5411 matches found
Security update for valkey
This update for valkey to version 8.0.6 fixes the following security issues: CVE-2025-49844: Malicious Lua scripts may lead to remote code execution. bsc1250995 CVE-2025-46817: Malicious Lua scripts may lead to integer overflow and potential remote code execution. bsc1250995 CVE-2025-46818:...
Security update for valkey
This update for valkey to version 8.0.6 fixes the following issues: CVE-2025-49844: Malicious Lua scripts may lead to remote code execution. bsc1250995 CVE-2025-46817: Malicious Lua scripts may lead to integer overflow and potential remote code execution. bsc1250995 CVE-2025-46818: Malicious Lua...
Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001034 fixes several issues. The following security issues were fixed: CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. CVE-2025-38089: sunrpc: handle SVCGARBAGE during svc auth processing as auth error bsc1245509. Patch...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_3
This update for kernel-livepatch-MICRO-6-0-RTUpdate3 fixes the following issues: CVE-2024-50154: tcp/dccp: Don't use timerpending in reqskqueueunlink bsc1233072 CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing bsc1237048 CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc1240744...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-50154: tcp/dccp: Don't use timerpending in reqskqueueunlink bsc1233072 CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing bsc1237048 CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc1240744...
Security update for kernel-livepatch-MICRO-6-0_Update_7
This update for kernel-livepatch-MICRO-6-0Update7 fixes the following issues: CVE-2025-38089: sunrpc: handle SVCGARBAGE during svc auth processing as auth error bsc1245509 CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315 Patch Instructions: To install this SUSE...
Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-50154: tcp/dccp: Don't use timerpending in reqskqueueunlink bsc1233072 CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing bsc1237048 CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc1240744...
Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-150600108 fixes several issues. The following security issues were fixed: CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650. CVE-2024-5015...
Security update for openssl-1_1
This update for openssl-11 fixes the following issues: CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.3.1 ESR bsc1250452. Improved reliability when HTTP/3 connections fail: Firefox no longer forces HTTP/2 during fallback, allowing the server to choose the protocol and preventing stalls on som...
Security update for openssl-1_1
This update for openssl-11 fixes the following issues: CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Security update for apache2-mod_security2
This update for apache2-modsecurity2 fixes the following issues: CVE-2025-54571: Fixed insufficient return value handling on modsecurity leads to xss and source code disclosure bsc1247674 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024136 fixes several issues. The following security issues were fixed: CVE-2024-49860: ACPI: sysfs: validate return type of STR method bsc1231862. CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1246356. CVE-2025-38181: calipso: Fix...
Security update for the Linux Kernel (Live Patch 51 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059185 fixes several issues. The following security issues were fixed: CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1246356. CVE-2025-38181: calipso: Fix null-ptr-deref in calipsoreqset,delattr bsc1246001. CVE-2025-38498: dochangetype:...
Security update for curl
This update for curl fixes the following issues: CVE-2025-9086: Fixed Out of bounds read for cookie path bsc1249191 CVE-2025-10148: Predictable WebSocket mask bsc1249348 Fix the --ftp-pasv option in curl v8.14.1 bsc1246197 tooloperate: fix return code when --retry is used but not triggered...
Security update for tiff
This update for tiff fixes the following issues: CVE-2025-9165: local execution manipulation leading to memory leak bsc1248330. CVE-2024-13978: null pointer dereference in component fax2ps bsc1247581 CVE-2025-8534: null pointer dereference in function PSLvl2page bsc1247582. CVE-2025-8961:...
Security update for nvidia-open-driver-G06-signed
This update for nvidia-open-driver-G06-signed fixes the following issues: Update non-CUDA variant to 580.82.07 bsc1249235 Update non-CUDA variant to 580.76.05 bsc1247907 get rid of rule of older KMPs not to load nvidiadrm module, which are still installed in parallel and therefore still active...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_12
This update for kernel-livepatch-MICRO-6-0-RTUpdate12 fixes the following issues: New livepatch SLE Micro 6.0/6.1 kernel rt update 12 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...
Security update for the Linux Kernel
This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...
Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-49860: ACPI: sysfs: validate return type of STR method bsc1231862 CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 140.3.0 ESR bsc1249391. MFSA 2025-75: CVE-2025-10527 bmo1984825 Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10528 bmo1986185 Sandbox escape due to undefined behavior,...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250918T182144 2025-09-18T18:21:44Z jscPED-11136. Go CVE Numbering Authority IDs added or updated with aliases: GO-2025-3915 CVE-2025-5187 GHSA-4x4m-3c2p-qppc GO-2025-3956 CVE-2025-47906 CVE-2025-47906 Update to...
Security update for krb5
This update for krb5 fixes the following issues: CVE-2025-3576: Fixed Kerberos RC4-HMAC-MD5 Checksum Vulnerability bsc1241219 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...
Security update for mariadb
This update for mariadb fixes the following issues: Update to version 10.11.14. Security issues fixed: CVE-2025-30693: InnoDB issue allows high privileged attacker with network access to gain unauthorized update, insert or delete access to data and cause repeatable crash in MySQL server bsc124921...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-46733: btrfs: fix qgroup reserve leaks in cowfilerange bsc1230708. CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points bsc1232089...
Security update for busybox, busybox-links
This update for busybox, busybox-links fixes the following issues: Updated to version 1.37.0 jscPED-13039: CVE-2023-42363: Fixed use-after-free vulnerability in xasprintf function in xfuncsprintf.c bsc1217580 CVE-2023-42364: Fixed use-after-free in the awk.c evaluate function bsc1217584...
Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50211: md-raid10: fix KASAN warning bsc1245140. CVE-2023-53117: fs: prevent out-of-bounds array speculation when closing a file descriptor bsc1242780...
Security update for curl
This update for curl fixes the following issues: Security issues fixed: CVE-2025-9086: bug in patch comparison logic when processing cookies can lead to out-of-bounds read in heap buffer bsc1249191. CVE-2025-10148: predictable websocket mask can lead to proxy cache poisoning by malicious server...
Security update for curl
This update for curl fixes the following issues: Security issues fixed: CVE-2025-9086: bug in patch comparison logic when processing cookies can lead to out-of-bounds read in heap buffer bsc1249191. CVE-2025-10148: predictable websocket mask can lead to proxy cache poisoning by malicious server...
Security update for pam
This update for pam fixes the following issues: CVE-2024-10041: Fixed hashed password leak bsc1232234 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your...
Security update for python311
This update for python311 fixes the following issues: CVE-2025-8194: Fixed tar archives with negative offsets leading to infinite loop and deadlock bsc1247249 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for net-tools
This update for net-tools fixes the following issues: Fixed stack buffer overflow in parsehex, procgenfmt, ax25 and netrom bsc1248687 CVE-2025-46836: Fixed stack buffer overflow caused by the absence of bound checks bsc1243581 Patch Instructions: To install this SUSE update use the SUSE recommend...
Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002342 fixes several issues. The following security issues were fixed: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245504. CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2025-38001: netsched: hfsc: Address...
Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: Update to version jdk8u462 icedtea-3.36.0. Security issues fixed: CVE-2025-30749: heap corruption allows unauthenticated attacker with network access to compromise and takeover Java applications that load and run untrusted code...
Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP7)
This update for the Linux Kernel 6.4.0-150700533 fixes several issues. The following security issues were fixed: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245504. CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235...
Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002338 fixes several issues. The following security issues were fixed: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245504. CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2025-38001: netsched: hfsc: Address...
Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002322 fixes several issues. The following security issues were fixed: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245504. CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2025-38001: netsched: hfsc: Address...
Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-15050055103 fixes several issues. The following security issues were fixed: CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235. CVE-2025-38000: schhfsc...
Security update for busybox, busybox-links
This update for busybox, busybox-links fixes the following issues: Updated to version 1.37.0 jscPED-13039: - CVE-2023-42363: Fixed use-after-free vulnerability in xasprintf function in xfuncsprintf.c bsc1217580 - CVE-2023-42364: Fixed use-after-free in the awk.c evaluate function bsc1217584 -...
Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005597 fixes several issues. The following security issues were fixed: CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. CVE-2025-38001: netsched: hfsc: Address reentrant...
Security update for perl-Cpanel-JSON-XS
This update for perl-Cpanel-JSON-XS fixes the following issues: CVE-2025-40929: integer buffer overflow causing a segmentation fault when parsing crafted JSON bsc1249331. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zyppe...
Security update for sevctl
This update for sevctl fixes the following issues: CVE-2025-3416: openssl: Fixed Use-After-Free in Md::fetch and Cipher::fetch bsc1242618 CVE-2024-12224: idna: Fixed Punycode labels not producing any non-ASCII when decode bsc1243860 Patch Instructions: To install this SUSE update use the SUSE...
Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005583 fixes several issues. The following security issues were fixed: CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. CVE-2025-38001: netsched: hfsc: Address reentrant...
Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005573 fixes several issues. The following security issues were fixed: CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. CVE-2025-38001: netsched: hfsc: Address reentrant...
Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-15050055113 fixes several issues. The following security issues were fixed: CVE-2025-21701: net: avoid race between device unregistration and ethnl ops bsc1245805. CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU bsc1246030. Patch Instructions: T...
Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005591 fixes several issues. The following security issues were fixed: CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. CVE-2025-38001: netsched: hfsc: Address reentrant...
Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024141 fixes several issues. The following security issues were fixed: CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. CVE-2025-38001: netsched: hfsc: Address reentrant...
Security update for cups
This update for cups fixes the following issues: CVE-2025-58060: no password check when AuthType is set to anything but Basic and a request is made with an Authorization: Basic header bsc1249049. CVE-2025-58364: unsafe deserialization and validation of printer attributes leads to NULL pointer...
Security update for kernel-livepatch-MICRO-6-0_Update_5
This update for kernel-livepatch-MICRO-6-0Update5 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twi...
Security update for kernel-livepatch-MICRO-6-0_Update_5
This update for kernel-livepatch-MICRO-6-0Update5 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twi...