Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 1 articles for you...
100
security advisorysecurity issueSuSESUSE Linux Micro 7.1 Core RT Important Update SUSE-SU-2027-33075-1
An update that solves eight vulnerabilities can now be installed.. # Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21058-1 Release Date: 2026-04-09T13:21:12Z Rating: important References: * bsc#1252036 * bsc#1252689 * bsc#1253404 * bsc#1256780 * bsc#1257238 * bsc#1258051 * bsc#1258183 * bsc#1258784 Cross-References: * CVE-2025-39973 * CVE-2025-40018 * CVE-2025-40159 * CVE-2025-71120 * CVE-2026-22999 * CVE-2026-23074 * CVE-2026-23111 * CVE-2026-23209 CVSS scores: * CVE-2025-39973 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39973 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40018 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40018 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40159 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40159 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71120 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-71120 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71120 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-22999 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-22999 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-22999 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23074 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23074 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23074 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23074 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23111 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23111 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23111 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23111 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23209 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves eight vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues The following security issues were fixed: * CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036). * CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689). * CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404). * CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780). * CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238). * CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051). * CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183). * CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-336=1 ## Package List: * SUSE Linux Micro 6.1(x86_64) * kernel-livepatch-6_4_0-31-rt-14-1.2 * kernel-livepatch-6_4_0-31-rt-debuginfo-14-1.2 * kernel-livepatch-MICRO-6-0-RT_Update_8-debugsource-14-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-39973.html * https://www.suse.com/security/cve/CVE-2025-40018.html * https://www.suse.com/security/cve/CVE-2025-40159.html * https://www.suse.com/security/cve/CVE-2025-71120.html * https://www.suse.com/security/cve/CVE-2026-22999.html * https://www.suse.com/security/cve/CVE-2026-23074.html * https://www.suse.com/security/cve/CVE-2026-23111.html * https://www.suse.com/security/cve/CVE-2026-23209.html * https://bugzilla.suse.com/show_bug.cgi?id=1252036 * https://bugzilla.suse.com/show_bug.cgi?id=1252689 * https://bugzilla.suse.com/show_bug.cgi?id=1253404 * https://bugzilla.suse.com/show_bug.cgi?id=1256780 * https://bugzilla.suse.com/show_bug.cgi?id=1257238 * https://bugzilla.suse.com/show_bug.cgi?id=1258051 * https://bugzilla.suse.com/show_bug.cgi?id=1258183 * https://bugzilla.suse.com/show_bug.cgi?id=1258784 . SUSE Linux Enterprise Micro 6.0 update resolves eight important issues, enhancing overall system security.. SUSE Linux Micro 6.0, Kernel RT, Security Update, Important Fixes. . Severity: Important. LinuxSecurity.com Team
Apr 13, 2026
•Important
SuSE
100
security advisorySuSEimportantSUSE Multi-Linux Manager 4.3 Security Update 2026-1031-1 CVE-2024-29371
An update that solves one vulnerability, contains two features and has 51 security fixes can now be installed.. # Maintenance update for Multi-Linux Manager 4.3: Server, Proxy and Retail Announcement ID: SUSE-SU-2026:1031-1 Release Date: 2026-03-25T10:19:43Z Rating: important References: * bsc#1213308 * bsc#1214568 * bsc#1214569 * bsc#1216711 * bsc#1217755 * bsc#1220899 * bsc#1221950 * bsc#1223368 * bsc#1227577 * bsc#1227579 * bsc#1228577 * bsc#1230876 * bsc#1232125 * bsc#1233496 * bsc#1236066 * bsc#1236799 * bsc#1237536 * bsc#1238481 * bsc#1239636 * bsc#1240565 * bsc#1241013 * bsc#1243241 * bsc#1243679 * bsc#1243768 * bsc#1243808 * bsc#1243876 * bsc#1243881 * bsc#1244177 * bsc#1244542 * bsc#1244648 * bsc#1244724 * bsc#1245241 * bsc#1245307 * bsc#1245405 * bsc#1245766 * bsc#1246421 * bsc#1246981 * bsc#1247038 * bsc#1248741 * bsc#1248804 * bsc#1249502 * bsc#1251864 * bsc#1251995 * bsc#1252937 * bsc#1253024 * bsc#1253068 * bsc#1253158 * bsc#1253322 * bsc#1253501 * bsc#1253773 * bsc#1255298 * bsc#1257538 * jsc#MSQA-1046 * jsc#SUMA-406 Cross-References: * CVE-2024-29371 CVSS scores: * CVE-2024-29371 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-29371 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-29371 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 * SUSE Linux Enterprise Desktop 15 SP1 * SUSE Linux Enterprise Desktop 15 SP2 * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 * SUSE Linux Enterprise High Performance Computing 15 SP1 *SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.0 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP1 * SUSE Linux Enterprise Real Time 15 SP2 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Client Tools for SLE 15 * SUSE Manager Client Tools for SLE Micro 5 An update that solves one vulnerability, contains two features and has 51 security fixes can now be installed. ## Recommended update 4.3.17 for Multi-Linux Manager Proxy and Retail Branch Server LTS ### Description: This update fixes the following issues: mgr-cfg: * Version 4.3.7-0 * Non-customer-facing optimization and update mgr-custom-info: * Version 4.3.4-0 * Non-customer-facingoptimization and update mgr-daemon: * Version 4.3.13-0 * Update translation strings mgr-osad: * Version 4.3.8-0 * Non-customer-facing optimization and update mgr-push: * Version 4.3.7-0 * Non-customer-facing optimization and update rhnlib: * Version 4.3.8-0 * Use more secure defusedxml parser (bsc#1227577) spacecmd: * Version 4.3.32-0 * Make caching code Py 2.7 compatible * Python 2.7 cannot re-raise exceptions * Make spacecmd to work with Python 3.12 and higher * Call print statements properly in Python 3 * Convert cached IDs to int (bsc#1251995) * Use JSON instead of pickle for spacecmd cache (bsc#1227579) spacewalk-backend: * Version 4.3.35-0 * Prevent authentication issues with traditional stack (bsc#1253068) * Fix parameter error when syncing product repositories in ISS v1 (bsc#1244724) * Fix fetching the mirrorlist with a ca bundle which include only the intermediate CAs. This is the case for RHUI CA bundles (bsc#1243241). * Use more secure defusedxml parser (bsc#1227577) spacewalk-certs-tools: * Version 4.3.27-0 * Non-customer-facing optimization and update spacewalk-client-tools: * Version 4.3.24-0 * Update translation strings spacewalk-proxy: * Version 4.3.21-0 * Non-customer-facing optimization and update spacewalk-proxy-docs: * Version 4.3.2-0 * Non-customer-facing optimization and update spacewalk-proxy-html: * Version 4.3.4-0 * Non-customer-facing optimization and update spacewalk-proxy-installer: * Version 4.3.13-0 * Configure squid replacement policy properly before cache dir (bsc#1253773) spacewalk-setup-jabberd: * Version 4.3.2-0 * Non-customer-facing optimization and update spacewalk-ssl-cert-check: * Version 4.3.4-0 * Non-customer-facing optimization and update spacewalk-web: * Version 4.3.48-0 * Fix broken CVE links in CVE audit page. * Fix bug: confirmation message missing when assigning channel to minion (bsc#1236799) * Fix URL to salt formular documentation(bsc#1248741) supportutils-plugin-susemanager-client: * Version 4.3.6-0 * Non-customer-facing optimization and update suseRegisterInfo: * Version 4.3.4-0 * Non-customer-facing optimization and update uyuni-base: * Version 4.3.3-0 * Non-customer-facing optimization and update uyuni-proxy-systemd-services: * Version 4.3.19-0 * Updated for SUSE Manager 4.3.17 How to apply this update: 1. Log in as root user to the SUSE Multi-Linux Manager Proxy or Retail Branch Server LTS. 2. Stop the proxy service: `spacewalk-proxy stop` 3. Apply the patch using either zypper patch or YaST Online Update. 4. Start the Spacewalk service: `spacewalk-proxy start` ## Security update 4.3.17 for Multi-Linux Manager Server LTS ### Description: This update fixes the following issues: cobbler: * Fix "test_grubimage_run" on Uyuni and SUSE Multi-Linux Manager test containers inter-server-sync: * Version 0.3.10-0 * Write log to a rotated file without rsyslog and logrotate * Recreate cobbler entries on the import (bsc#1220899) * remove support for 4.2 file based pillars * use correct hostname detection for 5.x servers (bsc#1253322) * Version 0.3.9-0 * Do not export autogenerated identity column (bsc##1244648) * Version 0.3.8-0 * Rename suseproductsccrepository to susechanneltemplate (bsc#1244648) * Allow skipping changelog export (bsc#1245307) * Add options to specify xmlRpcPassword via file path or stdin jose4j: * CVE-2024-29371: Safeguard against excessive resource utilization by restricting the size of data during JWE payload decompression (bsc#1255298) liberate-formula: * Version 0.1.1 * fix installation for liberty 7 (bsc#1246981) * Change reinstall parameter default value to false mgr-osad: * Version 4.3.8-0 * Non-customer-facing optimization and update mgr-push: * Version 4.3.7-0 * Non-customer-facing optimization and update perl-Satcon: * Version 4.3.3-0 * Non-customer-facing optimization and update prometheus-exporters-formula: *Version 1.4.2 * Allow only node exporter on transactional systems (bsc#1244542) prometheus-formula: * Version 0.9.0 * Check for supported distributions (bsc#1243876) * Fix checking Prometheus package version rhnlib: * Version 4.3.8-0 * Use more secure defusedxml parser (bsc#1227577) spacecmd: * Version 4.3.32-0 * Make caching code Py 2.7 compatible * Python 2.7 cannot re-raise exceptions * Make spacecmd to work with Python 3.12 and higher * Call print statements properly in Python 3 * Convert cached IDs to int (bsc#1251995) * Use JSON instead of pickle for spacecmd cache (bsc#1227579) spacewalk: * Version 4.3.7-0 * Non-customer-facing optimization and update spacewalk-admin: * Version 4.3.15-0 * Correctly handles http proxy empty passwords (bsc#1249502) spacewalk-backend: * Version 4.3.35-0 * Prevent authentication issues with traditional stack (bsc#1253068) * Fix parameter error when syncing product repositories in ISS v1 (bsc#1244724) * Fix fetching the mirrorlist with a ca bundle which include only the intermediate CAs. This is the case for RHUI CA bundles (bsc#1243241). * Use more secure defusedxml parser (bsc#1227577) spacewalk-branding: * Version 4.3.6-0 * Non-customer-facing optimization and update spacewalk-certs-tools: * Version 4.3.27-0 * Non-customer-facing optimization and update spacewalk-client-tools: * Version 4.3.24-0 * Update translation strings spacewalk-config: * Version 4.3.17-0 * Non-customer-facing optimization and update spacewalk-java: * Version 4.3.90-0 * Fix reposync crashing at metadata generation (bsc#1257538) * Version 4.3.89-0 * Delay highstate during bootstrap to run it after the initial minimal state (bsc#1240565) * add proxy option to provisionSystem API (bsc#1232125) * Fix dnf updateinfo showing wrong severity for security updates (bsc#1252937) * Display correct advisory link by using an errata advisory map (bsc#1243808) * Improve hibernate object creation for ServerPath(bsc#1243881) * Prevent printing user input in traceback logs and mails (bsc#1239636) * Send CPU architecture specific data to SCC (jsc#SUMA-406) * Fix broken CVE links in CVE audit page. * Fix http proxy verification (bsc#1253501) * Fix: Broken URL in API docs (bsc#1244177) * Correctly handles http proxy empty passwords (bsc#1249502) * Ensure null safety when converting from proxy paths to host names (bsc#1237536) * Use the correct identifier to map the salt migration result * Succeed liberate product migration also when reinstall packages is disabled (bsc#1248804) * Prioritize beacon data for regular minion reboot status (bsc#1245405) spacewalk-reports: * Version 4.3.6-0 * Non-customer-facing optimization and update spacewalk-search: * Version 4.3.12-0 * Non-customer-facing optimization and update spacewalk-setup: * Version 4.3.20-0 * Non-customer-facing optimization and update spacewalk-setup-jabberd: * Version 4.3.2-0 * Non-customer-facing optimization and update spacewalk-utils: * Version 4.3.25-0 * Non-customer-facing optimization and update spacewalk-web: * Version 4.3.48-0 * Fix broken CVE links in CVE audit page. * Fix bug: confirmation message missing when assigning channel to minion (bsc#1236799) * Fix URL to salt formular documentation (bsc#1248741) supportutils-plugin-susemanager: * Version 4.3.16-0 * Non-customer-facing optimization and update suseRegisterInfo: * Version 4.3.4-0 * Non-customer-facing optimization and update susemanager: * Version 4.3.43-0 * Added missing bootrap repository definition for OES 24.4 (bsc#1241013) susemanager-docs_en: * Removed CIS from list of supported OpenSCAP profiles * Fixed the incorrect path in Administration Guide (bsc#1221950) * Corrected the reactivation key varaible name (bsc#1253158) * Improved CLM procedure in Adminstration Guide (bsc#1230876) * Added commands to server migration procedures in Installation and Upgrade Guide (bsc#1214569) * Clarifiedrequirement for PAYG in Installation and Upgrade Guide (bsc#1236066) * Added information for proxy migration to Installation and Upgrade Guide (bsc#1214568) * Added reference to dry run documentation (bsc#1223368) * Added information about requesting access to PTFs (bsc#1213308) * Added lang support for new shared header to html outputs * Added shared header styles for documentation.suse.com * Removed Ubuntu 20.04 from the list supported clients in Client Configuration Guide (bsc#1238481) * Fixed output box with grep command in LTS section in Installation and Upgrade Guide (bsc#1247038) * Added procedure to reregister client behind a proxy after renaming the server (bsc#1245766) * Fixed the admonition in Client Configuration Guide (bsc#1233496) * Reorganised files for better visibility of differences between AutoYaST and Kickstart profiles (bsc#1217755) * Fixed command for public cloud module in Installation and Upgrade Guide (bsc#1216711) * Removed obsolete command from Administration Guide (bsc#1228577) * Renamed parameter in Specialized Guides (bsc#1245241) susemanager-schema: * Version 4.3.30-0 * Store CPU architecture specific data (jsc#SUMA-406) * Creation of table suseErrataAdvisoryMap and added errata-advisory-map-sync taskomatic job fixing bug (bsc#1243808) susemanager-sls: * Version 4.3.53-0 * Automatically deploy IBM GPG keys to SUSE minions (bsc#1246421) * Succeed liberate product migration also when reinstall packages is disabled (bsc#1248804) * Adjust sls files for python311-kiwi (bsc#1251864)(bsc#1253024) * Collect CPU architecture specific data on hardware profile update (jsc#SUMA-406) susemanager-tftpsync: * Version 4.3.5-0 * Use TLS in sync_post_tftpd_proxies (bsc#1243679) * Refuse files with shell characters (bsc#1243768) uyuni-base: * Version 4.3.3-0 * Non-customer-facing optimization and update How to apply this update: 1. Log in as root user to the SUSE Multi-Linux Manager Server LTS. 2. Stop the Spacewalk service: `spacewalk-service stop` 3. Apply the patch using either zypper patch or YaST Online Update. 4. Start the Spacewalk service: `spacewalk-service start` ## Recommended update for uyuni-proxy-systemd-services ### Description: This update fixes the following issues: uyuni-proxy-systemd-services: * Version 4.3.19-0 * Update for SUSE Manager 4.3.17 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE 15 zypper in -t patch SUSE-SLE-Manager-Tools-15-2026-1031=1 * SUSE Manager Client Tools for SLE Micro 5 zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2026-1031=1 ## Package List: * SUSE Manager Client Tools for SLE 15 (noarch) * uyuni-proxy-systemd-services-4.3.19-150000.1.40.2 * SUSE Manager Client Tools for SLE Micro 5 (noarch) * uyuni-proxy-systemd-services-4.3.19-150000.1.40.2 ## References: * https://www.suse.com/security/cve/CVE-2024-29371.html * https://bugzilla.suse.com/show_bug.cgi?id=1213308 * https://bugzilla.suse.com/show_bug.cgi?id=1214568 * https://bugzilla.suse.com/show_bug.cgi?id=1214569 * https://bugzilla.suse.com/show_bug.cgi?id=1216711 * https://bugzilla.suse.com/show_bug.cgi?id=1217755 * https://bugzilla.suse.com/show_bug.cgi?id=1220899 * https://bugzilla.suse.com/show_bug.cgi?id=1221950 * https://bugzilla.suse.com/show_bug.cgi?id=1223368 * https://bugzilla.suse.com/show_bug.cgi?id=1227577 * https://bugzilla.suse.com/show_bug.cgi?id=1227579 * https://bugzilla.suse.com/show_bug.cgi?id=1228577 * https://bugzilla.suse.com/show_bug.cgi?id=1230876 * https://bugzilla.suse.com/show_bug.cgi?id=1232125 * https://bugzilla.suse.com/show_bug.cgi?id=1233496 * https://bugzilla.suse.com/show_bug.cgi?id=1236066 * https://bugzilla.suse.com/show_bug.cgi?id=1236799 *https://bugzilla.suse.com/show_bug.cgi?id=1237536 * https://bugzilla.suse.com/show_bug.cgi?id=1238481 * https://bugzilla.suse.com/show_bug.cgi?id=1239636 * https://bugzilla.suse.com/show_bug.cgi?id=1240565 * https://bugzilla.suse.com/show_bug.cgi?id=1241013 * https://bugzilla.suse.com/show_bug.cgi?id=1243241 * https://bugzilla.suse.com/show_bug.cgi?id=1243679 * https://bugzilla.suse.com/show_bug.cgi?id=1243768 * https://bugzilla.suse.com/show_bug.cgi?id=1243808 * https://bugzilla.suse.com/show_bug.cgi?id=1243876 * https://bugzilla.suse.com/show_bug.cgi?id=1243881 * https://bugzilla.suse.com/show_bug.cgi?id=1244177 * https://bugzilla.suse.com/show_bug.cgi?id=1244542 * https://bugzilla.suse.com/show_bug.cgi?id=1244648 * https://bugzilla.suse.com/show_bug.cgi?id=1244724 * https://bugzilla.suse.com/show_bug.cgi?id=1245241 * https://bugzilla.suse.com/show_bug.cgi?id=1245307 * https://bugzilla.suse.com/show_bug.cgi?id=1245405 * https://bugzilla.suse.com/show_bug.cgi?id=1245766 * https://bugzilla.suse.com/show_bug.cgi?id=1246421 * https://bugzilla.suse.com/show_bug.cgi?id=1246981 * https://bugzilla.suse.com/show_bug.cgi?id=1247038 * https://bugzilla.suse.com/show_bug.cgi?id=1248741 * https://bugzilla.suse.com/show_bug.cgi?id=1248804 * https://bugzilla.suse.com/show_bug.cgi?id=1249502 * https://bugzilla.suse.com/show_bug.cgi?id=1251864 * https://bugzilla.suse.com/show_bug.cgi?id=1251995 * https://bugzilla.suse.com/show_bug.cgi?id=1252937 * https://bugzilla.suse.com/show_bug.cgi?id=1253024 * https://bugzilla.suse.com/show_bug.cgi?id=1253068 * https://bugzilla.suse.com/show_bug.cgi?id=1253158 * https://bugzilla.suse.com/show_bug.cgi?id=1253322 * https://bugzilla.suse.com/show_bug.cgi?id=1253501 * https://bugzilla.suse.com/show_bug.cgi?id=1253773 * https://bugzilla.suse.com/show_bug.cgi?id=1255298 * https://bugzilla.suse.com/show_bug.cgi?id=1257538 * https://jira.suse.com/browse/MSQA-1046 * https://jira.suse.com/browse/SUMA-406 . Important updatefor SUSE Multi-Linux Manager 4.3 with vulnerability fixes and optimizations to enhance security and functionality.. SUSE Multi-Linux Manager security fixes, important update, Linux vulnerability, patch instructions, SUSE security. . Severity: Important. LinuxSecurity.com Team
Mar 25, 2026
•Important
SuSE
172
security advisoryUbuntuimportantUbuntu 20.04 18.04 Linux Kernel Important Flaws USN-7990-4 CVE-2022-49698
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-7990-4 February 12, 2026 linux-oracle, linux-oracle-5.4 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-oracle: Linux kernel for Oracle Cloud systems - linux-oracle-5.4: Linux kernel for Oracle Cloud systems Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Padata parallel execution mechanism; - Netfilter; (CVE-2022-49698, CVE-2025-21726, CVE-2025-40019) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS linux-image-5.4.0-1152-oracle 5.4.0-1152.162 Available with Ubuntu Pro linux-image-oracle-5.4 5.4.0.1152.146 Available with Ubuntu Pro linux-image-oracle-lts-20.04 5.4.0.1152.146 Available with Ubuntu Pro Ubuntu 18.04 LTS linux-image-5.4.0-1152-oracle 5.4.0-1152.162~18.04.1 Available with Ubuntu Pro linux-image-oracle 5.4.0.1152.162~18.04.1 Available with Ubuntu Pro linux-image-oracle-5.4 5.4.0.1152.162~18.04.1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third partykernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-7990-4 https://ubuntu.com/security/notices/USN-7990-3 https://ubuntu.com/security/notices/USN-7990-2 https://ubuntu.com/security/notices/USN-7990-1 CVE-2022-49698, CVE-2025-21726, CVE-2025-40019 . Several security issues fixed in Ubuntu kernel updating the linux-oracle package is essential for system integrity.. Ubuntu Security Notice, Linux Kernel Update, Oracle Cloud Kernel Fixes. . Severity: Important. LinuxSecurity.com Team
Feb 12, 2026
•Important
Ubuntu
172
security advisorymoderateUbuntuUbuntu 24.04 LTS: USN-7682-5 Moderate Linux Kernel Network Threats
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-7682-5 August 12, 2025 linux-gcp-6.8, linux-raspi vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-raspi: Linux kernel for Raspberry Pi systems - linux-gcp-6.8: Linux kernel for Google Cloud Platform (GCP) systems Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network traffic control; (CVE-2025-38083, CVE-2025-37797) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS linux-image-6.8.0-1032-raspi 6.8.0-1032.36 linux-image-raspi 6.8.0-1032.36 linux-image-raspi-6.8 6.8.0-1032.36 Ubuntu 22.04 LTS linux-image-6.8.0-1034-gcp 6.8.0-1034.36~22.04.2 linux-image-6.8.0-1034-gcp-64k 6.8.0-1034.36~22.04.2 linux-image-gcp 6.8.0-1034.36~22.04.2 linux-image-gcp-6.8 6.8.0-1034.36~22.04.2 linux-image-gcp-64k 6.8.0-1034.36~22.04.2 linux-image-gcp-64k-6.8 6.8.0-1034.36~22.04.2 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-7682-5 https://ubuntu.com/security/notices/USN-7682-4 https://ubuntu.com/security/notices/USN-7682-3 https://ubuntu.com/security/notices/USN-7682-2 https://ubuntu.com/security/notices/USN-7682-1 CVE-2025-37797, CVE-2025-38083 Package Information: https://launchpad.net/ubuntu/+source/linux-raspi/6.8.0-1032.36 https://launchpad.net/ubuntu/+source/linux-gcp-6.8/6.8.0-1034.36~22.04.2 . Important updates for Ubuntu 24.04 and 22.04 LTS have been released, addressing multiple significant vulnerabilities that impact system security.. Ubuntu Linux Kernel Update, Security Issues, System Compromise, Network Control, Kernel Flaws. . LinuxSecurity.com Team
Aug 12, 2025
Ubuntu
217
security advisoryimportantkernelOracle Linux 9: ELSA-2025-12746 Kernel Important Attack Risk
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-12746 http://linux.oracle.com/errata/ELSA-2025-12746.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: kernel-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm kernel-abi-stablelists-5.14.0-570.32.1.0.1.el9_6.noarch.rpm kernel-core-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm kernel-cross-headers-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm kernel-debug-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm kernel-debug-core-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm kernel-debug-devel-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm kernel-debug-devel-matched-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm kernel-debug-modules-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm kernel-debug-modules-core-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm kernel-debug-modules-extra-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm kernel-debug-uki-virt-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm kernel-devel-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm kernel-devel-matched-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm kernel-doc-5.14.0-570.32.1.0.1.el9_6.noarch.rpm kernel-headers-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm kernel-modules-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm kernel-modules-core-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm kernel-modules-extra-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm kernel-tools-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm kernel-tools-libs-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm kernel-tools-libs-devel-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm kernel-uki-virt-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm kernel-uki-virt-addons-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm libperf-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm perf-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm python3-perf-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm rtla-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm rv-5.14.0-570.32.1.0.1.el9_6.x86_64.rpm aarch64: kernel-cross-headers-5.14.0-570.32.1.0.1.el9_6.aarch64.rpm kernel-headers-5.14.0-570.32.1.0.1.el9_6.aarch64.rpm kernel-tools-5.14.0-570.32.1.0.1.el9_6.aarch64.rpm kernel-tools-libs-5.14.0-570.32.1.0.1.el9_6.aarch64.rpm kernel-tools-libs-devel-5.14.0-570.32.1.0.1.el9_6.aarch64.rpm perf-5.14.0-570.32.1.0.1.el9_6.aarch64.rpm python3-perf-5.14.0-570.32.1.0.1.el9_6.aarch64.rpm rtla-5.14.0-570.32.1.0.1.el9_6.aarch64.rpm rv-5.14.0-570.32.1.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/kernel-5.14.0-570.32.1.0.1.el9_6.src.rpm Related CVEs: CVE-2022-49788 CVE-2025-21727 CVE-2025-21928 CVE-2025-21929 CVE-2025-21962 CVE-2025-22020 CVE-2025-37890 CVE-2025-38052 CVE-2025-38087 Description of changes: [5.14.0-570.32.1.0.1.el9_6.OL9] - nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650] - Disable UKI signing [Orabug: 36571828] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64
Aug 07, 2025
•Important
Oracle
91
security advisoryhigh severitygentooGentoo: GLSA 202401-03 High Severity: BlueZ Privilege Escalation Advisory
Multiple vulnerabilities have been discovered in Bluez, the worst of which can lead to privilege escalation.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202401-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: BlueZ: Privilege Escalation Date: January 05, 2024 Bugs: #919383 ID: 202401-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been discovered in Bluez, the worst of which can lead to privilege escalation. Background ========== BlueZ is the canonical bluetooth tools and system daemons package for Linux. Affected packages ================= Package Vulnerable Unaffected ------------------ ------------ ------------ net-wireless/bluez < 5.70-r1 > = 5.70-r1 Description =========== Multiple vulnerabilities have been discovered in BlueZ. Please review the CVE identifiers referenced below for details. Impact ====== An attacker may inject unauthenticated keystrokes via Bluetooth, leading to privilege escalation or denial of service. Workaround ========== There is no known workaround at this time. Resolution ========== All BlueZ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =net-wireless/bluez-5.70-r1" References ========== [ 1 ] CVE-2023-45866 https://nvd.nist.gov/vuln/detail/CVE-2023-45866 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202401-03 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns shouldbe addressed to
Jan 05, 2024
Gentoo
198
security advisorydenial of servicehigh severityArch Linux: 201808-4 High: Critical Linux Denial Of Service Risk
The package linux before version 4.17.11-1 is vulnerable to denial of service. . Arch Linux Security Advisory ASA-201808-4 ======================================== Severity: High Date : 2018-08-08 CVE-ID : CVE-2018-5390 Package : linux Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-747 Summary ====== The package linux before version 4.17.11-1 is vulnerable to denial of service. Resolution ========= Upgrade to 4.17.11-1. # pacman -Syu "linux> =4.17.11-1" The problem has been fixed upstream in version 4.17.11. Workaround ========= None. Description ========== A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses. Impact ===== A remote attacker is able to saturate the CPU and hence cause a denial of service on the host system by sending specially modified packets within ongoing TCP sessions. References ========= https://www.kb.cert.org/vuls/id/962459 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/ https://security.archlinux.org/CVE-2018-5390 . Arch Linux Security Advisory ASA-201808-4 ======================================== Severity: High Da. linux, package, version,vulnerable, denial, service, security. . LinuxSecurity.com Team
Aug 08, 2018
ArchLinux
200
security advisorysystem attackSL7SciLinux: SLSA-2018-0012-1 Important Microcode_ctl Update for SL7
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies [More...]. Synopsis: Important: microcode_ctl security update Advisory ID: SLSA-2018:0012-1 Issue Date: 2018-01-03 CVE Numbers: CVE-2017-5715 -- Security Fix(es): * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715) Note: This is the microcode counterpart of the CVE-2017-5715 kernel mitigation. -- SL7 x86_64 microcode_ctl-2.1-22.2.el7.x86_64.rpm microcode_ctl-debuginfo-2.1-22.2.el7.x86_64.rpm - Scientific Linux Development Team . Explore the recent microcode_ctl patch aimed at mitigating speculative execution vulnerabilities in SL7. Get the details here.. Microcode Update, Speculative Execution, Cache Side-Channel, Security Fix, Scientific Linux. . Severity: Important. LinuxSecurity.com Team
Jan 03, 2018
•Important
Scientific Linux
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!