Advisory ROSA-SA-2026-3159

Software: pam 1.3.1 OS: ROSA Virtualization 3.1 unaffected versions = pam-1.3.1-39.0.2.rv31 affected versions pam-1.3.1-39.0.2.rv31 CVE-ID: CVE-2025-6020 BDU-ID: 2025-07273 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pamnamespace module of the Linux-PAM authentication module is caused by a...

Advisory ROSA-SA-2026-3163

Software: sysstat 11.7.3 OS: ROSA Virtualization 3.1 unaffected versions = sysstat-11.7.3-13.rv31 affected versions sysstat-11.7.3-13.rv31 CVE-ID: CVE-2019-16167 BDU-ID: 2022-06244 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the remapstruct function of the sacommon.c component of the Sysstat...

Advisory ROSA-SA-2026-3155

Software: lz4 1.8.3 OS: ROSA Virtualization 3.1 unaffected versions = lz4-1.8.3-5.rv31 affected versions lz4-1.8.3-5.rv31 CVE-ID: CVE-2019-17543 BDU-ID: 2023-07612 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the LZ4 lossless data compression algorithm is related to writing beyond buffer...

Advisory ROSA-SA-2026-3145

Software: git 2.43.5 OS: ROSA Virtualization 3.1 unaffected versions = git-2.43.5-3.rv31 affected versions git-2.43.5-3.rv31 CVE-ID: CVE-2023-25652 BDU-ID: 2023-03859 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Git distributed version control system is related to flaws in the directory path...

Advisory ROSA-SA-2026-3143

Software: curl 7.61.1 OS: ROSA Virtualization 3.1 unaffected versions = curl-7.61.1-34.0.2.rv31.9 affected versions curl-7.61.1-34.0.2.rv31.9 CVE-ID: CVE-2025-9086 BDU-ID: 2025-12599 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the cURL command line utility is related to reading data beyond buffe...

Advisory ROSA-SA-2026-3141

Software: bind 9.11.36 OS: ROSA Virtualization 3.1 unaffected versions = bind-9.11.36-16.rv31.6 affected versions bind-9.11.36-16.rv31.6 CVE-ID: CVE-2025-40778 BDU-ID: 2025-13637 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the BIND DNS server is related to the loading of external unreliable data...

Advisory ROSA-SA-2026-3138

Software: curl 7.61.1 OS: ROSA Virtualization 3.0 unaffected versions = curl-7.61.1-34.0.2.rv30.9 affected versions curl-7.61.1-34.0.2.rv30.9 CVE-ID: CVE-2025-9086 BDU-ID: 2025-12599 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the cURL command line utility is related to reading data beyond buffe...

Advisory ROSA-SA-2026-3133

Software: curl 7.61.1 OS: ROSA Virtualization 2.1 unaffected versions = curl-7.61.1-34.0.2.rv3.9 affected versions curl-7.61.1-34.0.2.rv3.9 CVE-ID: CVE-2025-9086 BDU-ID: 2025-12599 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the cURL command line utility is related to reading data beyond buffer...

Advisory ROSA-SA-2026-3131

Software: bind 9.11.36 OS: ROSA Virtualization 2.1 unaffected versions = bind-9.11.36-16.rv3.6 affected versions bind-9.11.36-16.rv3.6 CVE-ID: CVE-2025-40778 BDU-ID: 2025-13637 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the BIND DNS server is related to the loading of external unreliable data...

SUSE CVE-2026-23198

In the Linux kernel, the following vulnerability has been resolved: KVM: Don't clobber irqfd routing type when deassigning irqfd When deassigning a KVMIRQFD, don't clobber the irqfd's copy of the IRQ's routing entry as doing so breaks kvmarchirqbypassdelproducer on x86 and arm64, which explicitly...

CVE-2026-23198

In the Linux kernel, the following vulnerability has been resolved: KVM: Don't clobber irqfd routing type when deassigning irqfd When deassigning a KVMIRQFD, don't clobber the irqfd's copy of the IRQ's routing entry as doing so breaks kvmarchirqbypassdelproducer on x86 and arm64, which explicitly...

CVE-2026-23198

CVE-2026-23198 relates to the Linux kernel KVM irqfd handling. The vulnerability arose when deassociating an IRQFD could clobber the irqfd’s copy of the IRQ’s routing entry, causing arch-specific code (e.g., kvm_arch_irq_bypass_del_producer on x86/arm64) to misinterpret routing as MSI. The fix ch...

CVE-2026-23198 KVM: Don't clobber irqfd routing type when deassigning irqfd

In the Linux kernel, the following vulnerability has been resolved: KVM: Don't clobber irqfd routing type when deassigning irqfd When deassigning a KVMIRQFD, don't clobber the irqfd's copy of the IRQ's routing entry as doing so breaks kvmarchirqbypassdelproducer on x86 and arm64, which explicitly...

OESA-2026-1352 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: An "off by one" bug has been discovered in QEMU's KVM Xen guest support. A malicious client could exploit this vulnerability to trigger an out-of-bounds heap access in the QEMU process vi...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255594. CVE-2023-54142: gtp: Fix use-after-free in gtpencapdestroy bsc1256095...

Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t

This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container,...

SUSE-SU-2026:0474-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255594. - CVE-2023-54142: gtp: Fix use-after-free in gtpencapdestroy bsc1256095. -...

USN-8028-1 linux, linux-raspi vulnerabilities

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt...

[SECURITY] Fedora 42 Update: rust-sevctl-0.6.2-6.fc42

Administrative utility for AMD SEV...

[SECURITY] Fedora 42 Update: open-vm-tools-13.0.10-2.fc42

The open-vm-tools project is an open source implementation of VMware Tools. It is a suite of open source virtualization utilities and drivers to improve the functionality, user experience and administration of VMware virtual machines. This package contains only the core user-space programs and...