5418 matches found
Security update for the Linux Kernel
This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...
Security update for the Linux Kernel
This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...
Security update for sevctl
This update for sevctl fixes the following issues: CVE-2024-12224: idna: Fixed improper validation of unsafe equivalence in punycode. bsc1243860 CVE-2025-3416: openssl: Fixed use-after-free in Md::fetch and Cipher::fetch bsc1242618 Patch Instructions: To install this SUSE update use the SUSE...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-46733: btrfs: fix qgroup reserve leaks in cowfilerange bsc1230708. CVE-2025-38006: net: mctp: Do not access ifaindex when missing bsc1244930...
Security update for cloud-init
This update for cloud-init fixes the following issues: Update to version 25.1.3 bsc1245401,bsc1245403: docs: provide example3 for PAM and sshpwauth behavior 27 fix: Make hotplug socket writable only by root 25 CVE-2024-11584 fix: Don't attempt to identify non-x86 OpenStack instances LP: 2069607...
Security update for vim
This update for vim fixes the following issues: Updated to 9.1.1629: - CVE-2025-53905: Fixed malicious tar archive may causing a path traversal in Vim’s tar.vim plugin bsc1246604 - CVE-2025-53906: Fixed malicious zip archive may causing a path traversal in Vim’s zip bsc1246602 - CVE-2025-55157:...
Security update for kernel-livepatch-MICRO-6-0_Update_7
This update for kernel-livepatch-MICRO-6-0Update7 fixes the following issues: CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685 CVE-2025-38181: calipso: fix null-ptr-deref in calipsoreqset,delatt...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_4
This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685 CVE-2025-38181: calipso: fix null-ptr-deref in...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_5
This update for kernel-livepatch-MICRO-6-0-RTUpdate5 fixes the following issues: CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685 CVE-2025-38181: calipso: fix null-ptr-deref in...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_6
This update for kernel-livepatch-MICRO-6-0-RTUpdate6 fixes the following issues: CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685 CVE-2025-38181: calipso: fix null-ptr-deref in...
Security update for kernel-livepatch-MICRO-6-0_Update_8
This update for kernel-livepatch-MICRO-6-0Update8 fixes the following issues: CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685 CVE-2025-38181: calipso: fix null-ptr-deref in calipsoreqset,delattr bsc1246001 CVE-2025-38498: dochangetype: refuse to operate on unmounted/n...
Security update for kernel-livepatch-MICRO-6-0_Update_5
This update for kernel-livepatch-MICRO-6-0Update5 fixes the following issues: CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685 CVE-2025-38181: calipso: fix null-ptr-deref in calipsoreqset,delatt...
Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685 CVE-2025-38181: calipso: fix null-ptr-deref in calipsoreqset,delatt...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-49860: ACPI: sysfs: validate return type of STR method bsc1231862 CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow...
Security update for gstreamer-plugins-base
This update for gstreamer-plugins-base fixes the following issues: CVE-2025-47806: Fixed stack buffer overflow in SubRip subtitle parser bsc1244407. CVE-2025-47807: Fixed NULL-pointer dereference in SubRip subtitle parser bsc1244403. CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49980: USB: gadget: fix use-after-free read in usbudcuevent bsc1245110. CVE-2022-50116: tty: ngsm: fix deadlock and link starvation in outgoing data path...
Security update for cmake
This update for cmake fixes the following issues: CVE-2025-9301: Fixed assertion failure due to improper validation bsc1248461 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for mariadb
This update for mariadb fixes the following issues: Update to version 10.6.23. Security issues fixed: CVE-2025-21490: InnoDB issue allows high privileged attacker with network access to cause a hang or frequently repeatable crash of MySQL Server bsc1243356. CVE-2025-30693: InnoDB issue allows hig...
Security update for python-h2
This update for python-h2 fixes the following issues: CVE-2025-57804: Fixed HTTP Request Smuggling due to illegal characters in headers bsc1248737 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for iperf
This update for iperf fixes the following issues: updated to 3.19.1: CVE-2025-54349: Fixed off-by-one error heap based buffer overflow in iperfauth.c bsc1247519 CVE-2025-54350: Fixed Base64Decode assertion failure in iperfauth.c bsc1247520 CVE-2025-54351: Fixed buffer overflow when --skip-rx-copy...
Security update for udisks2
This update for udisks2 fixes the following issues: CVE-2025-8067: Fixed missing bounds check leading to out-of-bounds read bsc1248502 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...
Security update for krb5
This update for krb5 fixes the following issues: CVE-2025-3576: weakness in the MD5 checksum design allows for spoofing of GSSAPI-protected messages that are using RC4-HMAC-MD5 bsc1241219. Krb5, as a very old protocol, supported quite a number of ciphers that are not longer up to current...
Security update for bluez
This update for bluez fixes the following issues: CVE-2023-45866: keystroke injection and arbitrary command execution via HID device connections bsc1217877. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for nvidia-open-driver-G06-signed
This update for nvidia-open-driver-G06-signed fixes the following issues: Updated CUDA variant to 580.82.07: CVE-2025-23277: Fixed access to memory outside bounds permitted under normal use cases in NVIDIA Display Driver bsc1247528. CVE-2025-23278: Fixed improper index validation by issuing a cal...
Security update for net-tools
This update for net-tools fixes the following issues: Security issues fixed: Avoid unsafe use of memcpy in ifconfig bsc1248687. Prevent overflow in ax25 and netrom bsc1248687. Fix stack buffer overflow in parsehex bsc1248687. Fix stack buffer overflow in procgenfmt bsc1248687. Other issues fixed:...
Security update for rabbitmq-server313
This update for rabbitmq-server313 fixes the following issues: CVE-2025-50200: Fixed logging of Basic Auth header from an HTTP request bsc1245105 Fixed bad logrotate configuration allowing potential escalation from rabbitmq to root bsc1246091 Patch Instructions: To install this SUSE update use th...
Security update for pcp
This update for pcp fixes the following issues: CVE-2024-3019: exposure of the redis server backend allows remote command execution via pmproxy bsc1222121. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for cups-filters
This update for cups-filters fixes the following issues: CVE-2024-47175: no validation of IPP attributes in ppdCreatePPDFromIPP2 when writing to a temporary PPD file allows for the injection of attacker-controlled data to the resulting PPD bsc1230932. Patch Instructions: To install this SUSE upda...
Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002317 fixes several issues. The following security issues were fixed: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245504. CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2025-38001: netsched: hfsc: Address...
Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP7)
This update for the Linux Kernel 6.4.0-150700536 fixes several issues. The following security issue was fixed: CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU bsc1246030. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdat...
Security update for go1.25
This update for go1.25 fixes the following issues: Update to go1.25.1, released 2025-09-03 bsc1244485. Security issues fixed: CVE-2025-47910: net/http: CrossOriginProtection insecure bypass patterns not limited to exact matches bsc1249141. Other issues fixed: go74822 cmd/go: "get toolchain@latest...
Security update for ucode-intel
This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20250812 release bsc1248438 CVE-2025-20109: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel Processors may allow an authenticated user to potentially enable...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_10
This update for kernel-livepatch-MICRO-6-0-RTUpdate10 fixes the following issues: CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU bsc1246030 CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350 CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_6
This update for kernel-livepatch-MICRO-6-0-RTUpdate6 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree...
Security update for xen
This update for xen fixes the following issues: Security issues fixed: CVE-2025-27466: NULL pointer dereference in the Viridian interface when updating the reference TSC area bsc1248807. CVE-2025-58142: NULL pointer dereference in the Viridian interface due to assumption that the SIM page is mapp...
Security update for regionServiceClientConfigGCE
This update for regionServiceClientConfigGCE contains the following fixes: Update to version 5.0.0. bsc1246995 SLE 16 python-requests requires SSL v3 certificates. Update 2 region server certs to support SLE 16 when it gets released. Update conditional to handle name change of metadata package in...
Security update for regionServiceClientConfigAzure
This update for regionServiceClientConfigAzure contains the following fixes: Update to version 3.0.0. bsc1246995 SLE 16 python-requests requires SSL v3 certificates. Update 2 region server certs to support SLE 16 when it gets released. Update dependency name for metadata package, name change in S...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-55004: Fixed heap buffer over-read in in ReadOneMNGIMage when processing images with separate alpha channels bsc1248076. CVE-2025-55005: Fixed heap buffer overflow when transforming from Log to sRGB colorspaces bsc1248077...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-55004: Fixed heap buffer over-read in in ReadOneMNGIMage when processing images with separate alpha channels bsc1248076. CVE-2025-55005: Fixed heap buffer overflow when transforming from Log to sRGB colorspaces bsc1248077...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-55004: Fixed heap buffer over-read in in ReadOneMNGIMage when processing images with separate alpha channels bsc1248076. CVE-2025-55005: Fixed heap buffer overflow when transforming from Log to sRGB colorspaces bsc1248077...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-55005: Fixed heap buffer overflow when transforming from Log to sRGB colorspaces bsc1248077. CVE-2025-55154: Fixed integer overflow when performing magnified size calculations in ReadOneMNGIMage bsc1248078. CVE-2025-55160: Fixed...
Security update for regionServiceClientConfigGCE
This update for regionServiceClientConfigGCE contains the following fixes: Update to version 5.0.0 bsc1246995 SLE 16 python-requests requires SSL v3 certificates. Update 2 region server certs to support SLE 16 when it gets released. Update conditional to handle name change of metadata package in...
Security update for microcode_ctl
This update for microcodectl fixes the following issues: Intel CPU Microcode was updated to the 20250812 release bsc1248438 CVE-2025-20109: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel Processors may allow an authenticated user to potentially enable...
Security update for ucode-intel
This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20250812 release bsc1248438 CVE-2025-20109: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel Processors may allow an authenticated user to potentially enable...
Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP7)
This update for the Linux Kernel 6.4.0-15070073 fixes several issues. The following security issues were fixed: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245504. CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235...
Security update for the Linux Kernel RT (Live Patch 13 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001044 fixes several issues. The following security issue was fixed: CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU bsc1246030. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupda...
Security update for ovmf
This update for ovmf fixes the following issues: CVE-2023-45229: Fixed integer underflow when processing IANA/IATA options in a DHCPv6 Advertise message bsc1218879 CVE-2023-45230: Fixed buffer overflow in the DHCPv6 client via a long Server ID option bsc1218880 Patch Instructions: To install this...
Security update for podman
This update for podman fixes the following issues: CVE-2025-6032: Machine init command fails to verify TLS certificate when downloading VM images from an OCI registry bsc1245320. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate o...
Security update for jq
This update for jq fixes the following issues: CVE-2025-48060: Fixed stack-buffer-overflow in jqfuzzexecute jvstringvfmt bsc1244116. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...
Security update for grub2
This update for grub2 fixes the following issues: CVE-2024-56738: Side-channel attack due to not constant-timealgorithm in grubcryptomemcmp bsc1234959. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...