5376 matches found
Security update for krb5
This update for krb5 fixes the following issues: CVE-2025-24528: Fixed out-of-bounds write caused by overflow when calculating ulog block size can lead to process crash bsc1236619. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate...
Security update for u-boot
This update for u-boot fixes the following issues: CVE-2024-57256: integer overflow in U-Boot's ext4 symlink resolution function bsc1237284. CVE-2024-57258: multiple integer overflows in U-Boot's memory allocator bsc1237287. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for glibc
This update for glibc fixes the following issues: CVE-2025-0395: Fixed buffer overflow in the assert function bsc1236282. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...
Security update for pcp
This update for pcp fixes the following issues: CVE-2024-45769: Fixed pmcd heap corruption through metric pmstore operations bsc1230551. CVE-2024-45770: Fixed pmpost symlink attack allowing escalating pcp to root user bsc1230552. Patch Instructions: To install this SUSE update use the SUSE...
Security update for glibc
This update for glibc fixes the following issues: CVE-2025-0395: Fixed buffer overflow in the assert function bsc1236282. Other fixes: - Fix underallocation of abortmsgs struct - Correctly determine livepatching support - Remove nss-systemd from default nsswitch.conf bsc1233699 Patch...
Security update for pam_u2f
This update for pamu2f fixes the following issues: CVE-2025-23013: Fixed problematic PAMIGNORE return values in pamsmauthenticatebsc1233517. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
Security update for haproxy
This update for haproxy fixes the following issues: Update to version 2.8.11+git0.01c1056a4: VUL-0: CVE-2024-53008: haproxy: HTTP/3 request smuggling via malformed HTTP headers forwarded to a HTTP/1.1 non-compliant back-end server bsc1233973 BUG/MINOR: cfgparse-listen: fix option httpslog overrid...
Security update for pam
This update for pam fixes the following issues: CVE-2024-10963: Fixed improper hostname interpretation inpamaccess that could lead to access control bypass bsc1233078 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-26708: mptcp: fastopen and PM-trigger subflow shutdown can race bsc1222672. CVE-2024-44974: mptcp: pm: avoid possible UaF when selectin...
Security update for gnutls
This update for gnutls fixes the following issues: CVE-2024-12243: quadratic complexity of DER input decoding in libtasn1 can lead to a DoS bsc1236974. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for u-boot
This update for u-boot fixes the following issues: CVE-2024-57256: integer overflow in U-Boot's ext4 symlink resolution function bsc1237284. CVE-2024-57258: multiple integer overflows in U-Boot's memory allocator bsc1237287. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for libxkbfile
This update for libxkbfile fixes the following issues: CVE-2025-26595: Fixed buffer overflow in XkbVModMaskText bsc1237429. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...
Security update for python
This update for python fixes the following issues: Reference to no longer used 'bracketedhost' variable in the fix for CVE-2025-0938 bsc1236705, bsc1223694. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for u-boot
This update for u-boot fixes the following issues: CVE-2024-57256: integer overflow in U-Boot's ext4 symlink resolution function bsc1237284. CVE-2024-57258: multiple integer overflows in U-Boot's memory allocator bsc1237287. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for ovmf
This update for ovmf fixes the following issues: CVE-2023-45229: out-of-bounds read in edk2 when processing IANA/IATA options in DHCPv6 Advertise messages. bsc1218879 CVE-2023-45230: buffer overflow in the DHCPv6 client in edk2 via a long Server ID option. bsc1218880 CVE-2023-45231: out-of-bounds...
Security update for sssd
This update for sssd fixes the following issues: CVE-2023-3758: Fixed race condition during authorization leading to GPO policies functioning inconsistently bsc1223100. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for libX11
This update for libX11 fixes the following issues: CVE-2025-26597: improper resizing of key actions when nGroups is 0 can lead to buffer overflows in XkbChangeTypesOfKey bsc1237431. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdat...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-26594: Use-after-free of the root cursor bsc1237427. CVE-2025-26595: Buffer overflow in XkbVModMaskText bsc1237429. CVE-2025-26596: Heap overflow in XkbWriteKeySyms bsc1237430. CVE-2025-26597: Buffer overflow in...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-26594: Use-after-free of the root cursor bsc1237427. CVE-2025-26595: Buffer overflow in XkbVModMaskText bsc1237429. CVE-2025-26596: Heap overflow in XkbWriteKeySyms bsc1237430. CVE-2025-26597: Buffer overflow in...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-26594: Use-after-free of the root cursor bsc1237427. CVE-2025-26595: Buffer overflow in XkbVModMaskText bsc1237429. CVE-2025-26596: Heap overflow in XkbWriteKeySyms bsc1237430. CVE-2025-26597: Buffer overflow in...
Security update for pam_pkcs11
This update for pampkcs11 fixes the following issues: CVE-2025-24531: Fixed regression in version 0.6.12 returning PAMIGNORE in many situations with possible authentication bypass bsc1236314. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for vim
This update for vim fixes the following issues: Update to version 9.1.1101: CVE-2024-43790: possible out-of-bounds read when performing a search command bsc1229685. CVE-2024-43802: heap buffer overflow due to incorrect flushing of the typeahead buffer bsc1229822. CVE-2024-45306: heap buffer...
Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059164 fixes several issues. The following security issues were fixed: CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes bsc1227320. CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irqprocessworklist...
Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059174 fixes one issue. The following security issue was fixed: CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat bsc1236783. Patch Instructions: To install this SUSE update use the SUSE recommended...
Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005562 fixes several issues. The following security issues were fixed: CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irqprocessworklist bsc1228585. CVE-2024-36974: net/sched: taprio: always validate TCATAPRIOATTRPRIOMAP bsc1227371...
Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002325 fixes one issue. The following security issue was fixed: CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat bsc1236783. Patch Instructions: To install this SUSE update use the SUSE recommended installatio...
Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-150600237 fixes several issues. The following security issues were fixed: CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irqprocessworklist bsc1228585. CVE-2024-36974: net/sched: taprio: always validate TCATAPRIOATTRPRIOMAP bsc1227371...
Security update for ovmf
This update for ovmf fixes the following issues: PXE boot is failing due to patches applied to fix CVE-2023-45236 and CVE-2023-45237 bsc1237084. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...
Security update for pam_pkcs11
This update for pampkcs11 fixes the following issues: CVE-2025-24032: default value for certpolicy none allows for authentication bypass bsc1237062. CVE-2025-24031: uninitialized pointer dereference caused by user pressing ctrl-c/ctrl-d when asked for PIN leads to crash bsc1237058. Patch...
Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-15060021 fixes several issues. The following security issues were fixed: CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes bsc1227320. CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irqprocessworklist...
Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002314 fixes several issues. The following security issues were fixed: CVE-2024-36974: net/sched: taprio: always validate TCATAPRIOATTRPRIOMAP bsc1227371. CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat...
Security update for the Linux Kernel (Live Patch 53 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122194 fixes several issues. The following security issues were fixed: CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes bsc1227320. CVE-2021-47511: ALSA: pcm: oss: fix negative period/buffer sizes bsc1227700. CVE-2024-5310...
Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005559 fixes several issues. The following security issues were fixed: CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes bsc1227320. CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irqprocessworklist...
Security update for grub2
This update for grub2 fixes the following issues: CVE-2024-45781: Fixed strcpy overflow in ufs. bsc1233617 CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. bsc1234958 CVE-2024-45782: Fixed strcpy overflow in hfs. bsc1233615 CVE-2024-45780: Fixed an overflow in tar/cpio. bsc1233614...
Security update for grafana
This update for grafana fixes the following issues: grafana was updated from version 10.4.13 to 10.4.15: Security issues fixed: CVE-2024-45339: Fixed vulnerability when creating log files bsc1236559 CVE-2024-11741: Fixed the Grafana Alerting VictorOps integration bsc1236734 CVE-2025-21613: Remove...
Security update for google-osconfig-agent
This update for google-osconfig-agent fixes the following issues: CVE-2024-45339: github.com/golang/glog: a privileged process' log file path can be easily predicted and used to overwrite other sensitive files in a system. bsc1236560 Patch Instructions: To install this SUSE update use the SUSE...
Security update for ovmf
This update for ovmf fixes the following issues: PXE boot is failing due to patches applied to fix CVE-2023-45236 and CVE-2023-45237 bsc1237084. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...
Security update for ovmf
This update for ovmf fixes the following issues: PXE boot is failing due to patches applied to fix CVE-2023-45236 and CVE-2023-45237 bsc1237084. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...
Security update for netty, netty-tcnative
This update for netty, netty-tcnative fixes the following issues: CVE-2025-24970: incorrect validation of packets by SslHandler can lead to a native crash. bsc1237037 CVE-2025-25193: unsafe reading of environment files can lead to an application crash. bsc1237038 Update to netty version 4.1.118 a...
Security update for openvswitch
This update for openvswitch fixes the following issues: CVE-2025-0650: ovn: egress ACLs may be bypassed via specially crafted UDP packet bsc1236353. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-36898: gpiolib: cdev: fix uninitialised kfifo bsc1225736. CVE-2024-46858: mptcp: pm: Fix uaf in timerdeletesync bsc1231088. CVE-2024-50142: xfrm: validate new...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unusevma bsc1233112. CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat...
Security update for buildah
This update for buildah fixes the following issues: CVE-2023-45288: possible excessive CPU consumption due to no limit being set on the number of CONTINUATION frames read for an HTTP/2 request in golang.org/x/net/http2. bsc1236531 Patch Instructions: To install this SUSE update use the SUSE...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unusevma bsc1233112. CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseform...
Security update for python3
This update for python3 fixes the following issues: CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for libtasn1
This update for libtasn1 fixes the following issues: CVE-2024-12133: the processing of input DER data containing a large number of SEQUENCE OF or SET OF elements takes quadratic time to complete. bsc1236878 Patch Instructions: To install this SUSE update use the SUSE recommended installation...
Security update for python312
This update for python312 fixes the following issues: CVE-2025-0938: Functions urllib.parse.urlsplit and urlparse accept domain names including square brackets bsc1236705. CVE-2024-12254: Unbounded memory buffering in SelectorSocketTransport.writelines bsc1234290. Other bugfixes: Position of SUSE...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-35863: Fixed potential UAF in isvalidoplockbreak bsc1224763. CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unusevma bsc1233112. CVE-2024-53104: media:...
Security update for python
This update for python fixes the following issues: CVE-2025-0938: functions urllib.parse.urlsplit and urlparse accept domain names including square brackets bsc1236705. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for glibc
This update for glibc fixes the following issue: CVE-2025-0395: Fix underallocation of abortmsgs struct bsc1236282, BZ 32582 s390x-wcsncmp patch: s390x: Fix segfault in wcsncmp bsc1228044. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...