8-container-disk-1.8.3-1.1 on GA media Announcement ID: openSUSE-SU-2026:11091-1 Rating: moderate Cross-References: * CVE-2021-43565 * CVE-2023-26484 * CVE-2023-44487 * CVE-2024-33394 * CVE-2025-22872 * CVE-2025-64433 * CVE-2025-64437 * CVE-2026-33186 * CVE-2026-9804 CVSS scores: * CVE-2021-43565 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-26484 ( SUSE ): 8 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2023-44487 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-33394 ( SUSE ): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2025-22872 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-22872 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2025-64433 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-64433 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-64437 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L * CVE-2025-64437 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-33186 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33186 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-9804 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: * openSUSE Tumbleweed An update that solves 9 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the kubevirt1.8-container-disk-1.8.3-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * kubevirt1.8-container-disk 1.8.3-1.1 * kubevirt1.8-manifests 1.8.3-1.1 * kubevirt1.8-pr-helper-conf 1.8.3-1.1 * kubevirt1.8-sidecar-shim 1.8.3-1.1 * kubevirt1.8-tests 1.8.3-1.1 * kubevirt1.8-virt-api 1.8.3-1.1 * kubevirt1.8-virt-controller 1.8.3-1.1 * kubevirt1.8-virt-exportproxy 1.8.3-1.1 * kubevirt1.8-virt-exportserver 1.8.3-1.1 * kubevirt1.8-virt-handler 1.8.3-1.1 * kubevirt1.8-virt-launcher 1.8.3-1.1 * kubevirt1.8-virt-operator 1.8.3-1.1 * kubevirt1.8-virt-synchronization-controller 1.8.3-1.1 * kubevirt1.8-virtctl 1.8.3-1.1 * obs-service-kubevirt1.8_containers_meta 1.8.3-1.1 ## References: * https://www.suse.com/security/cve/CVE-2021-43565.html * https://www.suse.com/security/cve/CVE-2023-26484.html * https://www.suse.com/security/cve/CVE-2023-44487.html * https://www.suse.com/security/cve/CVE-2024-33394.html * https://www.suse.com/security/cve/CVE-2025-22872.html * https://www.suse.com/security/cve/CVE-2025-64433.html * https://www.suse.com/security/cve/CVE-2025-64437.html * https://www.suse.com/security/cve/CVE-2026-33186.html * https://www.suse.com/security/cve/CVE-2026-9804.html . Update for kubevirt-container-disk on openSUSE solves 9 vulnerabilities with moderate severity—install now!. openSUSE kubevirt security issues vulnerabilities update. . Severity: moderate. LinuxSecurity.com Team
An update that solves 2 vulnerabilities can now be installed.. # python311-pypdf-6.13.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10974-1 Rating: moderate Cross-References: * CVE-2026-48155 * CVE-2026-48735 Affected Products: * openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the python311-pypdf-6.13.0-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * python311-pypdf 6.13.0-1.1 * python313-pypdf 6.13.0-1.1 * python314-pypdf 6.13.0-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-48155.html * https://www.suse.com/security/cve/CVE-2026-48735.html . openSUSE Tumbleweed update fixes moderate issues in python311-pypdf package, enhancing system security and stability.. openSUSE Tumbleweed, python311-pypdf, moderate security issues, vulnerability fixes. . Severity: moderate. LinuxSecurity.com Team
An update that solves three vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:22037-1 Release Date: 2026-06-02T07:41:04Z Rating: important References: * bsc#1261630 * bsc#1261845 * bsc#1265384 Cross-References: * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-46333 CVSS scores: * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.31.1 fixes various security issues The following security issues were fixed: * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively youcan run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-862=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-862=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-livepatch-SLE16_Update_10-debugsource-2-160000.1.1 * kernel-livepatch-6_12_0-160000_31-default-debuginfo-2-160000.1.1 * kernel-livepatch-6_12_0-160000_31-default-2-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * kernel-livepatch-SLE16_Update_10-debugsource-2-160000.1.1 * kernel-livepatch-6_12_0-160000_31-default-debuginfo-2-160000.1.1 * kernel-livepatch-6_12_0-160000_31-default-2-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 . Important security update for SUSE Linux Kernel addressing multiple threats. Ensure your system is patched promptly.. SUSE Linux Kernel update, security patch, system vulnerabilities. . Severity: Important. LinuxSecurity.com Team
An update that solves five vulnerabilities can now be installed.. # Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21961-1 Release Date: 2026-06-01T08:22:30Z Rating: important References: * bsc#1261630 * bsc#1261845 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.30.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-840=1 ## Package List: * SUSE Linux Micro 6.2 (x86_64) * kernel-livepatch-SLE16-RT_Update_9-debugsource-2-160000.1.1 * kernel-livepatch-6_12_0-160000_30-rt-debuginfo-2-160000.1.1 * kernel-livepatch-6_12_0-160000_30-rt-2-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 . Critical update for SUSE Linux Micro addresses five important security issues, enhancing system protection.. SUSE Linux Micro, Kernel RT, security patch, system update, exploit protection. . Severity:Important. LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.