5115 matches found
Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2024-53164: net: sched: fix ordering of qlen adjustment bsc1246019 CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY...
Security update for kernel-livepatch-MICRO-6-0_Update_10
This update for kernel-livepatch-MICRO-6-0Update10 fixes the following issues: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY bsc1249207 Patch Instructions: To install this SUSE update use the SUSE...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_6
This update for kernel-livepatch-MICRO-6-0-RTUpdate6 fixes the following issues: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY bsc1249207 CVE-2025-38617: net/packet: fix a race in packetsetring and...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_7
This update for kernel-livepatch-MICRO-6-0-RTUpdate7 fixes the following issues: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY bsc1249207 CVE-2025-38617: net/packet: fix a race in packetsetring and...
Security update for kernel-livepatch-MICRO-6-0_Update_6
This update for kernel-livepatch-MICRO-6-0Update6 fixes the following issues: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY bsc1249207 CVE-2025-38617: net/packet: fix a race in packetsetring and...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_7
This update for kernel-livepatch-MICRO-6-0-RTUpdate7 fixes the following issues: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY bsc1249207 CVE-2025-38617: net/packet: fix a race in packetsetring and...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_6
This update for kernel-livepatch-MICRO-6-0-RTUpdate6 fixes the following issues: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY bsc1249207 CVE-2025-38617: net/packet: fix a race in packetsetring and...
Security update for kernel-livepatch-MICRO-6-0_Update_10
This update for kernel-livepatch-MICRO-6-0Update10 fixes the following issues: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY bsc1249207 Patch Instructions: To install this SUSE update use the SUSE...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_5
This update for kernel-livepatch-MICRO-6-0-RTUpdate5 fixes the following issues: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY bsc1249207 CVE-2025-38617: net/packet: fix a race in packetsetring and...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_5
This update for kernel-livepatch-MICRO-6-0-RTUpdate5 fixes the following issues: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY bsc1249207 CVE-2025-38617: net/packet: fix a race in packetsetring and...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_4
This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: CVE-2024-53164: net: sched: fix ordering of qlen adjustment bsc1246019 CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_4
This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: CVE-2024-53164: net: sched: fix ordering of qlen adjustment bsc1246019 CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY...
Security update for tiff
This update for tiff fixes the following issues: Update to 4.7.1: CVE-2025-8851: Fixed stack-based buffer overflow bsc1248278. CVE-2025-9900: Fixed write-what-where via TIFFReadRGBAImageOriented bsc1250413. Patch Instructions: To install this SUSE update use the SUSE recommended installation...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-62594: Fixed unsigned underflow and division-by-zero that can lead to OOB pointer arithmetic and process crash. bsc1252749 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for sccache
This update for sccache fixes the following issues: CVE-2025-55159: updated slab with the uninit memory access fix bsc1248003 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...
Security update for aws-efs-utils
This update for aws-efs-utils fixes the following issues: Update to version 2.3.3 bsc1240044. Security issues fixed: CVE-2025-55159: slab: incorrect bounds check in getdisjointmut function can lead to potential crash due to out-of-bounds access bsc1248055. CVE-2020-35881: traitobject: log4rs:...
Security update for runc
This update for runc fixes the following issues: CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions bsc1252232. CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races bsc1252232. CVE-2025-52881: Fixed...
Security update for runc
This update for runc fixes the following issues: CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions bsc1252232. CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races bsc1252232. CVE-2025-52881: Fixed...
Security update for colord
This update for colord fixes the following issues: CVE-2021-42523: The original fix was wrong and did not properly free the error, resulting in a crash that has now been addressed bsc1250750. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for ffmpeg
This update for ffmpeg fixes the following issues: CVE-2025-7700: Fixed NULL Pointer Dereference in FFmpeg ALS Decoder libavcodec/alsdec.c bsc1246790. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for jasper
This update for jasper fixes the following issues: Update to 4.2.8: CVE-2025-8837: Fixed a bug in the JPC decoder that could cause bad memory accesses if the debug level is set sufficiently high bsc1247901. CVE-2025-8836: Added some missing range checking on several coding parameters in the JPC...
Security update for openjpeg
This update for openjpeg fixes the following issues: CVE-2023-39327: Fixed that malicious files can cause a large loop that continuously prints warning messages on the terminal bsc1227410. Other bug fixes: Ensure no bundled libraries are used bsc1250467. Patch Instructions: To install this SUSE...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-3154: Fixed out-of-bounds array write due to invalid VerticesPerRow bsc1240687. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
Security update for sccache
This update for sccache fixes the following issues: CVE-2025-55159 - updated slab with the uninit memory access fix bsc1248003 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Security update for qatengine, qatlib
This update for qatengine, qatlib fixes the following issues: Note that the 1.6.1 release included in 1.7.0 fixes the following vulnerabilities: bsc1233363 CVE-2024-28885 bsc1233365 CVE-2024-31074 bsc1233366 CVE-2024-33617 Update to 1.7.0: ipp-crypto name change to cryptography-primitives QATSW G...
Security update for qatengine, qatlib
This update for qatengine, qatlib fixes the following issues: Note that the 1.6.1 release included in 1.7.0 fixes the following vulnerabilities: bsc1233363 CVE-2024-28885 bsc1233365 CVE-2024-31074 bsc1233366 CVE-2024-33617 Update to 1.7.0: ipp-crypto name change to cryptography-primitives QATSW G...
Security update for tiff
This update for tiff fixes the following issues: CVE-2025-9900: Fixed Write-What-Where in libtiff via TIFFReadRGBAImageOriented bsc1250413. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...
Security update for govulncheck-vulndb
This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20251029T215107 2025-10-29T21:51:07Z. jscPED-11136: GO-2025-4006 GO-2025-4007 GO-2025-4008 GO-2025-4009 GO-2025-4010 GO-2025-4011 GO-2025-4012 GO-2025-4013 GO-2025-4014 GO-2025-4015 Patch Instructions: To install...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-11021: Ignore invalid date when processing cookies to prevent out-of-bounds read bsc1250562. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002342 fixes several issues. The following security issues were fixed: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. CVE-2025-38617: net/packet: fix a race in packetsetring and packetnotifier bsc1249208...
Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002333 fixes several issues. The following security issues were fixed: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. CVE-2025-38617: net/packet: fix a race in packetsetring and packetnotifier bsc1249208...
Security update for the Linux Kernel
This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...
Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002353 fixes several issues. The following security issues were fixed: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. CVE-2025-38617: net/packet: fix a race in packetsetring and packetnotifier bsc1249208...
Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002338 fixes several issues. The following security issues were fixed: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. CVE-2025-38617: net/packet: fix a race in packetsetring and packetnotifier bsc1249208...
Security update for the Linux Kernel (Live Patch 72 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122272 fixes one issue. The following security issue was fixed: CVE-2022-50252: igb: Do not free qvector unless new one was allocated bsc1249847. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for nodejs18
This update for nodejs18 fixes the following issues: CVE-2025-7783: Switched away from Math.random in boundary values for multipart form-encoded data bsc1246818 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2025-62171: Fixed incomplete fix for integer overflow in BMP Decoder bsc1252282. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
Security update for openssl-3-livepatches
This update for openssl-3-livepatches fixes the following issues: livepatch for CVE-2025-9230: Out-of-bounds read & write in RFC 3211 KEK Unwrap bsc1250410. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for rav1e
This update for rav1e fixes the following issues: CVE-2022-24713: Updated crate regex to 1.5.5 that resolves a ReDoS issue bsc1196972 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-43718: fixed uncontrolled recursion in the regex-based metadata parser when processing specially crafted PDF files bsc1250908 CVE-2025-52885: improved pointer handling that could have led to dangling pointers when the vector is resized...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: Fixed use-after-free in XPresentNotify structures creation CVE-2025-62229, bsc1251958 Fixed use-after-free in Xkb client resource removal CVE-2025-62230, bsc1251959 Fixed value overflow in Xkb extension XkbSetCompatMap CVE-2025-62231,...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: CVE-2025-43343: Fixed an issue where processing maliciously crafted web content may lead to an unexpected process crash bsc1251975 CVE-2025-43272: Fixed an issue where processing maliciously crafted web content may lead to an unexpected Safa...
Security update for strongswan
This update for strongswan fixes the following issues: CVE-2025-62291: fixed buffer overflow when handling EAP-MSCHAPv2 failure requests bsc1251941 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for bind
This update for bind fixes the following issues: Upgrade to release 9.20.15: CVE-2025-8677: DNSSEC validation fails if matching but invalid DNSKEY is found bsc1252378. CVE-2025-40778: Address various spoofing attacks bsc1252379. CVE-2025-40780: Cache-poisoning due to weak pseudo-random number...
Security update for squid
This update for squid fixes the following issues: CVE-2025-62168: Fixed proxy auth data visible to scripts bsc1252281. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command list...
Security update for colord
This update for colord fixes the following issues: CVE-2021-42523: Fixed information disclosure in cd-device-db.c and cd-profile-db.c bsc1250750. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-43718: Fixed uncontrolled recursion in the regex-based metadata parser when processing specially crafted PDF files allows for stack exhaustion and denial of service bsc1250908. CVE-2025-52885: Fixed raw pointers can lead to dangling...
Security update for colord
This update for colord fixes the following issues: CVE-2021-42523: The original fix was wrong and did not properly free the error, resulting in a crash that has now been addressed bsc1250750. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-43718: fixed uncontrolled recursion in the regex-based metadata parser when processing specially crafted PDF files bsc1250908 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Security update for libssh
This update for libssh fixes the following issues: CVE-2025-8277: memory exhaustion leading to client-side DoS due to improper memory management when KEX process is repeated with incorrect guesses bsc1249375. Patch Instructions: To install this SUSE update use the SUSE recommended installation...