SUSE-SU-2026:0687-1 Security update for go1

This update for go1 fixes the following issues: Update to version 1.24.13 jscSLE-18320, bsc1236217. Security issues fixed: - CVE-2025-61732: cmd/cgo: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. - CVE-2025-68119: cmd/go: unexpected code execution when...

K000160086: Linux kernel vulnerability CVE-2024-58240

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: tls: separate no-async decryption request handling from async If we're not doing async, the handling is much simpler. There's no reference counting, we just need to wait for the completion to wake us...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.24 (SUSE-SU-2026:0426-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0426-1 advisory. Update to version 1.24.13. Security issues fixed: - CVE-2025-61732: cmd/go: discrepancy between ...

Security update for salt

This update for salt fixes the following issues: Security issues fixed: CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439 BDSA-2024-9026 Other...

Security update 5.0.6 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439...

SUSE-SU-2025:4467-1 Security update 5.0.6 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: - Security issues fixed: - CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 - CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 - Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439...

SUSE SLES15 Security Update : kernel (Live Patch 6 for SUSE Linux Enterprise 15 SP6) (SUSE-SU-2025:4261-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4261-1 advisory. This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.30 fixes various security issues The following security issues were fixed: -...

EUVD-2025-124934

In the Linux kernel, the following vulnerability has been resolved: tls: Use skdstget and dstdevrcu in getnetdevforsock. getnetdevforsock is called during setsockopt, so not under RCU. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and dstdevrcu. Note that the only -ndoskgetlowerdev...

SUSE-SU-2025:03650-1 Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP7)

This update for the Linux Kernel 6.4.0-1507005 fixes several issues. The following security issues were fixed: - CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. - CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: bpf, testrun: Fix use-after-free issue in ethskbpkttype CVE-2025-21867 microcodectl: From CVEorg collector CVE-2024-28956 kernel: mm/hugetlb: unshare page tables during VMA split, not...

Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup bsc1237913. CVE-2024-58053: rxrpc: Fix handling of received connection abort bsc1238982...

CVE-2025-21617

Guzzle OAuth Subscriber signs Guzzle requests using OAuth 1.0. Prior to 0.8.1, Nonce generation does not use sufficient entropy nor a cryptographically secure pseudorandom source. This can leave servers vulnerable to replay attacks when TLS is not used. This vulnerability is fixed in 0.8.1...

Fedora 41 : trafficserver (2024-f4dc07db08)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-f4dc07db08 advisory. - Update to upstream 9.2.6 - Backport fix for broken oubound TLS with OpenSSL 3.2+ - Resolves CVE-2024-38479, CVE-2024-50305, CVE-2024-50306 Tenable...

Fedora 40 : trafficserver (2024-b3c4e8da81)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-b3c4e8da81 advisory. - Update to upstream 9.2.6 - Backport fix for broken oubound TLS with OpenSSL 3.2+ - Resolves CVE-2024-38479, CVE-2024-50305, CVE-2024-50306 Tenable...

SUSE CVE-2024-36489

In the Linux kernel, the following vulnerability has been resolved: tls: fix missing memory barrier in tlsinit In tlsinit, a write memory barrier is missing, and store-store reordering may cause NULL dereference in tlssetsockopt,getsockopt. CPU0 CPU1 ----- ----- // In tlsinit // In tlsctxcreate c...

SUSE SLES12 Security Update : kernel (Live Patch 43 for SLE 12 SP5) (SUSE-SU-2024:1686-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1686-1 advisory. - In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb-macheader If an AFPACKE...

CVE-2024-26800 tls: fix use-after-free on failed backlog decryption

In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request goes to the backlog and cryptoaeaddecrypt returns -EBUSY, tlsdodecryption will wait until all async decryptions have completed. If one of them fails,...

CLSA-2023-1693431257 Fix of 17 CVEs

Jammy update: v5.15.75 upstream stable release LP: 1996825 // CVE-url: https://ubuntu.com/security/CVE-2022-1184 - ext4: fix check for block being out of directory size Jammy update: v5.15.61 upstream stable release LP: 1990162 // CVE-url: https://ubuntu.com/security/CVE-2022-1184 - ext4: check i...

GSD-2022-1004744 net/tls: fix tls_sk_proto_close executed repeatedly

net/tls: fix tlsskprotoclose executed repeatedly This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.202 by commit...

SUSE-SU-2021:2398-1 Security update for go1.15

This update for go1.15 fixes the following issues: - go1.15.14 released 2021-07-12 includes a security fix to the crypto/tls package, as well as bug fixes to the linker, and the net package. CVE-2021-34558 Refs bsc1175132 go1.15 release tracking bsc1188229 go47143 CVE-2021-34558 go47144 security:...