Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -3 articles for you...
202
security advisoryimportantOpenSUSEopenSUSE Leap 16.0 SNPGuest Memory Exhaustion Patch 20380-1 CVE-2026-25727
An update that solves one vulnerability and has 2 bug fixes can now be installed.. openSUSE security update: security update for snpguest ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20380-1 Rating: important References: * bsc#1257877 * bsc#1257927 Cross-References: * CVE-2026-25727 CVSS scores: * CVE-2026-25727 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25727 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability and has 2 bug fixes can now be installed. Description: This update for snpguest fixes the following issues: - CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion (bsc#1257927). - Update to version 0.10.0 (bsc#1257877): * chore: updating tool version to 0.10.0 * refactor(certs): remove redundant branch in file-write logic * Docs: Adding verify measure, host-data, report-data to docs * verify: verify measurent, host data, and report data attributes from the attestation report. * library: Updating sev library to 7.1.0 * ci: replace deprecated gh actions * feat: multi-format integer parsing for key subcommand arguments * chore(main): remove unused import `clap::arg` * feat(fetch): add fetch crl subcommand * .github/lint: Bump toolchain version to 1.86 * Bump rust version to 1.86 * feat: bumping tool to version 0.9.2 * fix(verify): silence mismatched_lifetime_syntaxes in SnpOid::oid * feat: support SEV-SNP ABI Spec 1.58 (bump sev to v6.3.0) * docs: restore and clarify Global Options section * doc: fix CL argument orders + address recent changes * fix(hyperv): downgrade VMPL check from error to warning * fix(report.rs): remove conflict check between --random flag and Hyper-V * fix(report.rs): Decouple runtime behavior from hyperv buildfeature * refactor: clarify --platform error message * docs: add Azure/Hyper-V build note for --platform * docs: Update README.md * report: Writing Req Data as Binary (#101) * deps: bump virtee/sev to 6.2.1 (fix TCB-serialization bug) (#99) Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-398=1 Package List: - openSUSE Leap 16.0: snpguest-0.10.0-160000.1.1 References: * https://www.suse.com/security/cve/CVE-2026-25727.html . Critical openSUSE update for snpguest addresses important vulnerabilities along with bug fixes. Learn more!. openSUSE security update,snpguest patch,open source vulnerability,do not push stack,security fixes. . Severity: Important. LinuxSecurity.com Team
Mar 25, 2026
•Important
OpenSUSE
100
security advisorySuSEimportantSUSE 15 snpguest Important Fix Stack Exhaustion Use After Free 2026-0620-1
An update that solves three vulnerabilities and has one security fix can now be installed.. # Security update for snpguest Announcement ID: SUSE-SU-2026:0620-1 Release Date: 2026-02-24T16:36:36Z Rating: important References: * bsc#1242601 * bsc#1243869 * bsc#1257877 * bsc#1257927 Cross-References: * CVE-2024-12224 * CVE-2025-3416 * CVE-2026-25727 CVSS scores: * CVE-2024-12224 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-12224 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-12224 ( NVD ): 5.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-3416 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-3416 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-3416 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-25727 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-25727 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25727 ( NVD ): 6.8 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-25727 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Server Applications Module 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for snpguest fixes the following issues: Update to version 0.10.0. Security issues fixed: * CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead tostack exhaustion (bsc#1257927). * CVE-2025-3416: openssl: Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate (bsc#1242601). * CVE-2024-12224: idna: idna accepts Punycode labels that do not produce any non-ASCII when decoded (bcs#1243869). Other updates and bugfixes: * Update to version 0.10.0 * fails to generate attestation reports on SEV-SNP guests with firmware API (bsc#1257877). * chore: updating tool version to 0.10.0 * refactor(certs): remove redundant branch in file-write logic * Docs: Adding verify measure, host-data, report-data to docs * verify: verify measurent, host data, and report data attributes from the attestation report. * library: Updating sev library to 7.1.0 * ci: replace deprecated gh actions * feat: multi-format integer parsing for key subcommand arguments * chore(main): remove unused import `clap::arg` * feat(fetch): add fetch crl subcommand * .github/lint: Bump toolchain version to 1.86 * Bump rust version to 1.86 * feat: bumping tool to version 0.9.2 * fix(verify): silence mismatched_lifetime_syntaxes in SnpOid::oid * feat: support SEV-SNP ABI Spec 1.58 (bump sev to v6.3.0) * docs: restore and clarify Global Options section * doc: fix CL argument orders + address recent changes * fix(hyperv): downgrade VMPL check from error to warning * fix(report.rs): remove conflict check between --random flag and Hyper-V * fix(report.rs): Decouple runtime behavior from hyperv build feature * refactor: clarify --platform error message * docs: add Azure/Hyper-V build note for --platform * report: Writing Req Data as Binary (#101) * deps: bump virtee/sev to 6.2.1 (fix TCB-serialization bug) (#99) * Updating SEV library to 6.1.0 and updating version to 0.9.1 * Update version (0.9.0) * HyperV: Fixing report command failure on Azure confidential VM * Removing intird and append requirement for kernel measurements (#93) * Updating to version 6 of library and fixing attestation (#89) * CI: Fixingcreate_release workflow (#91) * Minor update (0.8.3) * Adding build script * Update preattestation.rs * Fix certificate fetch bug for Turin * Minor update * Update bitfield to 0.15.0 * Update to 0.8.1 * Update asn1-rs and x509-parser * Update to 0.8.0 * key: Fix guest_field_select typo * Adding Turin support and updating ASK cn ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-620=1 ## Package List: * Server Applications Module 15-SP7 (x86_64) * snpguest-debugsource-0.10.0-150700.3.3.1 * snpguest-debuginfo-0.10.0-150700.3.3.1 * snpguest-0.10.0-150700.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12224.html * https://www.suse.com/security/cve/CVE-2025-3416.html * https://www.suse.com/security/cve/CVE-2026-25727.html * https://bugzilla.suse.com/show_bug.cgi?id=1242601 * https://bugzilla.suse.com/show_bug.cgi?id=1243869 * https://bugzilla.suse.com/show_bug.cgi?id=1257877 * https://bugzilla.suse.com/show_bug.cgi?id=1257927 . SUSE updates for snpguest resolve important issues with three bugs and offers a critical security fix to enhance protection.. SUSE Security Update,snpguest vulnerabilities,important fixes,stack exhaustion,use-after-free. . Severity: Important. LinuxSecurity.com Team
Feb 25, 2026
•Important
SuSE
100
security advisorypatchimportantUbuntu 22.10 Alert Signal UBU-UT-2027-0941-5 CVE-2026-17901 Critical Risk
An update that solves one vulnerability can now be installed.. # Security update for snpguest Announcement ID: SUSE-SU-2026:0582-1 Release Date: 2026-02-20T10:02:25Z Rating: important References: * bsc#1257927 Cross-References: * CVE-2026-25727 CVSS scores: * CVE-2026-25727 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-25727 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25727 ( NVD ): 6.8 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for snpguest fixes the following issues: * CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion (bsc#1257927). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-582=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-582=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-582=1 openSUSE-SLE-15.6-2026-582=1 ## Package List: * SUSE Linux Enterprise Server 15 SP6 LTSS (x86_64) * snpguest-debuginfo-0.3.2-150600.3.9.1 * snpguest-0.3.2-150600.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64) * snpguest-debuginfo-0.3.2-150600.3.9.1 * snpguest-0.3.2-150600.3.9.1 * openSUSE Leap 15.6 (x86_64) *snpguest-debuginfo-0.3.2-150600.3.9.1 * snpguest-0.3.2-150600.3.9.1 * snpguest-debugsource-0.3.2-150600.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25727.html * https://bugzilla.suse.com/show_bug.cgi?id=1257927 . Update for snpguest fixes important issues in openSUSE and SUSE Linux affecting stack exhaustion vulnerability.. SUSE update, snpguest security, CVE-2026-25727, patch instructions. . Severity: Important. LinuxSecurity.com Team
Feb 20, 2026
•Important
SuSE
202
security advisoryimportantOpenSUSEopenSUSE Leap 15.6 snpguest Important Stack Exhaustion CVE-2026-25727
An update that solves one vulnerability can now be installed.. # Security update for snpguest Announcement ID: SUSE-SU-2026:0582-1 Release Date: 2026-02-20T10:02:25Z Rating: important References: * bsc#1257927 Cross-References: * CVE-2026-25727 CVSS scores: * CVE-2026-25727 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-25727 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25727 ( NVD ): 6.8 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for snpguest fixes the following issues: * CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion (bsc#1257927). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-582=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-582=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-582=1 openSUSE-SLE-15.6-2026-582=1 ## Package List: * SUSE Linux Enterprise Server 15 SP6 LTSS (x86_64) * snpguest-debuginfo-0.3.2-150600.3.9.1 * snpguest-0.3.2-150600.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64) * snpguest-debuginfo-0.3.2-150600.3.9.1 * snpguest-0.3.2-150600.3.9.1 * openSUSE Leap 15.6 (x86_64) *snpguest-debuginfo-0.3.2-150600.3.9.1 * snpguest-0.3.2-150600.3.9.1 * snpguest-debugsource-0.3.2-150600.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25727.html * https://bugzilla.suse.com/show_bug.cgi?id=1257927 . Update for snpguest addresses important stack exhaustion security issue on openSUSE and SUSE Linux Enterprise.. openSUSE update,snpguest security,stack exhaustion fix,security update details. . Severity: Important. LinuxSecurity.com Team
Feb 20, 2026
•Important
OpenSUSE
202
security advisorymoderatebuffer overflowFedora Office update-level Critical SA-2028-56789 Revision 2028-45612-8
An update that solves one vulnerability can now be installed.. # snpguest-0.10.0-2.1 on GA media Announcement ID: openSUSE-SU-2026:10182-1 Rating: moderate Cross-References: * CVE-2026-25727 CVSS scores: * CVE-2026-25727 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25727 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the snpguest-0.10.0-2.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * snpguest 0.10.0-2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25727.html . Discover the details about the openSUSE snpguest package update addressing a moderate risk issue, CVE-2026-25727.. openSUSE snpguest update, CVE-2026-25727, Linux security, moderate severity vulnerability. . LinuxSecurity.com Team
Feb 12, 2026
OpenSUSE
100
security advisorymoderateSuSESUSE: snpguest Moderate OpenSSL IDNA Fixes CVE-2024-12224 2025:03445-1
* bsc#1242601 * bsc#1243869 Cross-References: * CVE-2024-12224 . # Security update for snpguest Announcement ID: SUSE-SU-2025:03445-1 Release Date: 2025-10-01T13:10:00Z Rating: moderate References: * bsc#1242601 * bsc#1243869 Cross-References: * CVE-2024-12224 * CVE-2025-3416 CVSS scores: * CVE-2024-12224 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-12224 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-12224 ( NVD ): 5.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-3416 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-3416 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-3416 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for snpguest fixes the following issues: * CVE-2024-12224: idna: acceptance of Punycode labels that do not produce any non-ASCII output may lead to incorrect hostname comparisons and incorrect URL parsing (bsc#1243869). * CVE-2025-3416: openssl: use-after-free in `Md::fetch` and `Cipher::fetch` when `Some(...)` value is passed to the `properties` argument (bsc#1242601). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-3445=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-3445=1 openSUSE-SLE-15.6-2025-3445=1 ## Package List: * Server Applications Module 15-SP6 (x86_64) * snpguest-debuginfo-0.3.2-150600.3.6.1 * snpguest-0.3.2-150600.3.6.1 * openSUSE Leap 15.6 (x86_64) * snpguest-debuginfo-0.3.2-150600.3.6.1 * snpguest-0.3.2-150600.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12224.html * https://www.suse.com/security/cve/CVE-2025-3416.html * https://bugzilla.suse.com/show_bug.cgi?id=1242601 * https://bugzilla.suse.com/show_bug.cgi?id=1243869 . A security update for snpguest addresses two significant issues in SUSE with moderate severity. Explore fixes now.. Linux Update, SUSE Security, snpguest Patch, OpenSSL Fix. . LinuxSecurity.com Team
Oct 01, 2025
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!