SUSE-IU-2026:4237-1: Security update of suse-sles-15-sp6-chost-byos-v20260601-x86_64-gen2
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Fri Jun 5 07:04:12 UTC 2026
SUSE Image Update Advisory: suse-sles-15-sp6-chost-byos-v20260601-x86_64-gen2
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:4237-1
Image Tags : suse-sles-15-sp6-chost-byos-v20260601-x86_64-gen2:20260601
Image Release :
Severity : critical
Type : security
References : 1234634 1243603 1248754 1250782 1253754 1258518 1258718 1258849
1258850 1258854 1258855 1258856 1258857 1258961 1259484 1259485
1259857 1260010 1260018 1260522 1260526 1261158 1261159 1261160
1261161 1261163 1261206 1261280 1261287 1261295 1261584 1261638
1261648 1261707 1261710 1261779 1261781 1261796 1261797 1261833
1262020 1262178 1262179 1262180 1262181 1262395 1262428 1262464
1262465 1262602 1262665 1262734 1262758 1262803 1263001 1263065
1263085 1263093 1263095 1263131 1263141 1263165 1263170 1263176
1263582 1263600 1263668 1263704 1263705 1263707 1263708 1263709
1263710 1263711 1263712 1263713 1263714 1263715 1263716 1263723
1263797 1263815 1263882 1263901 1263931 1263933 1264013 1264059
1264066 1264082 1264087 1264097 1264482 1264634 1264651 1264706
1264707 1264708 1264801 1264848 1265085 1265090 1265116 1265119
1265126 1265349 1265360 1265421 1265449 1265456 1265626 1265846
CVE-2023-2058 CVE-2025-54505 CVE-2025-54518 CVE-2025-54518 CVE-2026-23209
CVE-2026-23239 CVE-2026-23240 CVE-2026-23268 CVE-2026-23269 CVE-2026-23271
CVE-2026-23273 CVE-2026-23351 CVE-2026-23393 CVE-2026-2340 CVE-2026-23403
CVE-2026-23404 CVE-2026-23405 CVE-2026-23406 CVE-2026-23407 CVE-2026-23408
CVE-2026-23409 CVE-2026-23410 CVE-2026-23411 CVE-2026-23449 CVE-2026-23450
CVE-2026-23458 CVE-2026-23461 CVE-2026-23462 CVE-2026-23557 CVE-2026-23558
CVE-2026-3012 CVE-2026-31402 CVE-2026-31403 CVE-2026-31408 CVE-2026-31436
CVE-2026-31470 CVE-2026-31504 CVE-2026-31505 CVE-2026-31507 CVE-2026-31512
CVE-2026-31528 CVE-2026-31533 CVE-2026-31570 CVE-2026-31586 CVE-2026-31588
CVE-2026-31602 CVE-2026-31607 CVE-2026-31622 CVE-2026-31649 CVE-2026-31656
CVE-2026-31662 CVE-2026-31669 CVE-2026-31685 CVE-2026-31694 CVE-2026-31700
CVE-2026-31738 CVE-2026-31787 CVE-2026-3238 CVE-2026-33845 CVE-2026-33846
CVE-2026-34743 CVE-2026-3833 CVE-2026-39881 CVE-2026-4046 CVE-2026-40475
CVE-2026-42009 CVE-2026-42010 CVE-2026-42011 CVE-2026-42012 CVE-2026-42013
CVE-2026-42014 CVE-2026-42015 CVE-2026-42307 CVE-2026-43025 CVE-2026-43027
CVE-2026-43038 CVE-2026-43044 CVE-2026-43050 CVE-2026-43110 CVE-2026-43120
CVE-2026-43126 CVE-2026-43190 CVE-2026-43214 CVE-2026-43329 CVE-2026-43330
CVE-2026-43334 CVE-2026-43365 CVE-2026-43366 CVE-2026-43437 CVE-2026-43494
CVE-2026-43961 CVE-2026-4408 CVE-2026-44656 CVE-2026-4480 CVE-2026-45130
CVE-2026-46483 CVE-2026-5260 CVE-2026-5419 CVE-2026-5450 CVE-2026-5928
-----------------------------------------------------------------
The container suse-sles-15-sp6-chost-byos-v20260601-x86_64-gen2 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:2029-1
Released: Wed May 20 11:18:08 2026
Summary: Security update for vim
Type: security
Severity: moderate
References: 1261833,CVE-2026-39881
This update for vim fixes the following issue:
Security fixes:
- CVE-2026-39881: command injection in NetBeans interface can lead to arbitrary file reads and writes (bsc#1261833).
Other fixes:
- Update to 9.2.0398.
* 9.2.0398: MS-Windows: missing strptime() support
* 9.2.0397: tabpanel: double-click opens a new tab
* 9.2.0396: tests: Test_error_callback_terminal is flaky on macOS
* 9.2.0395: tests: Test_backupskip() may read from $HOME
* 9.2.0394: xxd: offsets greater than LONG_MAX print as negative
* 9.2.0393: MS-Windows: link error with XPM support on UCRT64
* 9.2.0392: tests: Some tests are flaky
* 9.2.0391: tests: Comment in test_vim9_cmd breaks syntax highlighting
* 9.2.0390: filetype: some Beancount files are not recognized
* 9.2.0389: DECRQM still leaves stray 'pp' on Apple Terminal.app
* 9.2.0388: strange indent in update_topline()
* 9.2.0387: DECRQM request may leave stray chars in terminal
* 9.2.0386: No scroll/scrollbar support in the tabpanel
* 9.2.0385: Integer overflow with 'ze' and large 'sidescrolloff'
* 9.2.0384: stale Insstart after <Cmd> cursor move breaks undo
* 9.2.0383: [security]: runtime(netrw): shell-injection via sftp: and file: URLs
* 9.2.0382: Wayland: focus-stealing is non-working
* 9.2.0381: Vim9: Missing check_secure() in exec_instructions()
* 9.2.0380: completion: a few issues in completion code
* 9.2.0379: gui.color_approx is never used
* 9.2.0378: Using int as bool type in win_T struct
* 9.2.0377: Using int as bool type in gui_T struct
* 9.2.0376: Vim9: elseif condition compiled in dead branch
* 9.2.0375: prop_find() does not find a virt text in starting line
* 9.2.0374: c_CTRL-{G,T} does not handle offset
* 9.2.0373: Ctrl-R mapping not triggered during completion
* 9.2.0372: pum: rendering issues with multibyte text and opacity
* 9.2.0371: filetype: ghostty config files are not recognized
* 9.2.0370: duplicate code with literal string_T assignment
* 9.2.0369: multiple definitions of STRING_INIT macro
* 9.2.0368: too many strlen() calls when adding strings to dicts
* 9.2.0367: runtime(netrw): ~ note expanded on MS Windows
* 9.2.0366: pum: flicker when updating pum in place
* 9.2.0365: using int as bool
* 9.2.0364: tests: test_smoothscroll_textoff_showbreak() fails
* 9.2.0363: Vim9: variable shadowed by script-local function
* 9.2.0362: division by zero with smoothscroll and small windows
* 9.2.0361: tests: no tests for ch_listen() with IPs
* 9.2.0360: Cannot handle mouse-clicks in the tabpanel
* 9.2.0359: wrong VertSplitNC highlighting on winbar
* 9.2.0358: runtime(vimball): still path traversal attacks possible
* 9.2.0357: [security]: command injection via backticks in tag files
* 9.2.0356: Cannot apply 'scrolloff' context lines at end of file
* 9.2.0355: runtime(tar): missing path traversal checks in tar#Extract()
* 9.2.0354: filetype: not all Bitbake include files are recognized
* 9.2.0353: Missing out-of-memory check in register.c
* 9.2.0352: 'winhighlight' of left window blends into right window
* 9.2.0351: repeat_string() can be improved
* 9.2.0350: Enabling modelines poses a risk
* 9.2.0349: cannot style non-current window separator
* 9.2.0348: potential buffer underrun when setting statusline like option
* 9.2.0347: Vim9: script-local variable not found
* 9.2.0346: Wrong cursor position when entering command line window
* 9.2.0345: Wrong autoformatting with 'autocomplete'
* 9.2.0344: channel: ch_listen() can bind to network interface
* 9.2.0343: tests: test_clientserver may fail on slower systems
* 9.2.0342: tests: test_excmd.vim leaves swapfiles behind
* 9.2.0341: some functions can be run from the sandbox
* 9.2.0340: pum_redraw() may cause flicker
* 9.2.0339: regexp: nfa_regmatch() allocates and frees too often
* 9.2.0338: Cannot handle mouseclicks in the tabline
* 9.2.0337: list indexing broken on big-endian 32-bit platforms
* 9.2.0336: libvterm: no terminal reflow support
* 9.2.0335: json_encode() uses recursive algorithm
* 9.2.0334: GTK: window geometry shrinks with with client-side decorations
* 9.2.0333: filetype: PklProject files are not recognized
* 9.2.0332: popup: still opacity rendering issues
* 9.2.0331: spellfile: stack buffer overflows in spell file generation
* 9.2.0330: tests: some patterns in tar and zip plugin tests not strict enough
* 9.2.0329: tests: test_indent.vim leaves swapfiles behind
* 9.2.0328: Cannot handle mouseclicks in the statusline
* 9.2.0327: filetype: uv scripts are not detected
* 9.2.0326: runtime(tar): but with dotted path
* 9.2.0325: runtime(tar): bug in zstd handling
* 9.2.0324: 0x9b byte not unescaped in <Cmd> mapping
* 9.2.0323: filetype: buf.lock files are not recognized
* 9.2.0322: tests: test_popupwin fails
* 9.2.0321: MS-Windows: No OpenType font support
* 9.2.0320: several bugs with text properties
* 9.2.0319: popup: rendering issues with partially transparent popups
* 9.2.0318: cannot configure opacity for popup menu
* 9.2.0317: listener functions do not check secure flag
* 9.2.0316: [security]: command injection in netbeans interface via defineAnnoType
* 9.2.0315: missing bound-checks
* 9.2.0314: channel: can bind to all network interfaces
* 9.2.0313: Callback channel not registered in GUI
* 9.2.0312: C-type names are marked as translatable
* 9.2.0311: redrawing logic with text properties can be improved
* 9.2.0310: unnecessary work in vim_strchr() and find_term_bykeys()
* 9.2.0309: Missing out-of-memory check to may_get_cmd_block()
* 9.2.0308: Error message E1547 is wrong
* 9.2.0307: more mismatches between return types and documentation
* 9.2.0306: runtime(tar): some issues with lz4 support
* 9.2.0305: mismatch between return types and documentation
* 9.2.0304: tests: test for 9.2.0285 doesn't always fail without the fix
* 9.2.0303: tests: zip plugin tests don't check for warning message properly
* 9.2.0302: runtime(netrw): RFC2396 decoding double escaping spaces
* 9.2.0301: Vim9: void function return value inconsistent
* 9.2.0300: The vimball plugin needs some love
* 9.2.0299: runtime(zip): may write using absolute paths
* 9.2.0298: Some internal variables are not modified
* 9.2.0297: libvterm: can improve CSI overflow code
* 9.2.0296: Redundant and incorrect integer pointer casts in drawline.c
* 9.2.0295: 'showcmd' shows wrong Visual block size with 'linebreak'
* 9.2.0294: if_lua: lua interface does not work with lua 5.5
* 9.2.0293: :packadd may lead to heap-buffer-overflow
* 9.2.0292: E340 internal error when using method call on void value
* 9.2.0291: too many strlen() calls
* 9.2.0290: Amiga: no support for AmigaOS 3.x
* 9.2.0289: 'linebreak' may lead to wrong Visual block highlighting
* 9.2.0288: libvterm: signed integer overflow parsing long CSI args
* 9.2.0287: filetype: not all ObjectScript routines are recognized
* 9.2.0286: still some unnecessary (int) casts in alloc()
* 9.2.0285: :syn sync grouphere may go beyond end of line
* 9.2.0284: tabpanel: crash when tabpanel expression returns variable line count
* 9.2.0283: unnecessary (int) casts before alloc() calls
* 9.2.0282: tests: Test_viminfo_len_overflow() fails
* 9.2.0281: tests: Test_netrw_FileUrlEdit.. fails on Windows
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:2031-1
Released: Wed May 20 11:34:19 2026
Summary: Security update for runc
Type: security
Severity: important
References:
This update for runc rebuilds it against the current go security release.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:2051-1
Released: Mon May 25 15:59:43 2026
Summary: Security update for xz
Type: security
Severity: important
References: 1261280,CVE-2026-34743
This update for xz fixes the following issue
- CVE-2026-34743: buffer overflow in lzma_index_append() (bsc#1261280).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2026:2061-1
Released: Tue May 26 07:14:34 2026
Summary: Recommended update for openssl-1_1
Type: recommended
Severity: moderate
References: 1250782
This update for openssl-1_1 fixes the following issues:
- Fix 30-test_fips_sli.t fails intermittently on s390x (bsc#1250782):
* Fix AES_GCM IV test sometimes failing on s390x.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:2074-1
Released: Tue May 26 14:35:51 2026
Summary: Security update for samba
Type: security
Severity: critical
References: 1261158,1261159,1261160,1261161,1261163,CVE-2026-2340,CVE-2026-3012,CVE-2026-3238,CVE-2026-4408,CVE-2026-4480
This update for samba fixes the following issues
- CVE-2026-2340: vfs_worm does not block directory modification (bsc#1261158).
- CVE-2026-3012: group policy certificate enrollment uses http: // without validation (bsc#1261159).
- CVE-2026-3238: unauthenticated udp packet crashes AD DC nbt server (bsc#1261160).
- CVE-2026-4408: Remote Code Execution in SAMR (bsc#1261163).
- CVE-2026-4480: Unauthenticated Remote Code Execution (bsc#1261161).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:2102-1
Released: Thu May 28 09:14:04 2026
Summary: Security update for xen
Type: security
Severity: important
References: 1262178,1262180,1262428,1264066,CVE-2025-54505,CVE-2025-54518,CVE-2026-23557,CVE-2026-23558
This update for xen fixes the following issues
- CVE-2025-54505: Floating Point Divider State Sampling on AMD CPUs AMD-SN-7053 (bsc#1262428).
- CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264066).
- CVE-2026-23557: Xenstored DoS via XS_RESET_WATCHES command (bsc#1262178).
- CVE-2026-23558: grant table v2 race in status page mapping (bsc#1262180).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:2115-1
Released: Fri May 29 17:27:13 2026
Summary: Security update for gnutls
Type: security
Severity: important
References: 1263704,1263705,1263707,1263708,1263709,1263710,1263711,1263712,1263713,1263714,1263715,1263716,CVE-2026-33845,CVE-2026-33846,CVE-2026-3833,CVE-2026-42009,CVE-2026-42010,CVE-2026-42011,CVE-2026-42012,CVE-2026-42013,CVE-2026-42014,CVE-2026-42015,CVE-2026-5260,CVE-2026-5419
This update for gnutls fixes the following issues
- CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive (bsc#1263707).
- CVE-2026-5260: lib/pkcs11_privkey: guard against overreading on short ciphertexts (bsc#1263715).
- CVE-2026-5419: gnutls_cipher_decrypt3: make PKCS#7 unpadding branch free (bsc#1263716).
- CVE-2026-33845: buffers: switch from end_offset over to frag_length (bsc#1263704).
- CVE-2026-33846: buffers: add more checks to DTLS reassembly (bsc#1263705).
- CVE-2026-42009: lib/buffers: ensure packets have differing sequence numbers (bsc#1263708).
- CVE-2026-42010: lib/auth/rsa_psk: fix binary PSK identity lookup (bsc#1263709).
- CVE-2026-42011: x509/name_constraints: fix intersecting empty constraints (bsc#1263710).
- CVE-2026-42012: x509/hostname-verify: make URI/SRV SAN preclude CN fallback (bsc#1263711).
- CVE-2026-42013: x509: prevent fallback on oversized SAN (bsc#1263712).
- CVE-2026-42014: pkcs11_write: fix UAF and leak in gnutls_pkcs11_token_set_pin (bsc#1263713).
- CVE-2026-42015: x509/pkcs12_bag: fix off-by-one in bag element bounds chec (bsc#1263714).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:2195-1
Released: Mon Jun 1 09:40:29 2026
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1234634,1243603,1248754,1253754,1258518,1258718,1258849,1258850,1258854,1258855,1258856,1258857,1258961,1259484,1259485,1259857,1260010,1260018,1260522,1260526,1261287,1261295,1261584,1261638,1261648,1261707,1261710,1261779,1261781,1261796,1261797,1262020,1262179,1262181,1262602,1262665,1262734,1262758,1263001,1263065,1263085,1263093,1263095,1263131,1263141,1263165,1263170,1263176,1263582,1263600,1263668,1263723,1263797,1263815,1263882,1263901,1263931,1263933,1264013,1264059,1264082,1264087,1264097,1264482,1264634,1264651,1264801,1264848,1265085,1265090,1265116,1265119,1265126,1265421,1265449,1265456,1265626,1265846,CVE-2023-2058,CVE-2025-54518,CVE-2026-23209,CVE-2026-23239,CVE-2026-23240,CVE-2026-23268,CVE-2026-23269,CVE-2026-23271,CVE-2026-23273,CVE-2026-23351,CVE-2026-23393,CVE-2026-23403,CVE-2026-23404,CVE-2026-23405,CVE-2026-23406,CVE-2026-23407,CVE-2026-23408,CVE-2026-23409,CVE-2026-23410,CVE-2026-23411,CVE-2026-23449,CVE-2026-23450,CVE-2026-23458,CVE-2026-23461,CV
E-2026-23462,CVE-2026-31402,CVE-2026-31403,CVE-2026-31408,CVE-2026-31436,CVE-2026-31470,CVE-2026-31504,CVE-2026-31505,CVE-2026-31507,CVE-2026-31512,CVE-2026-31528,CVE-2026-31533,CVE-2026-31570,CVE-2026-31586,CVE-2026-31588,CVE-2026-31602,CVE-2026-31607,CVE-2026-31622,CVE-2026-31649,CVE-2026-31656,CVE-2026-31662,CVE-2026-31669,CVE-2026-31685,CVE-2026-31694,CVE-2026-31700,CVE-2026-31738,CVE-2026-31787,CVE-2026-43025,CVE-2026-43027,CVE-2026-43038,CVE-2026-43044,CVE-2026-43050,CVE-2026-43110,CVE-2026-43120,CVE-2026-43126,CVE-2026-43190,CVE-2026-43214,CVE-2026-43329,CVE-2026-43330,CVE-2026-43334,CVE-2026-43365,CVE-2026-43366,CVE-2026-43437,CVE-2026-43494
The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2023-2058: x86/CPU: Fix FPDSS on Zen1 (bsc#1243603).
- CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache (bsc#1264013).
- CVE-2026-23239: espintcp: Fix race condition in espintcp_close() (bsc#1259485).
- CVE-2026-23240: tls: Fix race condition in tls_sw_cancel_work_tx() (bsc#1259484).
- CVE-2026-23271: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race (bsc#1260018).
- CVE-2026-23351: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase (bsc#1260526).
- CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260522).
- CVE-2026-23449: net/sched: teql: Fix double-free in teql_master_xmit (bsc#1261779).
- CVE-2026-23450: net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock() (bsc#1261584).
- CVE-2026-23458: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() (bsc#1261781).
- CVE-2026-23461: Bluetooth: L2CAP: Fix use-after-free in l2cap_unregister_user (bsc#1261707).
- CVE-2026-23462: Bluetooth: HIDP: Fix possible UAF (bsc#1261710).
- CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (bsc#1261638).
- CVE-2026-31403: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd (bsc#1261796).
- CVE-2026-31408: Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold (bsc#1261797).
- CVE-2026-31436: dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() (bsc#1262602).
- CVE-2026-31470: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (bsc#1262665).
- CVE-2026-31504: net: fix fanout UAF in packet_release() via NETDEV_UP race (bsc#1263085).
- CVE-2026-31505: iavf: fix out-of-bounds writes in iavf_get_ethtool_stats() (bsc#1263093).
- CVE-2026-31507: net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer (bsc#1263095).
- CVE-2026-31512: Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv()
(bsc#1262734).
- CVE-2026-31528: perf: Make sure to use pmu_ctx->pmu for groups (bsc#1263001).
- CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (bsc#1262758).
- CVE-2026-31570: can: gw: fix OOB heap access in cgw_csum_crc8_rel() (bsc#1263065).
- CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (bsc#1263176).
- CVE-2026-31588: KVM: x86: Use scratch field in MMIO fragment to hold small write values (bsc#1263165).
- CVE-2026-31602: ALSA: ctxfi: Limit PTP to a single page (bsc#1263723).
- CVE-2026-31607: usbip: validate number_of_packets in usbip_pack_ret_submit() (bsc#1263600).
- CVE-2026-31622: NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (bsc#1263797).
- CVE-2026-31649: net: stmmac: fix integer underflow in chain mode (bsc#1263582).
- CVE-2026-31656: drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (bsc#1263170).
- CVE-2026-31662: tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG (bsc#1263131).
- CVE-2026-31669: mptcp: fix slab-use-after-free in __inet_lookup_established (bsc#1263141).
- CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263668).
- CVE-2026-31694: fuse: reject oversized dirents in page cache (bsc#1263901).
- CVE-2026-31700: net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (bsc#1263882).
- CVE-2026-31738: vxlan: validate ND option lengths in vxlan_na_create (bsc#1264059).
- CVE-2026-31787: xen/privcmd: fix double free via VMA splitting (bsc#1262181).
- CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new expectations (bsc#1263931).
- CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect cleanup (bsc#1263933).
- CVE-2026-43038: ipv6: icmp: clear skb2->cb in ip6_err_gen_icmpv6_unreach() (bsc#1264097).
- CVE-2026-43044: crypto: caam - fix DMA corruption on long hmac keys (bsc#1264087).
- CVE-2026-43050: atm: lec: fix use-after-free in sock_def_readable() (bsc#1264082).
- CVE-2026-43110: wifi: brcmfmac: validate bsscfg indices in IF events (bsc#1264482).
- CVE-2026-43120: RDMA/irdma: Fix double free related to rereg_user_mr.
- CVE-2026-43126: ALSA: mixer: oss: Add card disconnect checkpoints (bsc#1264634).
- CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264848).
- CVE-2026-43214: KVM: x86: Add SRCU protection for reading PDPTRs in __get_sregs2() (bsc#1264651).
- CVE-2026-43329: netfilter: flowtable: strictly check for maximum number of actions (bsc#1265085).
- CVE-2026-43330: crypto: caam - fix overflow on long hmac keys (bsc#1264801).
- CVE-2026-43334: Bluetooth: SMP: force responder MITM requirements before building the pairing response (bsc#1265090).
- CVE-2026-43365: xfs: fix undersized l_iclog_roundoff values (bsc#1265119).
- CVE-2026-43366: io_uring/kbuf: check if target buffer list is still legacy on recycle (bsc#1265116).
- CVE-2026-43437: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (bsc#1265126).
- CVE-2026-43494: net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626).
The following non security issues were fixed:
- btrfs: reject root items with drop_progress and zero drop_level (git-fixes).
- btrfs: replace BUG() with error handling in __btrfs_balance() (git-fixes).
- check-for-config-changes: Exclude CC_MS_EXTENSIONS.
- check-for-config-changes: Exclude HAVE_CFI_ICALL_NORMALIZE_INTEGERS{,_RUSTC}.
- dm init: ensure device probing has finished in dm-mod.waitfor= (git-fixes).
- hv_sock: fix ARM64 support (git-fixes).
- ice: set max queues in alloc_etherdev_mqs() (git-fixes).
- kdump, documentation: describe craskernel CMA reservation (jsc#PED-7249).
- mkspec: Add signature to source list only when it exists.
- net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626).
- net/sched: fix pedit partial COW leading to page cache corruption (bsc#1265421).
- net: mana: Add MAC address to vPort logs and clarify error messages (git-fixes).
- net: mana: check xdp_rxq registration before unreg in mana_destroy_rxq() (git-fixes).
- net: mana: Don't overwrite port probe error with add_adev result (git-fixes).
- net: mana: Fix crash from unvalidated SHM offset read from BAR0 during FLR (bsc#1265846).
- net: mana: Fix EQ leak in mana_remove on NULL port (git-fixes).
- net: mana: Fix RX skb truesize accounting (bsc#1248754).
- net: mana: fix use-after-free in mana_hwc_destroy_channel() by reordering teardown (git-fixes).
- net: mana: Guard mana_remove against double invocation (git-fixes).
- net: mana: hardening: Validate adapter_mtu from MANA_QUERY_DEV_CONFIG (git-fixes).
- net: mana: hardening: Validate doorbell ID from GDMA_REGISTER_DEVICE response (git-fixes).
- net: mana: Init gf_stats_work before potential error paths in probe (git-fixes).
- net: mana: Init link_change_work before potential error paths in probe (git-fixes).
- net: mana: remove double CQ cleanup in mana_create_rxq error path (git-fixes).
- net: mana: Set default number of queues to 16 (bsc#1261648).
- net: mana: Skip WQ object destruction for uninitialized RXQ (git-fixes).
- net: mana: Use at least SZ_4K in doorbell ID range check (git-fixes).
- net: mana: Use pci_name() for debugfs directory naming (git-fixes).
- ocfs2: fix possible deadlock between unlink and dio_end_io_write (bsc#1258718).
- ocfs2: split transactions in dio completion to avoid credit exhaustion (bsc#1258718).
- PCI: hv: Set default NUMA node to 0 for devices without affinity info (git-fixes).
- RDMA/mana: Fix error unwind in mana_ib_create_qp_rss() (git-fixes).
- RDMA/mana: Fix mana_destroy_wq_obj() cleanup in mana_ib_create_qp_rss() (git-fixes).
- RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss() (git-fixes).
- RDMA/mana: Validate rx_hash_key_len (git-fixes).
- RDMA/mana_ib: cleanup the usage of mana_gd_send_request() (git-fixes).
- RDMA/mana_ib: Disable RX steering on RSS QP destroy (git-fixes).
- RDMA/mana_ib: Support memory windows (git-fixes).
- sched/balancing: Switch the 'DEFINE_SPINLOCK(balancing)' spinlock into an 'atomic_t sched_balance_running' flag
(bsc#1253754).
- sched/fair: Change likelyhood of nohz.nr_cpus (bsc#1234634 bsc#1258961).
- sched/fair: Have SD_SERIALIZE affect newidle balancing (bsc#1253754).
- sched/fair: Move checking for nohz cpus after time check (bsc#1234634 bsc#1258961).
- sched/fair: Remove nohz.nr_cpus and use weight of cpumask instead (bsc#1234634 bsc#1258961).
- sched/fair: Skip sched_balance_running cmpxchg when balance is not due (bsc#1253754).
- scsi: storvsc: Handle PERSISTENT_RESERVE_IN truncation for Hyper-V vFC (git-fixes).
- scsi: target: iscsi: validate CHAP_R length before base64 decode (bsc#1265449).
- tty: tty_io: update timestamps on all device nodes (bsc#1262020).
- virt: tdx-guest: Return error for GetQuote failures (git-fixes).
- workqueue: Break up enum definitions and give names to the types (bsc#1260522).
- workqueue: Clean up enum work_bits and related constants (bsc#1260522).
- workqueue: Factor out work_grab_pending() from __cancel_work_sync() (bsc#1260522).
- workqueue: Fix UBSAN 'subtraction overflow' error in shift_and_mask() (bsc#1260522).
- workqueue: Implement disable/enable for (delayed) work items (bsc#1260522).
- workqueue: Introduce work_cancel_flags (bsc#1260522).
- workqueue: Make @flags handling consistent across set_work_data() and friends (bsc#1260522).
- workqueue: Preserve OFFQ bits in cancel[_sync] paths (bsc#1260522).
- workqueue: Rename __cancel_work_timer() to __cancel_timer_sync() (bsc#1260522).
- workqueue: Reorganize flush and cancel[_sync] functions (bsc#1260522).
- Xarray: do not return sibling entries from xas_find_marked() (bsc#1263815).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:2231-1
Released: Wed Jun 3 12:57:18 2026
Summary: Security update for glibc
Type: security
Severity: important
References: 1261206,1262464,1262465,CVE-2026-4046,CVE-2026-5450,CVE-2026-5928
This update for glibc fixes the following issues
- CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an application (bsc#1261206).
- CVE-2026-5450: stdio-common: scanf %mc pattern will cause heap overflow when width > 1024 (bsc#1262465).
- CVE-2026-5928: libio: ungetwc could be used to leak data on special conditions (bsc#1262464).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:2236-1
Released: Wed Jun 3 13:00:40 2026
Summary: Security update for vim
Type: security
Severity: important
References: 1262395,1264706,1264707,1264708,1265349,1265360,CVE-2026-42307,CVE-2026-43961,CVE-2026-44656,CVE-2026-45130,CVE-2026-46483
This update for vim fixes the following issues
- CVE-2026-42307: Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin
bundled with Vim (bsc#1264706).
- CVE-2026-43961: Vimscript Code Injection in netrw NetrwMarkFile() via crafted filename (bsc#1265349).
- CVE-2026-44656: Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's: find command-line
completion (bsc#1264707).
- CVE-2026-45130: Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when
loading a crafted spell file (.spl) with UTF-8 encoding active (bsc#1264708).
- CVE-2026-46483: command injection via ` tar#Vimuntar()` in `runtime/autoload/tar.vim` when decompressing `.tgz`
archives on Unix-like systems (bsc#1265360).
Changes for vim:
- Update to v9.2.0530.
- Fix for incorrectly detecting scientific parameter files as bitbake recipies. (bsc#1262395)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:2261-1
Released: Wed Jun 3 17:32:08 2026
Summary: Security update for python-pyOpenSSL
Type: security
Severity: moderate
References: 1262803,CVE-2026-40475
This update for python-pyOpenSSL fixes the following issue
The following package changes have been done:
- glibc-locale-base-2.38-150600.14.49.1 updated
- glibc-2.38-150600.14.49.1 updated
- kernel-default-6.4.0-150600.23.112.1 updated
- libgnutls30-3.8.3-150600.4.20.1 updated
- liblzma5-5.4.1-150600.3.6.1 updated
- libopenssl1_1-1.1.1w-150600.5.29.1 updated
- python311-pyOpenSSL-23.2.0-150400.3.16.1 updated
- runc-1.3.4-150000.94.1 updated
- samba-client-libs-4.19.8+git.473.51d12fd320c-150600.3.26.1 updated
- scap-security-guide-0.1.80-150600.1.5 updated
- vim-data-common-9.2.0530-150500.20.52.1 updated
- vim-9.2.0530-150500.20.52.1 updated
- xen-libs-4.18.5_16-150600.3.45.1 updated
- xz-5.4.1-150600.3.6.1 updated
More information about the sle-container-updates
mailing list