Security update for the Linux Kernel (Live Patch 43 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.173 fixes various security issues The following security issues were fixed: CVE-2022-50233: bluetooth: device name can cause reading kernel memory by not supplying terminal \0 bsc1249242. CVE-2022-50327: ACPI: processor: idle: Che...

Security update for abseil-cpp

This update for abseil-cpp fixes the following issues: CVE-2025-0838: Fixed potential integer overflow in hash container create/resize bsc1237543. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...

Security update for the Linux Kernel (Live Patch 31 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.124 fixes various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1254451. CVE-2022-50490: bpf: Propagate error from htablockbucket to userspa...

Security update for the Linux Kernel (Live Patch 30 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.121 fixes various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1254451. CVE-2022-50409: net: If sock is dead don't access sock's skwq in...

Security update for the Linux Kernel (Live Patch 29 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.116 fixes various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1254451. CVE-2022-50409: net: If sock is dead don't access sock's skwq in...

Security update for the Linux Kernel (Live Patch 45 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.179 fixes various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1254451. CVE-2022-50490: bpf: Propagate error from htablockbucket to userspa...

Security update for the Linux Kernel (Live Patch 28 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.113 fixes various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1254451. CVE-2022-50409: net: If sock is dead don't access sock's skwq in...

Security update for the Linux Kernel (Live Patch 26 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.103 fixes various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1254451. CVE-2022-50409: net: If sock is dead don't access sock's skwq in...

Security update for the Linux Kernel (Live Patch 40 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.164 fixes various security issues The following security issues were fixed: CVE-2022-50233: bluetooth: device name can cause reading kernel memory by not supplying terminal \0 bsc1249242. CVE-2022-50327: ACPI: processor: idle: Che...

Security update for the Linux Kernel (Live Patch 44 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.176 fixes various security issues The following security issues were fixed: CVE-2022-50233: bluetooth: device name can cause reading kernel memory by not supplying terminal \0 bsc1249242. CVE-2022-50327: ACPI: processor: idle: Che...

Security update for the Linux Kernel (Live Patch 34 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.144 fixes various security issues The following security issues were fixed: CVE-2022-50233: bluetooth: device name can cause reading kernel memory by not supplying terminal \0 bsc1249242. CVE-2022-50327: ACPI: processor: idle: Che...

Security update for the Linux Kernel (Live Patch 21 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.88 fixes various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1254451. CVE-2022-50409: net: If sock is dead don't access sock's skwq in...

Security update for the Linux Kernel RT (Live Patch 1 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise kernel 6.4.0-150700.7.3 fixes various security issues The following security issues were fixed: CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251787. CVE-2025-38476: rpl: Fix use-after-free in rpldosrhinline...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50116: kernel: tty: ngsm: fix deadlock and link starvation in outgoing data path bsc1244824. CVE-2024-53177: smb: prevent use-after-free due to opencacheddir...

Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise kernel 6.4.0-150700.7.19 fixes various security issues The following security issues were fixed: CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251787. CVE-2025-40204: sctp: Fix MAC comparison to be constant-time...

Security update for the Linux Kernel (Live Patch 42 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.170 fixes various security issues The following security issues were fixed: CVE-2022-50233: bluetooth: device name can cause reading kernel memory by not supplying terminal \0 bsc1249242. CVE-2022-50327: ACPI: processor: idle: Che...

Security update for the Linux Kernel (Live Patch 35 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.147 fixes various security issues The following security issues were fixed: CVE-2022-50233: bluetooth: device name can cause reading kernel memory by not supplying terminal \0 bsc1249242. CVE-2022-50327: ACPI: processor: idle: Che...

Security update for the Linux Kernel (Live Patch 72 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise kernel 4.12.14-122.272 fixes various security issues The following security issues were fixed: CVE-2022-50233: bluetooth: device name can cause reading kernel memory by not supplying terminal \0 bsc1249242. CVE-2022-50327: ACPI: processor: idle: Check...

Security update for the Linux Kernel (Live Patch 63 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise kernel 4.12.14-122.237 fixes various security issues The following security issues were fixed: CVE-2022-50233: bluetooth: device name can cause reading kernel memory by not supplying terminal \0 bsc1249242. CVE-2022-50327: ACPI: processor: idle: Check...

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: MFSA 2026-05 bsc1256340: CVE-2026-0877: Mitigation bypass in the DOM in Security component CVE-2026-0878: Sandbox escape due to incorrect boundary conditions in the Graphics in CanvasWebGL component CVE-2026-0879: Sandbox escape due t...

Security update for libsoup

This update for libsoup fixes the following issues: CVE-2025-14523: Reject duplicated Host in headers and followed upsteram update bsc1254876. CVE-2026-0719: Fixed overflow for password md4sum bsc1256399 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-47557: net/sched: schets: do not peek at classes beyond 'nbands' bsc1207361 bsc1225468. CVE-2021-47595: net/sched: schets: do not remove idle classes from the...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49110: netfilter: conntrack: revisit gc autotuning bsc1237981. CVE-2022-49139: Bluetooth: fix null ptr deref on hcisyncconncompleteevt bsc1238032...

Security update for python

This update for python fixes the following issues: CVE-2025-8291: check validity of the ZIP64 End of Central Directory EOCD in the 'zipfile' module bsc1251305. CVE-2025-12084: prevent quadratic behavior in node ID cache clearing bsc1254997. CVE-2025-13836: prevent reading an HTTP response from a...

Security update for python310

This update for python310 fixes the following issues: CVE-2025-12084: quadratic complexity when building nested elements using xml.dom.minidom methods that depend on clearidcache can lead to availability issues when building excessively nested documents bsc1254997. CVE-2025-13836: use of...

Security update for poppler

This update for poppler fixes the following issues: CVE-2025-11896: Fixed infinite recursion leading to stack overflow due to object loop in PDF CMap bsc1252337 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for podman

This update for podman fixes the following issues: CVE-2025-47914: Fixed ssh-agent that could cause a panic due to an out-of-bounds read with non validated message size bsc1253993 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...

Security update for libsoup

This update for libsoup fixes the following issues: CVE-2025-14523: Reject duplicated Host in headers bsc1254876. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed fo...

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.7.0 ESR bsc1256340. MFSA 2026-03 CVE-2026-0877: Mitigation bypass in the DOM: Security component CVE-2026-0878: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebG...

Security update for ovmf

This update for ovmf fixes the following issues: CVE-2022-36765: Fixed integer overflow to buffer overflow via local network vulnerability bsc1218680. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for ovmf

This update for ovmf fixes the following issues: CVE-2022-36765: Fixed integer overflow to buffer overflow via local network vulnerability bsc1218680. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for curl

This update for curl fixes the following issues: CVE-2025-14017: Fixed broken TLS options for threaded LDAPS bsc1256105 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...

Security update for libtasn1

This update for libtasn1 fixes the following issues: CVE-2025-13151: stack-based buffer overflow in asn1expendoctetstring bsc1256341. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...

Security update for util-linux

This update for util-linux fixes the following issues: CVE-2025-14104: Fixed heap buffer overread in setpwnam when processing 256-byte usernames bsc1254666. lscpu: Add support for NVIDIA Olympus arm64 core jscPED-13682. Patch Instructions: To install this SUSE update use the SUSE recommended...

Security update for util-linux

This update for util-linux fixes the following issues: CVE-2025-14104: Fixed heap buffer overread in setpwnam when processing 256-byte usernames bsc1254666. lscpu: Add support for NVIDIA Olympus arm64 core jscPED-13682. Patch Instructions: To install this SUSE update use the SUSE recommended...

Security update for util-linux

This update for util-linux fixes the following issues: CVE-2025-14104: Fixed heap buffer overread in setpwnam when processing 256-byte usernames bsc1254666. lscpu: Add support for NVIDIA Olympus arm64 core jscPED-13682. Patch Instructions: To install this SUSE update use the SUSE recommended...

Security update for the Linux Kernel (Live Patch 31 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.124 fixes one security issue The following security issue was fixed: CVE-2023-53574: wifi: rtw88: delete timer and free skb queue when unloading bsc1251984. Patch Instructions: To install this SUSE update use the SUSE recommended...

Security update for the Linux Kernel (Live Patch 28 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.113 fixes various security issues The following security issues were fixed: CVE-2023-53574: wifi: rtw88: delete timer and free skb queue when unloading bsc1251984. CVE-2025-38257: s390/pkey: prevent overflow in size calculation fo...

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2025-68618: read a malicious SVG file may result in a DoS attack bsc1255821. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can ru...

Security update for libheif

This update for libheif fixes the following issues: CVE-2025-68431: Fixed heap buffer over-read in HeifPixelImage::overlay via crafted HEIF that exercises the overlay image item bsc1255735 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Security update for php8

This update for php8 fixes the following issues: Security fixes: CVE-2025-14177: getimagesize function may leak uninitialized heap memory into the APPn segments when reading images in multi-chunk mode bsc1255710. CVE-2025-14178: heap buffer overflow occurs in arraymerge when the total element cou...

Security update for libpng16

This update for libpng16 fixes the following issues: CVE-2025-66293: out-of-bounds read of the pngsRGBbase array when processing palette PNG images with partial transparency and gamma correction bsc1254480. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

Security update for gimp

This update for gimp fixes the following issues: CVE-2025-15059: Fixed Heap-based Buffer Overflow Remote Code Execution Vulnerability in GIMP PSP File Parsing bsc1255766. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zyppe...

Security update for python-filelock

This update for python-filelock fixes the following issues: CVE-2025-68146: TOCTOU race condition may allow local attackers to corrupt or truncate arbitrary user files bsc1255244. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...

Security update for poppler

This update for poppler fixes the following issues: CVE-2025-11896: Fixed infinite recursion leading to stack overflow due to object loop in PDF CMap bsc1252337 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Security update for libvirt

This update for libvirt fixes the following issues: Security fixes: CVE-2025-13193: Fixed umask for 'qemu-img' when creating external inactive snapshots bsc1253703 CVE-2025-12748: Fixed check ACLs before parsing the whole domain XML bsc1253278 Other fixes: libvirt-supportconfig: Add support for...

Security update for libvirt

This update for libvirt fixes the following issues: Security fixes: CVE-2025-13193: Fixed umask for 'qemu-img' when creating external inactive snapshots bsc1253703 CVE-2025-12748: Fixed check ACLs before parsing the whole domain XML bsc1253278 Other fixes: libvirt-supportconfig: Add support for...

Security update for curl

This update for curl fixes the following issues: CVE-2025-14017: Fixed broken TLS options for threaded LDAPS bsc1256105. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...

Security update for curl

This update for curl fixes the following issues: CVE-2025-14017: Fixed broken TLS options for threaded LDAPS bsc1256105. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2025-68618: read a malicious SVG file may result in a DoS attack bsc1255821. CVE-2025-68950: check for circular references in mvg files may lead to stack overflow bsc1255822. CVE-2025-69204: an integer overflow can lead to a DoS attack...