Explore top 10 tips to secure your open-source projects now. Read More
×An update that solves one vulnerability and has 16 fixes can now be installed.. # Security update for update 5.1.3 for SUSE_Multi-Linux_Manager Client Tools and Salt Bundle Announcement ID: SUSE-SU-2026:22536-1 Release Date: 2026-06-15T07:20:25Z Rating: important References: * bsc#1250367 * bsc#1252548 * bsc#1252964 * bsc#1254154 * bsc#1254619 * bsc#1254629 * bsc#1257447 * bsc#1257660 * bsc#1257831 * bsc#1257941 * bsc#1258015 * bsc#1258418 * bsc#1258927 * bsc#1258957 * bsc#1259208 * bsc#1259553 * bsc#1259554 Cross-References: * CVE-2026-31958 CVSS scores: * CVE-2026-31958 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31958 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31958 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-31958 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 * SUSE Linux Micro 6.1 * SUSE Multi-Linux Manager Client Tools for SUSE Linux Micro 6 An update that solves one vulnerability and has 16 fixes can now be installed. ## Description: This update fixes the following issues: golang-github-lusitaniae-apache_exporter: * Internal changes to fix build issues with no impact for customers uyuni-tools: * version 5.1.26-0 * Fixed applying PTF with images from RPMs (bsc#1252548) * Fixed Ssl Key file that can miss if CA password is blank (bsc#1254154) * mgrpxy ssh tuning should happens before crypto policies (bsc#1254619) * Fixed default value for helm registry (bsc#1258927). * Removed hub register command * Optimized postgres migration disk space usage (bsc#1257447) * Added continuous database backup support (bsc#1250367) * Explicitly start proxy pods after operations (bsc#1258015) * Use static supportconfig name toavoid dynamic search (bsc#1257941) * Do not nest multiple tarball files and instead collect all files into one tarball (bsc#1252964) * Show where final tarball was generated (bsc#1259208) * Set proxy config file permissions (bsc#1257660) * version 5.1.25-0 * If PTF image doesn't exists, use the current service image (bsc#1258418) venv-salt-minion: * Security issues fixed: * CVE-2026-31958: Security patch for Salt vendored tornado: Added limits on multipart form data parsing (bsc#1259554) * Added x86_64_v2 as a possible rpm package architecture * Make users with backslash working for salt-ssh (bsc#1254629) * Fixed ansible.playbooks extra-vars quoting (bsc#1257831) * Fixed virtualenv call in test helper to use proper python version * Fixed the issue preventing SELinux profile to be loaded on SLES 16 deployed using cloud images (bsc#1258957) * Fixed the typo causing buiding EL9 bundle without binary dependencies ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Multi-Linux Manager Client Tools for SUSE Linux Micro 6 zypper in -t patch Multi-Linux-ManagerTools-SL-Micro-64=1 ## Package List: * SUSE Multi-Linux Manager Client Tools for SUSE Linux Micro 6 (noarch) * mgrctl-zsh-completion-5.1.26-1.1 * mgrctl-lang-5.1.26-1.1 * mgrctl-bash-completion-5.1.26-1.1 * SUSE Multi-Linux Manager Client Tools for SUSE Linux Micro 6 (aarch64 ppc64le s390x x86_64) * mgrctl-5.1.26-1.1 * mgrctl-debuginfo-5.1.26-1.1 * venv-salt-minion-3006.0-11.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31958.html * https://bugzilla.suse.com/show_bug.cgi?id=1250367 * https://bugzilla.suse.com/show_bug.cgi?id=1252548 * https://bugzilla.suse.com/show_bug.cgi?id=1252964 * https://bugzilla.suse.com/show_bug.cgi?id=1254154 * https://bugzilla.suse.com/show_bug.cgi?id=1254619 *https://bugzilla.suse.com/show_bug.cgi?id=1254629 * https://bugzilla.suse.com/show_bug.cgi?id=1257447 * https://bugzilla.suse.com/show_bug.cgi?id=1257660 * https://bugzilla.suse.com/show_bug.cgi?id=1257831 * https://bugzilla.suse.com/show_bug.cgi?id=1257941 * https://bugzilla.suse.com/show_bug.cgi?id=1258015 * https://bugzilla.suse.com/show_bug.cgi?id=1258418 * https://bugzilla.suse.com/show_bug.cgi?id=1258927 * https://bugzilla.suse.com/show_bug.cgi?id=1258957 * https://bugzilla.suse.com/show_bug.cgi?id=1259208 * https://bugzilla.suse.com/show_bug.cgi?id=1259553 * https://bugzilla.suse.com/show_bug.cgi?id=1259554 . Update fixes one issue and deploys 16 patches for SUSE Multi-Linux Manager Client Tools and Salt Bundle.. SUSE Client Tools, Salt Bundle, update fixes, security patch. . Severity: Important. LinuxSecurity.com Team
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-23258 http://linux.oracle.com/errata/ELSA-2026-23258.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-4.18.0-553.129.1.el8_10.x86_64.rpm kernel-4.18.0-553.129.1.el8_10.x86_64.rpm kernel-abi-stablelists-4.18.0-553.129.1.el8_10.noarch.rpm kernel-core-4.18.0-553.129.1.el8_10.x86_64.rpm kernel-cross-headers-4.18.0-553.129.1.el8_10.x86_64.rpm kernel-debug-4.18.0-553.129.1.el8_10.x86_64.rpm kernel-debug-core-4.18.0-553.129.1.el8_10.x86_64.rpm kernel-debug-devel-4.18.0-553.129.1.el8_10.x86_64.rpm kernel-debug-modules-4.18.0-553.129.1.el8_10.x86_64.rpm kernel-debug-modules-extra-4.18.0-553.129.1.el8_10.x86_64.rpm kernel-devel-4.18.0-553.129.1.el8_10.x86_64.rpm kernel-doc-4.18.0-553.129.1.el8_10.noarch.rpm kernel-headers-4.18.0-553.129.1.el8_10.x86_64.rpm kernel-modules-4.18.0-553.129.1.el8_10.x86_64.rpm kernel-modules-extra-4.18.0-553.129.1.el8_10.x86_64.rpm kernel-tools-4.18.0-553.129.1.el8_10.x86_64.rpm kernel-tools-libs-4.18.0-553.129.1.el8_10.x86_64.rpm kernel-tools-libs-devel-4.18.0-553.129.1.el8_10.x86_64.rpm perf-4.18.0-553.129.1.el8_10.x86_64.rpm python3-perf-4.18.0-553.129.1.el8_10.x86_64.rpm aarch64: bpftool-4.18.0-553.129.1.el8_10.aarch64.rpm kernel-cross-headers-4.18.0-553.129.1.el8_10.aarch64.rpm kernel-headers-4.18.0-553.129.1.el8_10.aarch64.rpm kernel-tools-4.18.0-553.129.1.el8_10.aarch64.rpm kernel-tools-libs-4.18.0-553.129.1.el8_10.aarch64.rpm kernel-tools-libs-devel-4.18.0-553.129.1.el8_10.aarch64.rpm perf-4.18.0-553.129.1.el8_10.aarch64.rpm python3-perf-4.18.0-553.129.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/kernel-4.18.0-553.129.1.el8_10.src.rpm Related CVEs: CVE-2026-46243 Description of changes: [4.18.0-553.129.1] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key wasadded to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64
An update that solves 10 vulnerabilities can now be installed.. # Security update for nvidia-open-driver-G07-signed Announcement ID: SUSE-SU-2026:21920-1 Release Date: 2026-06-01T09:14:35Z Rating: critical References: * bsc#1212841 * bsc#1262574 * bsc#1263834 Cross-References: * CVE-2025-33221 * CVE-2026-24182 * CVE-2026-24187 * CVE-2026-24192 * CVE-2026-24194 * CVE-2026-24195 * CVE-2026-24196 * CVE-2026-24197 * CVE-2026-24198 * CVE-2026-24199 CVSS scores: * CVE-2025-33221 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-24182 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2026-24187 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-24192 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-24194 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-24195 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H * CVE-2026-24196 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-24197 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2026-24198 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2026-24199 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for nvidia-open-driver-G07-signed fixes the following issues: * update CUDA variant to 595.71.05 * update non-CUDA variant to 595.71.05 (bsc#1262574) * CVEs fixed: CVE-2025-33221, CVE-2026-24187, CVE-2026-24182, CVE-2026-24192, CVE-2026-24194, CVE-2026-24195, CVE-2026-24196, CVE-2026-24197, CVE-2026-24198, CVE-2026-24199 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patchSUSE-SLE-Micro-6.0-kernel-439=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 x86_64) * nvidia-open-driver-G07-signed-kmp-default-595.71.05_k6.4.0_46-1.1 * nvidia-open-driver-G07-signed-cuda-debugsource-595.71.05-1.1 * nvidia-open-driver-G07-signed-cuda-kmp-default-debuginfo-595.71.05_k6.4.0_46-1.1 * nvidia-open-driver-G07-signed-cuda-kmp-default-595.71.05_k6.4.0_46-1.1 * nvidia-open-driver-G07-signed-kmp-default-debuginfo-595.71.05_k6.4.0_46-1.1 * nvidia-open-driver-G07-signed-debugsource-595.71.05-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-33221.html * https://www.suse.com/security/cve/CVE-2026-24182.html * https://www.suse.com/security/cve/CVE-2026-24187.html * https://www.suse.com/security/cve/CVE-2026-24192.html * https://www.suse.com/security/cve/CVE-2026-24194.html * https://www.suse.com/security/cve/CVE-2026-24195.html * https://www.suse.com/security/cve/CVE-2026-24196.html * https://www.suse.com/security/cve/CVE-2026-24197.html * https://www.suse.com/security/cve/CVE-2026-24198.html * https://www.suse.com/security/cve/CVE-2026-24199.html * https://bugzilla.suse.com/show_bug.cgi?id=1212841 * https://bugzilla.suse.com/show_bug.cgi?id=1262574 * https://bugzilla.suse.com/show_bug.cgi?id=1263834 . SUSE update addresses multiple critical issues in nvidia-open-driver, enhancing system security and stability.. SUSE Linux Micro,nvidia-open-driver,G07-signed,security patch,critical update. . Severity: Critical. LinuxSecurity.com Team
An update that can now be installed.. # Security update for podman Announcement ID: SUSE-SU-2026:2107-1 Release Date: 2026-05-29T02:54:20Z Rating: important References: Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that can now be installed. ## Description: This update for podman rebuilds it against the current go security release. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2107=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2107=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2107=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2107=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2107=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2107=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2107=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2107=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patchSUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2107=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * podman-debuginfo-4.9.5-150400.4.69.1 * podman-4.9.5-150400.4.69.1 * podman-remote-4.9.5-150400.4.69.1 * podmansh-4.9.5-150400.4.69.1 * podman-remote-debuginfo-4.9.5-150400.4.69.1 * openSUSE Leap 15.4 (noarch) * podman-docker-4.9.5-150400.4.69.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * podman-debuginfo-4.9.5-150400.4.69.1 * podman-remote-4.9.5-150400.4.69.1 * podman-4.9.5-150400.4.69.1 * podman-remote-debuginfo-4.9.5-150400.4.69.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * podman-docker-4.9.5-150400.4.69.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * podman-debuginfo-4.9.5-150400.4.69.1 * podman-remote-4.9.5-150400.4.69.1 * podman-4.9.5-150400.4.69.1 * podman-remote-debuginfo-4.9.5-150400.4.69.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * podman-docker-4.9.5-150400.4.69.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.69.1 * podman-remote-4.9.5-150400.4.69.1 * podman-4.9.5-150400.4.69.1 * podman-remote-debuginfo-4.9.5-150400.4.69.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.69.1 * podman-remote-4.9.5-150400.4.69.1 * podman-4.9.5-150400.4.69.1 * podman-remote-debuginfo-4.9.5-150400.4.69.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.69.1 * podman-remote-4.9.5-150400.4.69.1 * podman-4.9.5-150400.4.69.1 * podman-remote-debuginfo-4.9.5-150400.4.69.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.69.1 * podman-remote-4.9.5-150400.4.69.1 * podman-4.9.5-150400.4.69.1 * podman-remote-debuginfo-4.9.5-150400.4.69.1 * SUSE Linux Enterprise HighPerformance Computing ESPOS 15 SP4 (aarch64 x86_64) * podman-debuginfo-4.9.5-150400.4.69.1 * podman-remote-4.9.5-150400.4.69.1 * podman-4.9.5-150400.4.69.1 * podman-remote-debuginfo-4.9.5-150400.4.69.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * podman-docker-4.9.5-150400.4.69.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * podman-debuginfo-4.9.5-150400.4.69.1 * podman-remote-4.9.5-150400.4.69.1 * podman-4.9.5-150400.4.69.1 * podman-remote-debuginfo-4.9.5-150400.4.69.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * podman-docker-4.9.5-150400.4.69.1 . Update for Podman on openSUSE Leap and SUSE Enterprise Servers. Critical security patch available for installation.. Podman Security Patch, openSUSE Update, important podman advisory. . Severity: Important. LinuxSecurity.com Team
# Security update for rootlesskit Announcement ID: SUSE-SU-2026:2045-1 Release Date: 2026-05-22T05:55:22Z Rating: important References:. # Security update for rootlesskit Announcement ID: SUSE-SU-2026:2045-1 Release Date: 2026-05-22T05:55:22Z Rating: important References: Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that can now be installed. ## Description: This update for rootlesskit rebuilds it against the current go security release. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2045=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2045=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2045=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2045=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2045=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2045=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2045=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2045=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * rootlesskit-1.1.1-150000.1.9.1 * rootlesskit-debuginfo-1.1.1-150000.1.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * rootlesskit-1.1.1-150000.1.9.1 * rootlesskit-debuginfo-1.1.1-150000.1.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * rootlesskit-1.1.1-150000.1.9.1 * rootlesskit-debuginfo-1.1.1-150000.1.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * rootlesskit-1.1.1-150000.1.9.1 * rootlesskit-debuginfo-1.1.1-150000.1.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * rootlesskit-1.1.1-150000.1.9.1 * rootlesskit-debuginfo-1.1.1-150000.1.9.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * rootlesskit-1.1.1-150000.1.9.1 * rootlesskit-debuginfo-1.1.1-150000.1.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * rootlesskit-1.1.1-150000.1.9.1 * rootlesskit-debuginfo-1.1.1-150000.1.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * rootlesskit-1.1.1-150000.1.9.1 * rootlesskit-debuginfo-1.1.1-150000.1.9.1 . Important security update for rootlesskit affects multiple SUSE distributions. Apply patches to secure your systems.. rootlesskit security patch, SUSE Linux advisory, important security update. . Severity: Important. LinuxSecurity.com Team
An update that solves five vulnerabilities can now be installed.. # Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21512-1 Release Date: 2026-05-05T13:07:21Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting inets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-380=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-6_4_0-36-rt-debuginfo-9-1.1 * kernel-livepatch-6_4_0-36-rt-9-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_12-debugsource-9-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 . An important update solving five vulnerabilities for SUSE Linux Enterprise Micro 6.0 kernel RT is now available for installation.. SUSE Linux Micro Kernel Security Patch RT Vulnerabilities. . Severity: Important. LinuxSecurity.com Team
An update that solves two vulnerabilities can now be installed.. # Security update for the Linux Kernel RT (Live Patch 18 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21516-1 Release Date: 2026-05-05T13:07:21Z Rating: important References: * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves two vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-40.1 fixes various security issues The following security issues were fixed: * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-384=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_18-debugsource-3-1.1 * kernel-livepatch-6_4_0-40-rt-3-1.1 * kernel-livepatch-6_4_0-40-rt-debuginfo-3-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1259126 *https://bugzilla.suse.com/show_bug.cgi?id=1263689 . This update addresses two significant security issues in the SUSE Linux Enterprise Kernel, enhancing system security and stability.. SUSE Linux Micro update, Kernel security patch, CVE fixes. . Severity: Important. LinuxSecurity.com Team
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-11635 http://linux.oracle.com/errata/ELSA-2026-11635.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: PackageKit-1.1.12-8.0.1.el8_10.i686.rpm PackageKit-1.1.12-8.0.1.el8_10.x86_64.rpm PackageKit-command-not-found-1.1.12-8.0.1.el8_10.x86_64.rpm PackageKit-cron-1.1.12-8.0.1.el8_10.x86_64.rpm PackageKit-glib-1.1.12-8.0.1.el8_10.i686.rpm PackageKit-glib-1.1.12-8.0.1.el8_10.x86_64.rpm PackageKit-glib-devel-1.1.12-8.0.1.el8_10.i686.rpm PackageKit-glib-devel-1.1.12-8.0.1.el8_10.x86_64.rpm PackageKit-gstreamer-plugin-1.1.12-8.0.1.el8_10.x86_64.rpm PackageKit-gtk3-module-1.1.12-8.0.1.el8_10.i686.rpm PackageKit-gtk3-module-1.1.12-8.0.1.el8_10.x86_64.rpm aarch64: PackageKit-1.1.12-8.0.1.el8_10.aarch64.rpm PackageKit-command-not-found-1.1.12-8.0.1.el8_10.aarch64.rpm PackageKit-cron-1.1.12-8.0.1.el8_10.aarch64.rpm PackageKit-glib-1.1.12-8.0.1.el8_10.aarch64.rpm PackageKit-glib-devel-1.1.12-8.0.1.el8_10.aarch64.rpm PackageKit-gstreamer-plugin-1.1.12-8.0.1.el8_10.aarch64.rpm PackageKit-gtk3-module-1.1.12-8.0.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/PackageKit-1.1.12-8.0.1.el8_10.src.rpm Related CVEs: CVE-2026-41651 Description of changes: [1.1.12-8.0.1] - removed rhel-Vendor.conf.patch [1.1.12-8] - Backport fix for CVE-2026-41651. - Resolves: #RHEL-170493 _______________________________________________ El-errata mailing list
Get the latest Linux and open source security news straight to your inbox.