Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 524
Alerts This Week
Warning Icon 1 524

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 8,431 articles for you...
217

Oracle Linux 10 dnsmasq Denial of Service Advisories ELSA-2026-19158

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-19158 http://linux.oracle.com/errata/ELSA-2026-19158.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: dnsmasq-2.90-7.el10_2.x86_64.rpm dnsmasq-utils-2.90-7.el10_2.x86_64.rpm aarch64: dnsmasq-2.90-7.el10_2.aarch64.rpm dnsmasq-utils-2.90-7.el10_2.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/dnsmasq-2.90-7.el10_2.src.rpm Related CVEs: CVE-2026-2291 CVE-2026-4890 CVE-2026-4891 CVE-2026-4892 CVE-2026-4893 CVE-2026-5172 Description of changes: [2.90-7] - Prevent overflow in extract_name function (CVE-2026-2291) - Prevent DoS in DNSSEC validation (CVE-2026-4890) - Prevent out-of-bounds read in DNSSEC validation (CVE-2026-4891) - Prevent out-of-bounds write in DHCPv6 server (CVE-2026-4892) - Prevent source check avoidance by RFC 7871 client-subnet (CVE-2026-4893) - Prevent out-of-bounds read in extract_addresses (CVE-2026-5172) [2.90-6] - Prevent heap buffer overflow in cache via NAME_ESCAPE expansion (CVE-2026-2291) _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 10 addresses important flaws in dnsmasq with crucial updates to ensure system stability and security.. Oracle Linux, dnsmasq, security fix. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 17, 2026 Important Oracle
89

Fedora 43 Rust-opendal Important Update Quick-XML RUSTSEC-2026-0194

Update quick-xml to 0.41 (RUSTSEC-2026-0194, RUSTSEC-2026-0195). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-5e3ab17662 2026-07-17 01:08:58.262249+00:00 -------------------------------------------------------------------------------- Name : rust-opendal Product : Fedora 43 Version : 0.55.0 Release : 2.fc43 URL : https://crates.io/crates/opendal Summary : Apache OpenDAL: One Layer, All Storage Description : OpenDAL is an Open Data Access Layer that enables seamless interaction with diverse storage services. -------------------------------------------------------------------------------- Update Information: Update quick-xml to 0.41 (RUSTSEC-2026-0194, RUSTSEC-2026-0195) -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 8 2026 Benjamin A. Beasley - 0.55.0-2 - Update quick-xml to 0.41 (RUSTSEC-2026-0194, RUSTSEC-2026-0195) -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-5e3ab17662' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . A critical advisory for Fedora 43 details an important update to rust-opendal with improved quick-xml functionality.. Fedora security rust-opendal update quick-xml. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 16, 2026 Important Fedora
219

Rocky Linux 8 RLSA-2026-40841 maven Important Directory Traversal

Important: maven:3.8 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:40841", "synopsis": "Important: maven:3.8 security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for module.maven, module.apache-commons-lang3, apache-commons-io, slf4j, apache-commons-codec, jsr-305, module.cdi-api, plexus-containers, guava, httpcomponents-client, cdi-api, module.sisu, module.plexus-classworlds, plexus-interpolation, module.httpcomponents-core, module.apache-commons-io, atinject, google-guice, module.plexus-cipher, plexus-sec-dispatcher, module.guava, module.jsr-305, module.maven-shared-utils, jakarta-annotations, module.plexus-interpolation, plexus-classworlds, maven-wagon, apache-commons-cli, apache-commons-lang3, module.jansi, module.apache-commons-codec, module.plexus-containers, jansi, maven, module.plexus-utils, sisu, module.atinject, maven-shared-utils, module.google-guice, module.maven-resolver, module.apache-commons-cli, module.slf4j, httpcomponents-core, module.httpcomponents-client, maven-resolver, module.maven-wagon, plexus-cipher, plexus-utils, module.plexus-sec-dispatcher, module.jakarta-annotations.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Maven is a software project management and comprehension tool. Based on the concept of a project object model (POM), Maven can manage a project's build, reporting and documentation from a central piece of information.\n\nSecurity Fix(es):\n\n* org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method (CVE-2025-67030)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2451409", "sourceBy": "Red Hat","sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2451409", "description": ""}], "cves": [{"name": "CVE-2025-67030", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67030", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", "cvss3BaseScore": "8.3", "cwe": "CWE-22"}], "references": [], "publishedAt": "2026-07-16T12:03:21.348182Z", "rpms": {"Rocky Linux 8": {"nvras": ["apache-commons-cli-0:1.5.0-5.module+el8.10.0+1811+d28a527b.noarch.rpm", "apache-commons-cli-0:1.5.0-5.module+el8.10.0+1811+d28a527b.src.rpm", "apache-commons-codec-0:1.15-8.module+el8.10.0+1811+d28a527b.noarch.rpm", "apache-commons-codec-0:1.15-8.module+el8.10.0+1811+d28a527b.src.rpm", "apache-commons-io-1:2.11.0-3.module+el8.10.0+1811+d28a527b.noarch.rpm", "apache-commons-io-1:2.11.0-3.module+el8.10.0+1811+d28a527b.src.rpm", "apache-commons-lang3-0:3.12.0-8.module+el8.10.0+1811+d28a527b.noarch.rpm", "apache-commons-lang3-0:3.12.0-8.module+el8.10.0+1811+d28a527b.src.rpm", "atinject-0:1.0.5-5.module+el8.10.0+1811+d28a527b.noarch.rpm", "atinject-0:1.0.5-5.module+el8.10.0+1811+d28a527b.src.rpm", "cdi-api-0:2.0.2-7.module+el8.10.0+1811+d28a527b.noarch.rpm", "cdi-api-0:2.0.2-7.module+el8.10.0+1811+d28a527b.src.rpm", "google-guice-0:4.2.3-10.module+el8.10.0+1811+d28a527b.noarch.rpm", "google-guice-0:4.2.3-10.module+el8.10.0+1811+d28a527b.src.rpm", "guava-0:31.0.1-5.module+el8.10.0+1811+d28a527b.noarch.rpm", "guava-0:31.0.1-5.module+el8.10.0+1811+d28a527b.src.rpm", "httpcomponents-client-0:4.5.13-6.module+el8.10.0+1811+d28a527b.noarch.rpm", "httpcomponents-client-0:4.5.13-6.module+el8.10.0+1811+d28a527b.src.rpm", "httpcomponents-core-0:4.4.13-8.module+el8.10.0+1811+d28a527b.noarch.rpm", "httpcomponents-core-0:4.4.13-8.module+el8.10.0+1811+d28a527b.src.rpm", "jakarta-annotations-0:1.3.5-15.module+el8.10.0+1811+d28a527b.noarch.rpm", "jakarta-annotations-0:1.3.5-15.module+el8.10.0+1811+d28a527b.src.rpm", "jansi-0:2.4.0-7.module+el8.10.0+1811+d28a527b.aarch64.rpm","jansi-0:2.4.0-7.module+el8.10.0+1811+d28a527b.src.rpm", "jansi-debuginfo-0:2.4.0-7.module+el8.10.0+1811+d28a527b.aarch64.rpm", "jansi-debugsource-0:2.4.0-7.module+el8.10.0+1811+d28a527b.aarch64.rpm", "jcl-over-slf4j-0:1.7.32-5.module+el8.10.0+1811+d28a527b.noarch.rpm", "jsr-305-0:3.0.2-7.module+el8.10.0+1811+d28a527b.noarch.rpm", "jsr-305-0:3.0.2-7.module+el8.10.0+1811+d28a527b.src.rpm", "maven-1:3.8.5-6.module+el8.10.0+1811+d28a527b.noarch.rpm", "maven-1:3.8.5-6.module+el8.10.0+1811+d28a527b.src.rpm", "maven-lib-1:3.8.5-6.module+el8.10.0+1811+d28a527b.noarch.rpm", "maven-openjdk11-1:3.8.5-6.module+el8.10.0+1811+d28a527b.noarch.rpm", "maven-openjdk17-1:3.8.5-6.module+el8.10.0+1811+d28a527b.noarch.rpm", "maven-openjdk21-1:3.8.5-6.module+el8.10.0+1811+d28a527b.noarch.rpm", "maven-openjdk8-1:3.8.5-6.module+el8.10.0+1811+d28a527b.noarch.rpm", "maven-resolver-1:1.7.3-6.module+el8.10.0+1811+d28a527b.noarch.rpm", "maven-resolver-1:1.7.3-6.module+el8.10.0+1811+d28a527b.src.rpm", "maven-shared-utils-0:3.3.4-6.module+el8.10.0+1811+d28a527b.noarch.rpm", "maven-shared-utils-0:3.3.4-6.module+el8.10.0+1811+d28a527b.src.rpm", "maven-wagon-0:3.5.1-3.module+el8.10.0+1811+d28a527b.noarch.rpm", "maven-wagon-0:3.5.1-3.module+el8.10.0+1811+d28a527b.src.rpm", "plexus-cipher-0:2.0-3.module+el8.10.0+1811+d28a527b.noarch.rpm", "plexus-cipher-0:2.0-3.module+el8.10.0+1811+d28a527b.src.rpm", "plexus-classworlds-0:2.6.0-13.module+el8.10.0+1811+d28a527b.noarch.rpm", "plexus-classworlds-0:2.6.0-13.module+el8.10.0+1811+d28a527b.src.rpm", "plexus-containers-0:2.1.1-3.module+el8.10.0+1811+d28a527b.src.rpm", "plexus-containers-component-annotations-0:2.1.1-3.module+el8.10.0+1811+d28a527b.noarch.rpm", "plexus-interpolation-0:1.26-13.module+el8.10.0+1811+d28a527b.noarch.rpm", "plexus-interpolation-0:1.26-13.module+el8.10.0+1811+d28a527b.src.rpm", "plexus-sec-dispatcher-0:2.0-5.module+el8.10.0+1811+d28a527b.noarch.rpm", "plexus-sec-dispatcher-0:2.0-5.module+el8.10.0+1811+d28a527b.src.rpm","plexus-utils-0:3.3.0-11.module+el8.10.0+1811+d28a527b.noarch.rpm", "plexus-utils-0:3.3.0-11.module+el8.10.0+1811+d28a527b.src.rpm", "sisu-1:0.3.5-3.module+el8.10.0+1811+d28a527b.noarch.rpm", "sisu-1:0.3.5-3.module+el8.10.0+1811+d28a527b.src.rpm", "slf4j-0:1.7.32-5.module+el8.10.0+1811+d28a527b.noarch.rpm", "slf4j-0:1.7.32-5.module+el8.10.0+1811+d28a527b.src.rpm", "jansi-0:2.4.0-7.module+el8.10.0+1811+d28a527b.x86_64.rpm", "jansi-debuginfo-0:2.4.0-7.module+el8.10.0+1811+d28a527b.x86_64.rpm", "jansi-debugsource-0:2.4.0-7.module+el8.10.0+1811+d28a527b.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Critical maven security updates are available for Rocky Linux 8, addressing important vulnerabilities like directory traversal.. Rocky Linux,maven,directory traversal,security updates. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 16, 2026 Important Rocky Linux
202

openSUSE Buildah Important Security Fix SUSE-SU-2026-2964-1

An update that can now be installed.. # Security update for buildah Announcement ID: SUSE-SU-2026:2964-1 Release Date: 2026-07-14T11:09:44Z Rating: important References: Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that can now be installed. ## Description: This update for buildah rebuilds it against the current go security release. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2964=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2964=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2964=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2964=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2964=1 ## Package List: * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * buildah-1.35.5-150400.3.70.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * buildah-1.35.5-150400.3.70.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * buildah-1.35.5-150400.3.70.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * buildah-1.35.5-150400.3.70.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * buildah-1.35.5-150400.3.70.1 . This update for buildah applies important security fixes for openSUSE Leap 15.4 and other SUSE Linux distributions.. openSUSE security, buildah update, Linux security patch. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 14, 2026 Important OpenSUSE
89

Fedora 43 Kernel Significant Correction for XFS Filesystem 2026-085c9e92a4

The 7.1.3-101/201 builds contain an important fix for XFS filesystem users.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-085c9e92a4 2026-07-14 18:18:56.519144+00:00 -------------------------------------------------------------------------------- Name : kernel Product : Fedora 43 Version : 7.1.3 Release : 101.fc43 URL : https://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package -------------------------------------------------------------------------------- Update Information: The 7.1.3-101/201 builds contain an important fix for XFS filesystem users. -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 14 2026 Justin M. Forbes [7.1.3-1] - xfs: resample the data fork mapping after cycling ILOCK (Darrick J. Wong) - redhat: configs: fedora: Enable Sony IMX471 image sensor (Kate Hsuan) - media: i2c: imx471: Add Sony IMX471 image sensor driver (Kate Hsuan) - platform: int3472: discrete: con_id vana for Sony IMX471 as power enable (Kate Hsuan) - media: ipu-bridge: Add Sony IMX471 for Lenovo X1 Carbon G14 (Kate Hsuan) - media: ipu-bridge: Add DMI information of Lenovo X9 to the image upside-down list (Kate Hsuan) - redhat: move ynltool debuginfo to kernel-tools-debuginfo (Augusto Caringi) -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-085c9e92a4' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Important kernel fix for XFS filesystem users in Fedora 43 to address critical performance issues and enhance security.. kernel update, Fedora 43 security, XFS filesystem fix, package upgrade, important security update. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 14, 2026 Important Fedora
100

SUSE Linux 15 SP7 Kernel Important Security Update 2026-2902-1

An update that solves 25 vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise 15 SP7) Announcement ID: SUSE-SU-2026:2902-1 Release Date: 2026-07-13T15:45:10Z Rating: important References: * bsc#1256615 * bsc#1260524 * bsc#1262759 * bsc#1263094 * bsc#1263118 * bsc#1263177 * bsc#1263670 * bsc#1264094 * bsc#1264252 * bsc#1264253 * bsc#1264567 * bsc#1264849 * bsc#1265117 * bsc#1265127 * bsc#1265197 * bsc#1265945 * bsc#1266015 * bsc#1266265 * bsc#1267206 * bsc#1267698 * bsc#1267723 * bsc#1267893 * bsc#1268662 * bsc#1269023 * bsc#1269495 Cross-References: * CVE-2025-71089 * CVE-2026-23393 * CVE-2026-31505 * CVE-2026-31533 * CVE-2026-31570 * CVE-2026-31586 * CVE-2026-31685 * CVE-2026-31758 * CVE-2026-43025 * CVE-2026-43027 * CVE-2026-43037 * CVE-2026-43120 * CVE-2026-43190 * CVE-2026-43366 * CVE-2026-43437 * CVE-2026-43494 * CVE-2026-43501 * CVE-2026-45970 * CVE-2026-46120 * CVE-2026-46173 * CVE-2026-46227 * CVE-2026-46243 * CVE-2026-52909 * CVE-2026-52943 * CVE-2026-53362 CVSS scores: * CVE-2025-71089 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-71089 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71089 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71089 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-23393 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23393 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31505 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H *CVE-2026-31533 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31533 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:N/SA:N * CVE-2026-31570 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31586 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31685 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31685 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31685 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31758 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31758 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31758 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-43027 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43027 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N *CVE-2026-43120 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43190 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43190 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43190 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43366 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43366 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43366 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43437 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43437 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43494 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43501 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43501 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43501 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43501 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45970 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46120 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46227 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-52909 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-52909 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-52909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-52943 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-52943 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-52943 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-52943 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-53362 ( SUSE ): 9.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-53362 ( SUSE ): 8.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux EnterpriseReal Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves 25 vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.28 fixes various security issues The following security issues were fixed: * CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256615). * CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260524). * CVE-2026-31505: iavf: fix out-of-bounds writes in iavf_get_ethtool_stats() (bsc#1263094). * CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (bsc#1262759). * CVE-2026-31570: can: gw: fix OOB heap access in cgw_csum_crc8_rel() (bsc#1263118). * CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (bsc#1263177). * CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263670). * CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmc_release (bsc#1264094). * CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new expectations (bsc#1264253). * CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect cleanup (bsc#1264252). * CVE-2026-43037: ip6_tunnel: clear skb2-> cb[] in ip4ip6_err() (bsc#1265197). * CVE-2026-43120: RDMA/irdma: Fix double free related to rereg_user_mr (bsc#1264567). * CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264849). * CVE-2026-43366: io_uring/kbuf: check if target buffer list is still legacy on recycle (bsc#1265117). * CVE-2026-43437: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (bsc#1265127). * CVE-2026-43494: RDS zerocopy attack aka PinTheft (bsc#1265945). * CVE-2026-43501: ipv6: rpl: reserve mac_len headroom whenrecompressed SRH grows (bsc#1266015). * CVE-2026-45970: bonding: alb: fix UAF in rlb_arp_recv during bond up/down (bsc#1267206). * CVE-2026-46120: ip6_gre: Use cached t-> net in ip6erspan_changelink() (bsc#1267893). * CVE-2026-46173: exit: prevent preemption of oopsing TASK_DEAD task (bsc#1267723). * CVE-2026-46227: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (bsc#1267698). * CVE-2026-46243: smb: client: reject userspace cifs.spnego descriptions (CIFSwitch) (bsc#1266265). * CVE-2026-52909: ip6_vti: set netns_immutable on the fallback device (bsc#1268662). * CVE-2026-52943: net: skbuff: fix missing zerocopy reference in pskb_carve helpers (bsc#1269023). * CVE-2026-53362: ipv6: account for fraggap on the paged allocation path (bsc#1269495). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2911=1 SUSE-2026-2913=1 SUSE-2026-2912=1 SUSE-2026-2917=1 SUSE-2026-2908=1 * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-2916=1 SUSE-SLE- Module-Live-Patching-15-SP7-2026-2915=1 SUSE-SLE-Module-Live- Patching-15-SP7-2026-2902=1 SUSE-SLE-Module-Live-Patching-15-SP7-2026-2906=1 SUSE-SLE-Module-Live-Patching-15-SP7-2026-2904=1 SUSE-SLE-Module-Live- Patching-15-SP7-2026-2898=1 SUSE-SLE-Module-Live-Patching-15-SP7-2026-2903=1 SUSE-SLE-Module-Live-Patching-15-SP7-2026-2905=1 SUSE-SLE-Module-Live- Patching-15-SP7-2026-2901=1 SUSE-SLE-Module-Live-Patching-15-SP7-2026-2907=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-2908=1 SUSE-SLE- Module-Live-Patching-15-SP6-2026-2911=1 SUSE-SLE-Module-Live- Patching-15-SP6-2026-2913=1SUSE-SLE-Module-Live-Patching-15-SP6-2026-2912=1 SUSE-SLE-Module-Live-Patching-15-SP6-2026-2917=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (x86_64) * kernel-livepatch-6_4_0-150700_7_22-rt-10-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_2-debugsource-18-150700.2.1 * kernel-livepatch-6_4_0-150700_7_13-rt-14-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_1-debugsource-19-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_5-debugsource-11-150700.2.1 * kernel-livepatch-6_4_0-150700_5-rt-19-150700.3.1 * kernel-livepatch-6_4_0-150700_7_25-rt-debuginfo-9-150700.2.1 * kernel-livepatch-6_4_0-150700_7_22-rt-debuginfo-10-150700.2.1 * kernel-livepatch-6_4_0-150700_7_19-rt-debuginfo-11-150700.2.1 * kernel-livepatch-6_4_0-150700_7_8-rt-18-150700.2.1 * kernel-livepatch-6_4_0-150700_5-rt-debuginfo-19-150700.3.1 * kernel-livepatch-SLE15-SP7-RT_Update_3-debugsource-14-150700.2.1 * kernel-livepatch-6_4_0-150700_7_16-rt-debuginfo-14-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_0-debugsource-19-150700.3.1 * kernel-livepatch-SLE15-SP7-RT_Update_4-debugsource-14-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_6-debugsource-10-150700.2.1 * kernel-livepatch-6_4_0-150700_7_13-rt-debuginfo-14-150700.2.1 * kernel-livepatch-6_4_0-150700_7_8-rt-debuginfo-18-150700.2.1 * kernel-livepatch-6_4_0-150700_7_25-rt-9-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_7-debugsource-9-150700.2.1 * kernel-livepatch-6_4_0-150700_7_16-rt-14-150700.2.1 * kernel-livepatch-6_4_0-150700_7_3-rt-debuginfo-19-150700.2.1 * kernel-livepatch-6_4_0-150700_7_19-rt-11-150700.2.1 * kernel-livepatch-6_4_0-150700_7_3-rt-19-150700.2.1 * SUSE Linux Enterprise Live Patching 15-SP7 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150700_53_28-default-debuginfo-9-150700.2.2 * kernel-livepatch-SLE15-SP7_Update_8-debugsource-9-150700.2.2 * kernel-livepatch-6_4_0-150700_53_25-default-9-150700.2.2 *kernel-livepatch-SLE15-SP7_Update_7-debugsource-9-150700.2.2 * kernel-livepatch-6_4_0-150700_53_25-default-debuginfo-9-150700.2.2 * kernel-livepatch-6_4_0-150700_53_28-default-9-150700.2.2 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_17-debugsource-9-150600.2.2 * kernel-livepatch-6_4_0-150600_23_65-default-debuginfo-14-150600.2.2 * kernel-livepatch-6_4_0-150600_23_78-default-debuginfo-9-150600.2.2 * kernel-livepatch-6_4_0-150600_23_73-default-debuginfo-11-150600.2.2 * kernel-livepatch-6_4_0-150600_23_73-default-11-150600.2.2 * kernel-livepatch-SLE15-SP6_Update_16-debugsource-11-150600.2.2 * kernel-livepatch-SLE15-SP6_Update_14-debugsource-14-150600.2.2 * kernel-livepatch-SLE15-SP6_Update_13-debugsource-18-150600.2.2 * kernel-livepatch-SLE15-SP6_Update_19-debugsource-9-150600.2.2 * kernel-livepatch-6_4_0-150600_23_65-default-14-150600.2.2 * kernel-livepatch-6_4_0-150600_23_78-default-9-150600.2.2 * kernel-livepatch-6_4_0-150600_23_60-default-debuginfo-18-150600.2.2 * kernel-livepatch-6_4_0-150600_23_84-default-debuginfo-9-150600.2.2 * kernel-livepatch-6_4_0-150600_23_84-default-9-150600.2.2 * kernel-livepatch-6_4_0-150600_23_60-default-18-150600.2.2 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_17-debugsource-9-150600.2.2 * kernel-livepatch-6_4_0-150600_23_65-default-debuginfo-14-150600.2.2 * kernel-livepatch-6_4_0-150600_23_78-default-debuginfo-9-150600.2.2 * kernel-livepatch-6_4_0-150600_23_73-default-debuginfo-11-150600.2.2 * kernel-livepatch-6_4_0-150600_23_73-default-11-150600.2.2 * kernel-livepatch-SLE15-SP6_Update_16-debugsource-11-150600.2.2 * kernel-livepatch-SLE15-SP6_Update_14-debugsource-14-150600.2.2 * kernel-livepatch-SLE15-SP6_Update_19-debugsource-9-150600.2.2 * kernel-livepatch-SLE15-SP6_Update_13-debugsource-18-150600.2.2 * kernel-livepatch-6_4_0-150600_23_65-default-14-150600.2.2 *kernel-livepatch-6_4_0-150600_23_78-default-9-150600.2.2 * kernel-livepatch-6_4_0-150600_23_60-default-debuginfo-18-150600.2.2 * kernel-livepatch-6_4_0-150600_23_84-default-debuginfo-9-150600.2.2 * kernel-livepatch-6_4_0-150600_23_84-default-9-150600.2.2 * kernel-livepatch-6_4_0-150600_23_60-default-18-150600.2.2 ## References: * https://www.suse.com/security/cve/CVE-2025-71089.html * https://www.suse.com/security/cve/CVE-2026-23393.html * https://www.suse.com/security/cve/CVE-2026-31505.html * https://www.suse.com/security/cve/CVE-2026-31533.html * https://www.suse.com/security/cve/CVE-2026-31570.html * https://www.suse.com/security/cve/CVE-2026-31586.html * https://www.suse.com/security/cve/CVE-2026-31685.html * https://www.suse.com/security/cve/CVE-2026-31758.html * https://www.suse.com/security/cve/CVE-2026-43025.html * https://www.suse.com/security/cve/CVE-2026-43027.html * https://www.suse.com/security/cve/CVE-2026-43037.html * https://www.suse.com/security/cve/CVE-2026-43120.html * https://www.suse.com/security/cve/CVE-2026-43190.html * https://www.suse.com/security/cve/CVE-2026-43366.html * https://www.suse.com/security/cve/CVE-2026-43437.html * https://www.suse.com/security/cve/CVE-2026-43494.html * https://www.suse.com/security/cve/CVE-2026-43501.html * https://www.suse.com/security/cve/CVE-2026-45970.html * https://www.suse.com/security/cve/CVE-2026-46120.html * https://www.suse.com/security/cve/CVE-2026-46173.html * https://www.suse.com/security/cve/CVE-2026-46227.html * https://www.suse.com/security/cve/CVE-2026-46243.html * https://www.suse.com/security/cve/CVE-2026-52909.html * https://www.suse.com/security/cve/CVE-2026-52943.html * https://www.suse.com/security/cve/CVE-2026-53362.html * https://bugzilla.suse.com/show_bug.cgi?id=1256615 * https://bugzilla.suse.com/show_bug.cgi?id=1260524 * https://bugzilla.suse.com/show_bug.cgi?id=1262759 * https://bugzilla.suse.com/show_bug.cgi?id=1263094 *https://bugzilla.suse.com/show_bug.cgi?id=1263118 * https://bugzilla.suse.com/show_bug.cgi?id=1263177 * https://bugzilla.suse.com/show_bug.cgi?id=1263670 * https://bugzilla.suse.com/show_bug.cgi?id=1264094 * https://bugzilla.suse.com/show_bug.cgi?id=1264252 * https://bugzilla.suse.com/show_bug.cgi?id=1264253 * https://bugzilla.suse.com/show_bug.cgi?id=1264567 * https://bugzilla.suse.com/show_bug.cgi?id=1264849 * https://bugzilla.suse.com/show_bug.cgi?id=1265117 * https://bugzilla.suse.com/show_bug.cgi?id=1265127 * https://bugzilla.suse.com/show_bug.cgi?id=1265197 * https://bugzilla.suse.com/show_bug.cgi?id=1265945 * https://bugzilla.suse.com/show_bug.cgi?id=1266015 * https://bugzilla.suse.com/show_bug.cgi?id=1266265 * https://bugzilla.suse.com/show_bug.cgi?id=1267206 * https://bugzilla.suse.com/show_bug.cgi?id=1267698 * https://bugzilla.suse.com/show_bug.cgi?id=1267723 * https://bugzilla.suse.com/show_bug.cgi?id=1267893 * https://bugzilla.suse.com/show_bug.cgi?id=1268662 * https://bugzilla.suse.com/show_bug.cgi?id=1269023 * https://bugzilla.suse.com/show_bug.cgi?id=1269495 . SUSE Linux Enterprise 15 SP7 issues critical kernel security update to address 25 vulnerabilities efficiently and securely.. SUSE Linux, kernel security, threat mitigation, important updates, vulnerability patching. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 Important SuSE
197

Debian LTS Redis Remote Code Execution Issues DLA-4682-1

It was discovered that there were two issues in Redis, the in-memory key/value database: CVE-2026-23631 An authenticated attacker could have exploited the master-replica synchronization mechanism to trigger a use-after-free on replicas. Debian LTS Advisory DLA-4682-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Chris Lamb July 13, 2026 https://wiki.debian.org/LTS Package : redis Version : 5:7.0.15-1~deb12u8 CVE ID : CVE-2026-23631 CVE-2026-25243 It was discovered that there were two issues in Redis, the in-memory key/value database: CVE-2026-23631 An authenticated attacker could have exploited the master-replica synchronization mechanism to trigger a use-after-free on replicas where "replica-read-only" is disabled (or could be disabled), which may have led to remote code execution. Installations that prevent users from executing Lua scripts were unaffected. CVE-2026-25243 The RESTORE command did not properly validate serialized values. An authenticated attacker with permission to execute RESTORE could have suppled a crafted serialized payload that triggers invalid memory access and this could have led to remote code execution. For Debian 12 bookworm, these problems have been fixed in version 5:7.0.15-1~deb12u8. We recommend that you upgrade your redis packages. For the detailed security status of redis please refer to its security tracker page at: https://security-tracker.debian.org/tracker/redis Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Redis for Debian LTS updated to fix two critical issues that could lead to remote code execution if exploited. Upgrade recommended.. Debian LTS, Redis security, Debian advisory, remote code execution. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 Important Debian LTS
100

SUSE Linux 12 SP5 Important Libpng15 Heap Overflow Advisory 2026-2878-1

An update that solves one vulnerability can now be installed.. # Security update for libpng15 Announcement ID: SUSE-SU-2026:2878-1 Release Date: 2026-07-13T09:27:39Z Rating: important References: * bsc#1258020 Cross-References: * CVE-2026-25646 CVSS scores: * CVE-2026-25646 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-25646 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-25646 ( NVD ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-25646 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-25646 ( NVD ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for libpng15 fixes the following issue * CVE-2026-25646: heap buffer overflow vulnerability in png_set_dither/png_set_quantize (bsc#1258020). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-2878=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2878=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libpng15-15-debuginfo-1.5.30-10.16.1 * libpng15-debugsource-1.5.30-10.16.1 *libpng15-15-1.5.30-10.16.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libpng15-15-debuginfo-1.5.30-10.16.1 * libpng15-debugsource-1.5.30-10.16.1 * libpng15-15-1.5.30-10.16.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25646.html * https://bugzilla.suse.com/show_bug.cgi?id=1258020 . Critical update for libpng15 addresses a buffer overflow issue, enhancing security for SUSE users. Install promptly to mitigate risks.. libpng buffer overflow SUSE security. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 Important SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200