Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 26 articles for you...
202
security advisoryimportantkernelopenSUSE 2026 Kernel Significant Security Update SUSE-SU-2026-1830-2
An update that solves four vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 19 for SUSE Linux Enterprise 15 SP6) Announcement ID: SUSE-SU-2026:1801-1 Release Date: 2026-05-09T13:05:07Z Rating: important References: * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel6.4.0-150600.23.84 fixes various security issues The following security issues were fixed: * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-1801=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-1801=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1796=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-1796=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_35-debugsource-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_136-default-debuginfo-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_136-default-5-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_35-debugsource-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_136-default-debuginfo-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_136-default-5-150500.2.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_84-default-debuginfo-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_84-default-5-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_19-debugsource-5-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_84-default-debuginfo-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_84-default-5-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_19-debugsource-5-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 . Update available for openSUSE addressing four critical kernel issues. Immediate action recommended to safeguard system stability.. openSUSE kernel issues, security update, Linux kernel vulnerabilities. . Severity: Important. LinuxSecurity.com Team
May 11, 2026
•Important
OpenSUSE
100
security advisorySuSEimportantSUSE Nodejs20 Important Update Errors Handled SUSE-SU-2026-0435-1
An update that solves seven vulnerabilities can now be installed.. # Security update for nodejs20 Announcement ID: SUSE-SU-2026:0435-1 Release Date: 2026-02-11T09:25:23Z Rating: important References: * bsc#1256569 * bsc#1256570 * bsc#1256571 * bsc#1256573 * bsc#1256574 * bsc#1256576 * bsc#1256848 Cross-References: * CVE-2025-55130 * CVE-2025-55131 * CVE-2025-55132 * CVE-2025-59465 * CVE-2025-59466 * CVE-2026-21637 * CVE-2026-22036 CVSS scores: * CVE-2025-55130 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-55130 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-55130 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-55130 ( NVD ): 7.1 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2025-55131 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-55131 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-55131 ( NVD ): 7.1 CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L * CVE-2025-55132 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-55132 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-55132 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-55132 ( NVD ): 2.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N * CVE-2025-59465 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-59465 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-59465 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-59466 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-59466 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-59466 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-59466 ( NVD ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-21637 (SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-21637 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-21637 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-21637 ( NVD ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-22036 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-22036 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22036 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-22036 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves seven vulnerabilities can now be installed. ## Description: This update for nodejs20 fixes the following issues: * Update to 20.20.0: * CVE-2026-22036: Updated undici to 6.23.0 (bsc#1256848) * CVE-2025-59465: Add TLSSocket default error handler (bsc#1256573) * CVE-2025-55132: Disable futimes when permission model is enabled (bsc#1256571) * CVE-2025-55130: Require full read and write to symlink APIs (bsc#1256569) * CVE-2025-59466: Rethrow stack overflow exceptions in async_hooks (bsc#1256574) * CVE-2025-55131: Refactor unsafe buffer creation to remove zero-fill toggle (bsc#1256570) * CVE-2026-21637: Route callback exceptions through error handlers (bsc#1256576) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-435=1 openSUSE-SLE-15.6-2026-435=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-435=1 * SUSE Linux Enterprise Server for SAPApplications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-435=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * nodejs20-debugsource-20.20.0-150600.3.15.1 * npm20-20.20.0-150600.3.15.1 * nodejs20-20.20.0-150600.3.15.1 * nodejs20-debuginfo-20.20.0-150600.3.15.1 * corepack20-20.20.0-150600.3.15.1 * nodejs20-devel-20.20.0-150600.3.15.1 * openSUSE Leap 15.6 (noarch) * nodejs20-docs-20.20.0-150600.3.15.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * nodejs20-debugsource-20.20.0-150600.3.15.1 * npm20-20.20.0-150600.3.15.1 * nodejs20-20.20.0-150600.3.15.1 * nodejs20-debuginfo-20.20.0-150600.3.15.1 * nodejs20-devel-20.20.0-150600.3.15.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * nodejs20-docs-20.20.0-150600.3.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * nodejs20-debugsource-20.20.0-150600.3.15.1 * npm20-20.20.0-150600.3.15.1 * nodejs20-20.20.0-150600.3.15.1 * nodejs20-debuginfo-20.20.0-150600.3.15.1 * nodejs20-devel-20.20.0-150600.3.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * nodejs20-docs-20.20.0-150600.3.15.1 ## References: * https://www.suse.com/security/cve/CVE-2025-55130.html * https://www.suse.com/security/cve/CVE-2025-55131.html * https://www.suse.com/security/cve/CVE-2025-55132.html * https://www.suse.com/security/cve/CVE-2025-59465.html * https://www.suse.com/security/cve/CVE-2025-59466.html * https://www.suse.com/security/cve/CVE-2026-21637.html * https://www.suse.com/security/cve/CVE-2026-22036.html * https://bugzilla.suse.com/show_bug.cgi?id=1256569 * https://bugzilla.suse.com/show_bug.cgi?id=1256570 * https://bugzilla.suse.com/show_bug.cgi?id=1256571 * https://bugzilla.suse.com/show_bug.cgi?id=1256573 * https://bugzilla.suse.com/show_bug.cgi?id=1256574 * https://bugzilla.suse.com/show_bug.cgi?id=1256576 *https://bugzilla.suse.com/show_bug.cgi?id=1256848 . Update for nodejs20 addresses seven critical issues with important fixes for SUSE environments. Install now for better security.. SUSE nodejs20 security patch important updates 2026. . Severity: Important. LinuxSecurity.com Team
Feb 11, 2026
•Important
SuSE
172
security advisoryUbuntusecurity patchUbuntu 22.04 LTS: USN-7510-7 Critical Linux Kernel Update
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-7510-7 May 28, 2025 linux-aws, linux-intel-iotg-5.15, linux-nvidia-tegra-igx, linux-raspi vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-nvidia-tegra-igx: Linux kernel for NVIDIA Tegra IGX systems - linux-raspi: Linux kernel for Raspberry Pi systems - linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device driver; - Bus devices; - Character device driver; - TPM device driver; - Clock framework and drivers; - GPIO subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - InfiniBand drivers; - Media drivers; - NVIDIA Tegra memory controller driver; - Network drivers; - PCI subsystem; - PPS (Pulse Per Second) driver; - PTP clock framework; - RapidIO drivers; - Real Time Clock drivers; - SLIMbus drivers; - QCOM SoC drivers; - Trusted Execution Environment drivers; - TTY drivers; - USB DSL drivers; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - ACRN Hypervisor Service Module driver; - File systems infrastructure; - BTRFS file system; - F2FS file system; - Network file system (NFS) server daemon; - NILFS2 file system; - Overlay file system; - SMB network file system; -UBI file system; - KVM subsystem; - L3 Master device support module; - Process Accounting mechanism; - Padata parallel execution mechanism; - printk logging mechanism; - Scheduler infrastructure; - Timer subsystem; - Tracing infrastructure; - Memory management; - 802.1Q VLAN protocol; - B.A.T.M.A.N. meshing protocol; - Networking core; - IPv4 networking; - IPv6 networking; - Logical Link layer; - Multipath TCP; - Netfilter; - NFC subsystem; - Open vSwitch; - Rose network layer; - Network traffic control; - Wireless networking; - Landlock security; - Linux Security Modules (LSM) Framework; - Tomoyo security module; (CVE-2025-21767, CVE-2025-21875, CVE-2025-21719, CVE-2025-21760, CVE-2025-21704, CVE-2025-21749, CVE-2024-56721, CVE-2025-21731, CVE-2025-21910, CVE-2024-58063, CVE-2025-21835, CVE-2025-21726, CVE-2024-58086, CVE-2025-21934, CVE-2024-58014, CVE-2025-21904, CVE-2024-56599, CVE-2025-21727, CVE-2025-21877, CVE-2025-21799, CVE-2024-58071, CVE-2025-21776, CVE-2025-21905, CVE-2025-21926, CVE-2025-21922, CVE-2025-21858, CVE-2024-47726, CVE-2025-21647, CVE-2025-21764, CVE-2025-21862, CVE-2025-21846, CVE-2025-21848, CVE-2024-57973, CVE-2025-21796, CVE-2025-21814, CVE-2025-21878, CVE-2025-21898, CVE-2025-21795, CVE-2025-21735, CVE-2025-21785, CVE-2025-21950, CVE-2024-26982, CVE-2024-57986, CVE-2025-21948, CVE-2024-58072, CVE-2025-21766, CVE-2025-21715, CVE-2025-21920, CVE-2025-21823, CVE-2024-58020, CVE-2024-58017, CVE-2024-58069, CVE-2025-21871, CVE-2024-58085, CVE-2025-21791, CVE-2025-21765, CVE-2025-21782, CVE-2024-58001, CVE-2025-21909, CVE-2024-58079, CVE-2025-21811, CVE-2025-21943, CVE-2025-21924, CVE-2025-21928, CVE-2025-21826, CVE-2025-21708, CVE-2025-21802, CVE-2025-21951, CVE-2025-21744, CVE-2025-21925, CVE-2025-21971, CVE-2024-58076, CVE-2025-21761, CVE-2025-21914, CVE-2025-21684, CVE-2024-58083, CVE-2025-21830, CVE-2025-21887, CVE-2025-21748, CVE-2025-21721, CVE-2024-57980, CVE-2024-58034, CVE-2025-21935, CVE-2025-21859, CVE-2024-58052,CVE-2025-21912, CVE-2025-21753, CVE-2025-21787, CVE-2025-21806, CVE-2025-21917, CVE-2025-21718, CVE-2024-57979, CVE-2025-21866, CVE-2025-21758, CVE-2025-21781, CVE-2025-21711, CVE-2025-21745, CVE-2024-58051, CVE-2024-58016, CVE-2024-58002, CVE-2025-21844, CVE-2024-57977, CVE-2024-57981, CVE-2025-21728, CVE-2024-58090, CVE-2024-58007, CVE-2025-21763, CVE-2025-21762, CVE-2024-58005, CVE-2025-21916, CVE-2024-57834, CVE-2025-21707, CVE-2025-21865, CVE-2025-21736, CVE-2024-57978, CVE-2025-21919, CVE-2025-21820, CVE-2025-21804, CVE-2025-21722, CVE-2024-58055, CVE-2025-21779, CVE-2025-21772, CVE-2024-58010, CVE-2024-58058) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS linux-image-5.15.0-1026-nvidia-tegra-igx 5.15.0-1026.26 linux-image-5.15.0-1026-nvidia-tegra-igx-rt 5.15.0-1026.26 linux-image-5.15.0-1078-raspi 5.15.0-1078.81 linux-image-5.15.0-1084-aws 5.15.0-1084.91 linux-image-aws-lts-22.04 5.15.0.1084.86 linux-image-nvidia-tegra-igx 5.15.0.1026.28 linux-image-nvidia-tegra-igx-rt 5.15.0.1026.28 linux-image-raspi 5.15.0.1078.76 linux-image-raspi-nolpae 5.15.0.1078.76 Ubuntu 20.04 LTS linux-image-5.15.0-1079-intel-iotg 5.15.0-1079.85~20.04.1 linux-image-intel 5.15.0.1079.85~20.04.1 linux-image-intel-iotg 5.15.0.1079.85~20.04.1 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-7510-7 https://ubuntu.com/security/notices/USN-7510-6 https://ubuntu.com/security/notices/USN-7510-5 https://ubuntu.com/security/notices/USN-7510-4 https://ubuntu.com/security/notices/USN-7510-3 https://ubuntu.com/security/notices/USN-7510-2 https://ubuntu.com/security/notices/USN-7510-1 CVE-2024-26982, CVE-2024-47726, CVE-2024-56599, CVE-2024-56721, CVE-2024-57834, CVE-2024-57973, CVE-2024-57977, CVE-2024-57978, CVE-2024-57979, CVE-2024-57980, CVE-2024-57981, CVE-2024-57986, CVE-2024-58001, CVE-2024-58002, CVE-2024-58005, CVE-2024-58007, CVE-2024-58010, CVE-2024-58014, CVE-2024-58016, CVE-2024-58017, CVE-2024-58020, CVE-2024-58034, CVE-2024-58051, CVE-2024-58052, CVE-2024-58055, CVE-2024-58058, CVE-2024-58063, CVE-2024-58069, CVE-2024-58071, CVE-2024-58072, CVE-2024-58076, CVE-2024-58079, CVE-2024-58083, CVE-2024-58085, CVE-2024-58086, CVE-2024-58090, CVE-2025-21647, CVE-2025-21684, CVE-2025-21704, CVE-2025-21707, CVE-2025-21708, CVE-2025-21711, CVE-2025-21715, CVE-2025-21718, CVE-2025-21719, CVE-2025-21721, CVE-2025-21722, CVE-2025-21726, CVE-2025-21727, CVE-2025-21728, CVE-2025-21731, CVE-2025-21735, CVE-2025-21736, CVE-2025-21744, CVE-2025-21745, CVE-2025-21748, CVE-2025-21749, CVE-2025-21753, CVE-2025-21758, CVE-2025-21760, CVE-2025-21761, CVE-2025-21762, CVE-2025-21763, CVE-2025-21764, CVE-2025-21765, CVE-2025-21766, CVE-2025-21767, CVE-2025-21772, CVE-2025-21776, CVE-2025-21779, CVE-2025-21781, CVE-2025-21782, CVE-2025-21785, CVE-2025-21787, CVE-2025-21791, CVE-2025-21795, CVE-2025-21796, CVE-2025-21799, CVE-2025-21802, CVE-2025-21804, CVE-2025-21806, CVE-2025-21811, CVE-2025-21814, CVE-2025-21820, CVE-2025-21823, CVE-2025-21826, CVE-2025-21830, CVE-2025-21835, CVE-2025-21844, CVE-2025-21846, CVE-2025-21848, CVE-2025-21858, CVE-2025-21859, CVE-2025-21862, CVE-2025-21865, CVE-2025-21866, CVE-2025-21871, CVE-2025-21875, CVE-2025-21877, CVE-2025-21878, CVE-2025-21887, CVE-2025-21898, CVE-2025-21904, CVE-2025-21905, CVE-2025-21909, CVE-2025-21910, CVE-2025-21912, CVE-2025-21914, CVE-2025-21916,CVE-2025-21917, CVE-2025-21919, CVE-2025-21920, CVE-2025-21922, CVE-2025-21924, CVE-2025-21925, CVE-2025-21926, CVE-2025-21928, CVE-2025-21934, CVE-2025-21935, CVE-2025-21943, CVE-2025-21948, CVE-2025-21950, CVE-2025-21951, CVE-2025-21971 Package Information: https://launchpad.net/ubuntu/+source/linux-aws/5.15.0-1084.91 https://launchpad.net/ubuntu/+source/linux-nvidia-tegra-igx/5.15.0-1026.26 https://launchpad.net/ubuntu/+source/linux-raspi/5.15.0-1078.81 https://launchpad.net/ubuntu/+source/linux-intel-iotg-5.15/5.15.0-1079.85~20.04.1 . Keep up to date with the newest security enhancements and resolved vulnerabilities in the Linux kernel of Ubuntu.. Linux Kernel Updates, Ubuntu Security Advisory, System Vulnerabilities, Linux Security Fixes. . Severity: Critical. LinuxSecurity.com Team
May 28, 2025
•Critical
Ubuntu
172
security advisorykernelthreat mitigationUbuntu 24.10: USN-7521-1 critical: Linux kernel fixes for multiple threats
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-7521-1 May 20, 2025 linux, linux-azure, linux-azure-6.11, linux-gcp, linux-gcp-6.11, linux-hwe-6.11, linux-oem-6.11, linux-raspi, linux-realtime vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.10 - Ubuntu 24.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-raspi: Linux kernel for Raspberry Pi systems - linux-realtime: Linux kernel for Real-time systems - linux-azure-6.11: Linux kernel for Microsoft Azure cloud systems - linux-gcp-6.11: Linux kernel for Google Cloud Platform (GCP) systems - linux-hwe-6.11: Linux hardware enablement (HWE) kernel - linux-oem-6.11: Linux kernel for OEM systems Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Serial ATA and Parallel ATA drivers; - Drivers core; - Network block device driver; - Bluetooth drivers; - Character device driver; - TPM device driver; - Clock framework and drivers; - Hardware crypto device drivers; - FireWire subsystem; - EFI core; - Qualcomm firmware drivers; - GPIO subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - I3C subsystem; - InfiniBand drivers; - Input Device (Mouse) drivers; - IOMMU subsystem; - Multiple devices driver; - Media drivers; - NVIDIA Tegra memory controller driver; - Fastrpc Driver; - Network drivers; - Operating Performance Points (OPP) driver; - PCIsubsystem; - x86 platform drivers; - PPS (Pulse Per Second) driver; - PTP clock framework; - Remote Processor subsystem; - Real Time Clock drivers; - S/390 drivers; - SCSI subsystem; - QCOM SoC drivers; - SPI subsystem; - Media staging drivers; - Trusted Execution Environment drivers; - TTY drivers; - UFS subsystem; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - USB Host Controller drivers; - Framebuffer layer; - File systems infrastructure; - BTRFS file system; - Ceph distributed file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - Overlay file system; - SMB network file system; - UBI file system; - BPF subsystem; - Timer subsystem; - KVM subsystem; - Networking core; - ptr_ring data structure definitions; - Networking subsytem; - Amateur Radio drivers; - L3 Master device support module; - TCP network protocol; - XFRM subsystem; - Tracing infrastructure; - io_uring subsystem; - Process Accounting mechanism; - Perf events; - Padata parallel execution mechanism; - printk logging mechanism; - Scheduler infrastructure; - Workqueue subsystem; - Memory management; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - NFC subsystem; - Open vSwitch; - Rose network layer; - RxRPC session sockets; - Network traffic control; - Wireless networking; - Key management; - Landlock security; - Linux Security Modules (LSM) Framework; - Tomoyo security module; - SoC audio core drivers; - SOF drivers; (CVE-2025-21737, CVE-2025-21711, CVE-2025-21987, CVE-2025-21848, CVE-2024-49570, CVE-2025-21762, CVE-2025-21738, CVE-2025-21712, CVE-2025-21719, CVE-2025-21870, CVE-2024-57984, CVE-2025-21815, CVE-2025-21744, CVE-2024-58058, CVE-2024-58078, CVE-2024-57990, CVE-2024-54458, CVE-2025-21899, CVE-2025-21814,CVE-2025-21746, CVE-2024-54456, CVE-2025-21739, CVE-2024-58057, CVE-2025-21855, CVE-2025-21758, CVE-2024-58006, CVE-2024-58007, CVE-2025-21720, CVE-2024-58090, CVE-2025-21852, CVE-2024-57982, CVE-2024-58013, CVE-2024-58082, CVE-2025-21825, CVE-2024-58072, CVE-2024-57996, CVE-2025-21787, CVE-2025-21742, CVE-2025-21705, CVE-2025-21829, CVE-2024-58060, CVE-2025-21811, CVE-2025-21900, CVE-2025-21853, CVE-2025-21809, CVE-2025-21938, CVE-2025-21728, CVE-2025-21785, CVE-2025-21732, CVE-2025-21888, CVE-2025-21768, CVE-2025-21875, CVE-2025-21721, CVE-2025-21766, CVE-2025-21892, CVE-2024-57953, CVE-2025-21772, CVE-2025-21735, CVE-2024-58017, CVE-2024-58086, CVE-2024-58084, CVE-2025-21761, CVE-2024-58008, CVE-2024-57988, CVE-2025-21874, CVE-2024-58011, CVE-2025-21706, CVE-2024-57999, CVE-2025-21858, CVE-2024-58061, CVE-2025-21727, CVE-2025-21780, CVE-2024-58051, CVE-2025-21791, CVE-2025-21788, CVE-2025-21786, CVE-2024-58012, CVE-2024-58010, CVE-2024-58001, CVE-2025-21844, CVE-2025-21708, CVE-2024-57834, CVE-2025-21873, CVE-2025-21704, CVE-2025-21765, CVE-2025-21839, CVE-2025-21723, CVE-2024-57974, CVE-2025-21876, CVE-2025-21782, CVE-2025-21866, CVE-2024-58076, CVE-2025-21724, CVE-2025-21895, CVE-2025-21770, CVE-2025-21835, CVE-2024-58052, CVE-2025-21827, CVE-2024-58069, CVE-2025-21828, CVE-2025-21734, CVE-2025-21781, CVE-2025-21971, CVE-2025-21775, CVE-2024-52559, CVE-2024-58020, CVE-2025-21713, CVE-2024-58068, CVE-2024-58018, CVE-2025-21806, CVE-2025-21802, CVE-2025-21731, CVE-2025-21741, CVE-2025-21847, CVE-2025-21767, CVE-2024-58003, CVE-2024-57993, CVE-2025-21725, CVE-2025-21796, CVE-2025-21764, CVE-2025-21862, CVE-2025-21733, CVE-2024-58075, CVE-2025-21808, CVE-2024-58034, CVE-2025-21707, CVE-2024-58080, CVE-2025-21784, CVE-2024-57994, CVE-2025-21890, CVE-2025-21754, CVE-2024-58063, CVE-2025-21826, CVE-2025-21821, CVE-2024-58079, CVE-2024-58056, CVE-2025-21798, CVE-2024-58077, CVE-2024-58019, CVE-2025-21748, CVE-2025-21759, CVE-2024-58004, CVE-2024-58081, CVE-2024-57978, CVE-2025-21865, CVE-2024-58002, CVE-2025-21810,CVE-2025-21743, CVE-2024-57989, CVE-2025-21718, CVE-2024-57987, CVE-2025-21877, CVE-2024-57973, CVE-2024-58070, CVE-2024-58071, CVE-2025-21891, CVE-2024-58021, CVE-2024-58016, CVE-2024-58005, CVE-2025-21760, CVE-2025-21883, CVE-2025-21878, CVE-2025-21881, CVE-2025-21838, CVE-2025-21783, CVE-2024-57986, CVE-2025-21793, CVE-2025-21859, CVE-2025-21792, CVE-2025-21820, CVE-2025-21799, CVE-2025-21750, CVE-2025-21795, CVE-2025-21854, CVE-2025-21836, CVE-2025-21726, CVE-2025-21846, CVE-2025-21864, CVE-2024-57977, CVE-2025-21887, CVE-2025-21710, CVE-2025-21889, CVE-2025-21812, CVE-2025-21773, CVE-2024-57852, CVE-2025-21856, CVE-2025-21871, CVE-2025-21763, CVE-2024-58064, CVE-2025-21804, CVE-2024-58055, CVE-2025-21898, CVE-2025-21776, CVE-2025-21869, CVE-2025-21745, CVE-2025-21736, CVE-2025-21716, CVE-2024-57981, CVE-2024-57979, CVE-2025-21715, CVE-2024-57998, CVE-2025-21790, CVE-2024-58085, CVE-2025-21749, CVE-2024-58088, CVE-2025-21753, CVE-2025-21851, CVE-2024-58054, CVE-2025-21830, CVE-2025-21832, CVE-2024-57980, CVE-2025-21885, CVE-2025-21863, CVE-2024-58053, CVE-2025-21823, CVE-2025-21857, CVE-2024-58083, CVE-2024-58014, CVE-2025-21816, CVE-2025-21779, CVE-2025-21872, CVE-2024-57997, CVE-2025-21867, CVE-2024-57985, CVE-2025-21831, CVE-2025-21801, CVE-2025-21868, CVE-2025-21849) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.10 linux-image-6.11.0-1010-realtime 6.11.0-1010.10 linux-image-6.11.0-1013-raspi 6.11.0-1013.13 linux-image-6.11.0-1015-azure 6.11.0-1015.15 linux-image-6.11.0-1015-azure-fde 6.11.0-1015.15 linux-image-6.11.0-1015-gcp 6.11.0-1015.15 linux-image-6.11.0-1015-gcp-64k 6.11.0-1015.15 linux-image-6.11.0-26-generic 6.11.0-26.26 linux-image-6.11.0-26-generic-64k 6.11.0-26.26 linux-image-azure 6.11.0-1015.15 linux-image-azure-fde 6.11.0-1015.15 linux-image-gcp 6.11.0-1015.15 linux-image-gcp-64k 6.11.0-1015.15 linux-image-generic 6.11.0-26.26 linux-image-generic-64k 6.11.0-26.26 linux-image-raspi 6.11.0-1013.13 linux-image-realtime 6.11.0-1010.10 linux-image-virtual 6.11.0-26.26 Ubuntu 24.04 LTS linux-image-6.11.0-1015-azure 6.11.0-1015.15~24.04.1 linux-image-6.11.0-1015-azure-fde 6.11.0-1015.15~24.04.1 linux-image-6.11.0-1015-gcp 6.11.0-1015.15~24.04.1 linux-image-6.11.0-1015-gcp-64k 6.11.0-1015.15~24.04.1 linux-image-6.11.0-1022-oem 6.11.0-1022.22 linux-image-6.11.0-26-generic 6.11.0-26.26~24.04.1 linux-image-6.11.0-26-generic-64k 6.11.0-26.26~24.04.1 linux-image-azure 6.11.0-1015.15~24.04.1 linux-image-azure-fde 6.11.0-1015.15~24.04.1 linux-image-gcp 6.11.0-1015.15~24.04.1 linux-image-gcp-64k 6.11.0-1015.15~24.04.1 linux-image-generic-64k-hwe-24.04 6.11.0-26.26~24.04.1 linux-image-generic-hwe-24.04 6.11.0-26.26~24.04.1 linux-image-oem-24.04b 6.11.0-1022.22 linux-image-virtual-hwe-24.04 6.11.0-26.26~24.04.1 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-7521-1 CVE-2024-49570, CVE-2024-52559, CVE-2024-54456, CVE-2024-54458, CVE-2024-57834, CVE-2024-57852, CVE-2024-57953, CVE-2024-57973, CVE-2024-57974, CVE-2024-57977, CVE-2024-57978, CVE-2024-57979, CVE-2024-57980, CVE-2024-57981, CVE-2024-57982, CVE-2024-57984, CVE-2024-57985, CVE-2024-57986, CVE-2024-57987, CVE-2024-57988, CVE-2024-57989, CVE-2024-57990, CVE-2024-57993, CVE-2024-57994, CVE-2024-57996, CVE-2024-57997, CVE-2024-57998, CVE-2024-57999, CVE-2024-58001, CVE-2024-58002, CVE-2024-58003, CVE-2024-58004, CVE-2024-58005, CVE-2024-58006, CVE-2024-58007, CVE-2024-58008, CVE-2024-58010, CVE-2024-58011, CVE-2024-58012, CVE-2024-58013, CVE-2024-58014, CVE-2024-58016, CVE-2024-58017, CVE-2024-58018, CVE-2024-58019, CVE-2024-58020, CVE-2024-58021, CVE-2024-58034, CVE-2024-58051, CVE-2024-58052, CVE-2024-58053, CVE-2024-58054, CVE-2024-58055, CVE-2024-58056, CVE-2024-58057, CVE-2024-58058, CVE-2024-58060, CVE-2024-58061, CVE-2024-58063, CVE-2024-58064, CVE-2024-58068, CVE-2024-58069, CVE-2024-58070, CVE-2024-58071, CVE-2024-58072, CVE-2024-58075, CVE-2024-58076, CVE-2024-58077, CVE-2024-58078, CVE-2024-58079, CVE-2024-58080, CVE-2024-58081, CVE-2024-58082, CVE-2024-58083, CVE-2024-58084, CVE-2024-58085, CVE-2024-58086, CVE-2024-58088, CVE-2024-58090, CVE-2025-21704, CVE-2025-21705, CVE-2025-21706, CVE-2025-21707, CVE-2025-21708, CVE-2025-21710, CVE-2025-21711, CVE-2025-21712, CVE-2025-21713, CVE-2025-21715, CVE-2025-21716, CVE-2025-21718, CVE-2025-21719, CVE-2025-21720, CVE-2025-21721, CVE-2025-21723, CVE-2025-21724, CVE-2025-21725, CVE-2025-21726, CVE-2025-21727, CVE-2025-21728, CVE-2025-21731, CVE-2025-21732, CVE-2025-21733, CVE-2025-21734, CVE-2025-21735, CVE-2025-21736, CVE-2025-21737, CVE-2025-21738, CVE-2025-21739, CVE-2025-21741, CVE-2025-21742, CVE-2025-21743, CVE-2025-21744, CVE-2025-21745, CVE-2025-21746, CVE-2025-21748, CVE-2025-21749, CVE-2025-21750, CVE-2025-21753, CVE-2025-21754, CVE-2025-21758, CVE-2025-21759, CVE-2025-21760, CVE-2025-21761, CVE-2025-21762, CVE-2025-21763, CVE-2025-21764, CVE-2025-21765, CVE-2025-21766, CVE-2025-21767, CVE-2025-21768, CVE-2025-21770, CVE-2025-21772, CVE-2025-21773, CVE-2025-21775, CVE-2025-21776, CVE-2025-21779, CVE-2025-21780, CVE-2025-21781, CVE-2025-21782, CVE-2025-21783, CVE-2025-21784, CVE-2025-21785, CVE-2025-21786, CVE-2025-21787, CVE-2025-21788, CVE-2025-21790, CVE-2025-21791, CVE-2025-21792, CVE-2025-21793, CVE-2025-21795, CVE-2025-21796, CVE-2025-21798, CVE-2025-21799, CVE-2025-21801, CVE-2025-21802, CVE-2025-21804, CVE-2025-21806, CVE-2025-21808, CVE-2025-21809, CVE-2025-21810, CVE-2025-21811, CVE-2025-21812, CVE-2025-21814, CVE-2025-21815, CVE-2025-21816, CVE-2025-21820, CVE-2025-21821, CVE-2025-21823, CVE-2025-21825, CVE-2025-21826, CVE-2025-21827, CVE-2025-21828, CVE-2025-21829, CVE-2025-21830, CVE-2025-21831, CVE-2025-21832, CVE-2025-21835, CVE-2025-21836, CVE-2025-21838, CVE-2025-21839, CVE-2025-21844, CVE-2025-21846, CVE-2025-21847, CVE-2025-21848, CVE-2025-21849, CVE-2025-21851, CVE-2025-21852, CVE-2025-21853, CVE-2025-21854, CVE-2025-21855, CVE-2025-21856, CVE-2025-21857, CVE-2025-21858, CVE-2025-21859, CVE-2025-21862, CVE-2025-21863, CVE-2025-21864, CVE-2025-21865, CVE-2025-21866, CVE-2025-21867, CVE-2025-21868, CVE-2025-21869, CVE-2025-21870, CVE-2025-21871, CVE-2025-21872, CVE-2025-21873, CVE-2025-21874, CVE-2025-21875, CVE-2025-21876, CVE-2025-21877, CVE-2025-21878, CVE-2025-21881, CVE-2025-21883, CVE-2025-21885, CVE-2025-21887, CVE-2025-21888, CVE-2025-21889, CVE-2025-21890, CVE-2025-21891, CVE-2025-21892, CVE-2025-21895, CVE-2025-21898, CVE-2025-21899, CVE-2025-21900, CVE-2025-21938, CVE-2025-21971, CVE-2025-21987 Package Information: https://launchpad.net/ubuntu/+source/linux/6.11.0-26.26 https://launchpad.net/ubuntu/+source/linux-azure/6.11.0-1015.15 https://launchpad.net/ubuntu/+source/linux-gcp/6.11.0-1015.15 https://launchpad.net/ubuntu/+source/linux-raspi/6.11.0-1013.13 https://launchpad.net/ubuntu/+source/linux-realtime/6.11.0-1010.10 https://launchpad.net/ubuntu/+source/linux-azure-6.11/6.11.0-1015.15~24.04.1 https://launchpad.net/ubuntu/+source/linux-gcp-6.11/6.11.0-1015.15~24.04.1 https://launchpad.net/ubuntu/+source/linux-hwe-6.11/6.11.0-26.26~24.04.1 https://launchpad.net/ubuntu/+source/linux-oem-6.11/6.11.0-1022.22 . Important updates for the Linux kernel in Ubuntu have been issued, tacklingseveral vulnerabilities and necessitating system upgrades.. Linux Kernel Security, Ubuntu Security Updates, Threat Mitigation, System Vulnerabilities. . Severity: Critical. LinuxSecurity.com Team
May 20, 2025
•Critical
Ubuntu
100
security advisoryimportantupdatesSUSE: 2025:0849-1 important: MozillaThunderbird Security Advisory Updates
* bsc#1237683 Cross-References: * CVE-2024-43097 * CVE-2025-1930 . # Security update for MozillaThunderbird Announcement ID: SUSE-SU-2025:0849-1 Release Date: 2025-03-12T15:12:49Z Rating: important References: * bsc#1237683 Cross-References: * CVE-2024-43097 * CVE-2025-1930 * CVE-2025-1931 * CVE-2025-1932 * CVE-2025-1933 * CVE-2025-1934 * CVE-2025-1935 * CVE-2025-1936 * CVE-2025-1937 * CVE-2025-1938 * CVE-2025-26695 * CVE-2025-26696 CVSS scores: * CVE-2024-43097 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-43097 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-43097 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-1930 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-1930 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H * CVE-2025-1930 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-1931 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-1931 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2025-1932 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-1932 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H * CVE-2025-1932 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-1933 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-1933 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2025-1933 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2025-1934 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-1934 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-1934 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-1935 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-1935 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2025-1935 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2025-1936 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-1936 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2025-1937 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-1937 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-1938 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-1938 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-1938 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-26695 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-26695 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-26696 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-26696 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-26696 ( NVD ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves 12 vulnerabilities can now be installed. ## Description: This update for MozillaThunderbird fixes the following issues: Updated to Mozilla Thunderbird 128.8 MFSA 2025-18 (bsc#1237683): * CVE-2024-43097: Overflow when growing an SkRegion's RunArray * CVE-2025-1930: AudioIPC StreamData could trigger a use-after-free in the Browser process * CVE-2025-1931: Use-after-free in WebTransportChild * CVE-2025-1932:Inconsistent comparator in XSLT sorting led to out-of-bounds access * CVE-2025-1933: JIT corruption of WASM i32 return values on 64-bit CPUs * CVE-2025-1934: Unexpected GC during RegExp bailout processing * CVE-2025-1935: Clickjacking the registerProtocolHandler info-bar * CVE-2025-1936: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents * CVE-2025-1937: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21, Firefox ESR 128.8, and Thunderbird 128.8 * CVE-2025-1938: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8 * CVE-2025-26695: Downloading of OpenPGP keys from WKD used incorrect padding * CVE-2025-26696: Crafted email message incorrectly shown as being encrypted Other fixes: * Opening an .EML file in profiles with many folders could take a long time. * Users with many folders experienced poor performance when resizing message panes. *"Replace" button in compose window was overwritten when the window was narrow. * Export to mobile did not work when "Use default server" was selected. * "Save Link As" was not working in feed web content. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-849=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-849=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-849=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * MozillaThunderbird-debugsource-128.8.0-150200.8.203.1 * MozillaThunderbird-translations-common-128.8.0-150200.8.203.1 * MozillaThunderbird-translations-other-128.8.0-150200.8.203.1 * MozillaThunderbird-debuginfo-128.8.0-150200.8.203.1 *MozillaThunderbird-128.8.0-150200.8.203.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x) * MozillaThunderbird-debugsource-128.8.0-150200.8.203.1 * MozillaThunderbird-translations-common-128.8.0-150200.8.203.1 * MozillaThunderbird-translations-other-128.8.0-150200.8.203.1 * MozillaThunderbird-debuginfo-128.8.0-150200.8.203.1 * MozillaThunderbird-128.8.0-150200.8.203.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * MozillaThunderbird-debugsource-128.8.0-150200.8.203.1 * MozillaThunderbird-translations-common-128.8.0-150200.8.203.1 * MozillaThunderbird-translations-other-128.8.0-150200.8.203.1 * MozillaThunderbird-debuginfo-128.8.0-150200.8.203.1 * MozillaThunderbird-128.8.0-150200.8.203.1 ## References: * https://www.suse.com/security/cve/CVE-2024-43097.html * https://www.suse.com/security/cve/CVE-2025-1930.html * https://www.suse.com/security/cve/CVE-2025-1931.html * https://www.suse.com/security/cve/CVE-2025-1932.html * https://www.suse.com/security/cve/CVE-2025-1933.html * https://www.suse.com/security/cve/CVE-2025-1934.html * https://www.suse.com/security/cve/CVE-2025-1935.html * https://www.suse.com/security/cve/CVE-2025-1936.html * https://www.suse.com/security/cve/CVE-2025-1937.html * https://www.suse.com/security/cve/CVE-2025-1938.html * https://www.suse.com/security/cve/CVE-2025-26695.html * https://www.suse.com/security/cve/CVE-2025-26696.html * https://bugzilla.suse.com/show_bug.cgi?id=1237683 . MozillaThunderbird 128.8 receives security updates to fix important memory-related issues and improve user safety.. bsc#1237683, cross-references, cve-2024-43097, cve-2025-1930, security, update, mozillathunde. . Severity: Important. LinuxSecurity.com Team
Mar 12, 2025
•Important
SuSE
202
security advisorysecurity updateupdateopenSUSE: 2025:0788-1 important: Memory safety fixes in Firefox
An update that solves 10 vulnerabilities can now be installed.. # Security update for MozillaFirefox Announcement ID: SUSE-SU-2025:0788-1 Release Date: 2025-03-05T15:31:12Z Rating: important References: * bsc#1237683 Cross-References: * CVE-2024-43097 * CVE-2025-1930 * CVE-2025-1931 * CVE-2025-1932 * CVE-2025-1933 * CVE-2025-1934 * CVE-2025-1935 * CVE-2025-1936 * CVE-2025-1937 * CVE-2025-1938 CVSS scores: * CVE-2024-43097 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-43097 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-43097 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-1930 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-1930 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H * CVE-2025-1931 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-1931 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2025-1932 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-1932 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H * CVE-2025-1932 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-1933 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-1933 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2025-1933 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2025-1934 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-1934 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-1934 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-1935 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-1935 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2025-1935 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2025-1936 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-1936 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2025-1937 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-1937 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-1938 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-1938 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-1938 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes thefollowing issues: Security Vulnerabilities fixed in Firefox ESR 128.8 (MFSA 2025-16) (bsc#1237683) \- CVE-2024-43097: Overflow when growing an SkRegion's RunArray \- CVE-2025-1930: AudioIPC StreamData could trigger a use-after-free in the Browser process \- CVE-2025-1931: Use-after-free in WebTransportChild \- CVE-2025-1932: Inconsistent comparator in XSLT sorting led to out-of-bounds access \- CVE-2025-1933: JIT corruption of WASM i32 return values on 64-bit CPUs \- CVE-2025-1934: Unexpected GC during RegExp bailout processing \- CVE-2025-1935: Clickjacking the registerProtocolHandler info-bar \- CVE-2025-1936: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents \- CVE-2025-1937: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21, Firefox ESR 128.8, and Thunderbird 128.8 \- CVE-2025-1938: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-788=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-788=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-788=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-788=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-788=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-788=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patchSUSE-SLE-Product-HPC-15-SP5-LTSS-2025-788=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-788=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-788=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-788=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-788=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-788=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-788=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-788=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * MozillaFirefox-branding-upstream-128.8.0-150200.152.173.1 * openSUSE Leap 15.6 (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * Desktop Applications Module 15-SP6 (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 *MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 *MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 *MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * SUSE Enterprise Storage 7.1 (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 ## References: * https://www.suse.com/security/cve/CVE-2024-43097.html * https://www.suse.com/security/cve/CVE-2025-1930.html * https://www.suse.com/security/cve/CVE-2025-1931.html * https://www.suse.com/security/cve/CVE-2025-1932.html * https://www.suse.com/security/cve/CVE-2025-1933.html * https://www.suse.com/security/cve/CVE-2025-1934.html * https://www.suse.com/security/cve/CVE-2025-1935.html *https://www.suse.com/security/cve/CVE-2025-1936.html * https://www.suse.com/security/cve/CVE-2025-1937.html * https://www.suse.com/security/cve/CVE-2025-1938.html * https://bugzilla.suse.com/show_bug.cgi?id=1237683 . Essential advisement for MozillaFirefox targeting multiple vulnerabilities in openSUSE. Apply suggested updates.. MozillaFirefox Security Update, openSUSE Patch, Software Vulnerability Fixes. . Severity: Important. LinuxSecurity.com Team
Mar 05, 2025
•Important
OpenSUSE
202
security advisorymoderateupdateopenSUSE Tumbleweed: 2024:14608-1 moderate: govulncheck advisory
An update that solves 4 vulnerabilities can now be installed.. # govulncheck-vulndb-0.0.20241220T214820-1.1 on GA media Announcement ID: openSUSE-SU-2024:14608-1 Rating: moderate Cross-References: * CVE-2024-12678 * CVE-2024-25131 * CVE-2024-43803 * CVE-2024-9779 CVSS scores: * CVE-2024-12678 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-12678 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves 4 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the govulncheck-vulndb-0.0.20241220T214820-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * govulncheck-vulndb 0.0.20241220T214820-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12678.html * https://www.suse.com/security/cve/CVE-2024-25131.html * https://www.suse.com/security/cve/CVE-2024-43803.html * https://www.suse.com/security/cve/CVE-2024-9779.html . System patch released for govulncheck addressing various vulnerabilities on openSUSE Tumbleweed; moderate risk identified.. govulncheck,vulndb,openSUSE,security update,Tumbleweed. . LinuxSecurity.com Team
Dec 23, 2024
OpenSUSE
202
security advisorycritical updatesecurity patchCritical Opera Security Patch Released for openSUSE: 2024:0210-2
An update that fixes 22 vulnerabilities is now available. . openSUSE Security Update: Security update for opera ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0205-1 Rating: important References: Cross-References: CVE-2024-5830 CVE-2024-5831 CVE-2024-5832 CVE-2024-5833 CVE-2024-5834 CVE-2024-5835 CVE-2024-5836 CVE-2024-5837 CVE-2024-5838 CVE-2024-5839 CVE-2024-5840 CVE-2024-5841 CVE-2024-5842 CVE-2024-5843 CVE-2024-5844 CVE-2024-5845 CVE-2024-5846 CVE-2024-5847 CVE-2024-6290 CVE-2024-6291 CVE-2024-6292 CVE-2024-6293 CVSS scores: CVE-2024-5830 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5831 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5832 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5833 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5834 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5835 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5836 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5837 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5838 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5839 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2024-5840 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2024-5841 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5842 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5843 (NVD) : 6.5CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2024-5844 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5845 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5846 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5847 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.5:NonFree ______________________________________________________________________________ An update that fixes 22 vulnerabilities is now available. Description: This update for opera fixes the following issues: - Update to 112.0.5197.25 * CHR-9787 Update Chromium on desktop-stable-126-5197 to 126.0.6478.127 - The update to chromium 126.0.6478.127 fixes following issues: CVE-2024-6290, CVE-2024-6291, CVE-2024-6292, CVE-2024-6293 - Update to 112.0.5197.24 * CHR-9762 Update Chromium on desktop-stable-126-5197 to 126.0.6478.62 * DNA-117001 Crash at base::internal::check_is_test_impl (base::NotFatalUntil) * DNA-117050 [Settings][Sync] Synchronization options aren't visible * DNA-117076 [Player] Background of the icons has changed and the Tidal icon is now missing * DNA-117109 Browser freezes when trying to remove a tab * DNA-117181 Translations for O112 * DNA-117202 Crash at syncer::SyncServiceImpl::NotifyObservers() * DNA-117295 Remove emoji names field in picker * DNA-117347 Start page is not rendered on first switch to workspace after its creation * DNA-117431 Promote 112 to stable - Complete Opera 112 changelog at: https://blogs.opera.com/desktop/changelog-for-112 - The update to chromium > = 126.0.6478.54 fixes following issues: CVE-2024-5830, CVE-2024-5831, CVE-2024-5832, CVE-2024-5833, CVE-2024-5834, CVE-2024-5835, CVE-2024-5836, CVE-2024-5837, CVE-2024-5838, CVE-2024-5839, CVE-2024-5840, CVE-2024-5841, CVE-2024-5842,CVE-2024-5843, CVE-2024-5844, CVE-2024-5845, CVE-2024-5846, CVE-2024-5847 - Update to 111.0.5168.55 * DNA-116749 Unnecessary icons in the advanced sync settings * DNA-116961 Evaluate #vtvd-as-platform-sw-decoder in the field * DNA-117003 #vtvd-as-platform-sw-decoder is not registered in media unittests Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.5:NonFree: zypper in -t patch openSUSE-2024-205=1 Package List: - openSUSE Leap 15.5:NonFree (x86_64): opera-112.0.5197.25-lp155.3.54.1 References: https://www.suse.com/security/cve/CVE-2024-5830.html https://www.suse.com/security/cve/CVE-2024-5831.html https://www.suse.com/security/cve/CVE-2024-5832.html https://www.suse.com/security/cve/CVE-2024-5833.html https://www.suse.com/security/cve/CVE-2024-5834.html https://www.suse.com/security/cve/CVE-2024-5835.html https://www.suse.com/security/cve/CVE-2024-5836.html https://www.suse.com/security/cve/CVE-2024-5837.html https://www.suse.com/security/cve/CVE-2024-5838.html https://www.suse.com/security/cve/CVE-2024-5839.html https://www.suse.com/security/cve/CVE-2024-5840.html https://www.suse.com/security/cve/CVE-2024-5841.html https://www.suse.com/security/cve/CVE-2024-5842.html https://www.suse.com/security/cve/CVE-2024-5843.html https://www.suse.com/security/cve/CVE-2024-5844.html https://www.suse.com/security/cve/CVE-2024-5845.html https://www.suse.com/security/cve/CVE-2024-5846.html https://www.suse.com/security/cve/CVE-2024-5847.html https://www.suse.com/security/cve/CVE-2024-6290.html https://www.suse.com/security/cve/CVE-2024-6291.html https://www.suse.com/security/cve/CVE-2024-6292.html https://www.suse.com/security/cve/CVE-2024-6293.html . An important update for Fedora has been issued,tackling 18 security flaws in VLC Media Player. Upgrade now to enhance your system's safety.. openSUSE Update, Opera Security, Software Fixes, Important Patch. . Severity: Important. LinuxSecurity.com Team
Jul 20, 2024
•Important
OpenSUSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!