SUSE-IU-2026:3295-1: Security update of suse/sl-micro/6.0/base-os-container
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Tue May 12 07:19:20 UTC 2026
SUSE Image Update Advisory: suse/sl-micro/6.0/base-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:3295-1
Image Tags : suse/sl-micro/6.0/base-os-container:2.1.3 , suse/sl-micro/6.0/base-os-container:2.1.3-7.142 , suse/sl-micro/6.0/base-os-container:latest
Image Release : 7.142
Severity : moderate
Type : security
References : 1252930 1252931 1252932 1252933 1252934 1252935 1258907 1258909
1263726 1263728 1263729 1263731 1263732 1263733 1263734 1263735
1263736 1263737 1263739 1263741 1263742 1263743 1263744 1263745
1263746 1263747 1263749 1263750 1263751 1263752 1263753 1263754
1263756 1263757 1263762 1263765 1263766 1263767 1263809 CVE-2025-54770
CVE-2025-54771 CVE-2025-61661 CVE-2025-61662 CVE-2025-61663 CVE-2025-61664
CVE-2026-3201 CVE-2026-3203 CVE-2026-5299 CVE-2026-5401 CVE-2026-5403
CVE-2026-5404 CVE-2026-5405 CVE-2026-5406 CVE-2026-5407 CVE-2026-5408
CVE-2026-5409 CVE-2026-5653 CVE-2026-5654 CVE-2026-5656 CVE-2026-5657
CVE-2026-6519 CVE-2026-6520 CVE-2026-6521 CVE-2026-6522 CVE-2026-6523
CVE-2026-6524 CVE-2026-6527 CVE-2026-6529 CVE-2026-6530 CVE-2026-6531
CVE-2026-6532 CVE-2026-6533 CVE-2026-6534 CVE-2026-6535 CVE-2026-6537
CVE-2026-6538 CVE-2026-6868 CVE-2026-6869
-----------------------------------------------------------------
The container suse/sl-micro/6.0/base-os-container was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: 702
Released: Mon May 11 10:48:36 2026
Summary: Security update for grub2
Type: security
Severity: moderate
References: 1252930,1252931,1252932,1252933,1252934,1252935,1258907,1258909,1263726,1263728,1263729,1263731,1263732,1263733,1263734,1263735,1263736,1263737,1263739,1263741,1263742,1263743,1263744,1263745,1263746,1263747,1263749,1263750,1263751,1263752,1263753,1263754,1263756,1263757,1263762,1263765,1263766,1263767,1263809,CVE-2025-54770,CVE-2025-54771,CVE-2025-61661,CVE-2025-61662,CVE-2025-61663,CVE-2025-61664,CVE-2026-3201,CVE-2026-3203,CVE-2026-5299,CVE-2026-5401,CVE-2026-5403,CVE-2026-5404,CVE-2026-5405,CVE-2026-5406,CVE-2026-5407,CVE-2026-5408,CVE-2026-5409,CVE-2026-5653,CVE-2026-5654,CVE-2026-5656,CVE-2026-5657,CVE-2026-6519,CVE-2026-6520,CVE-2026-6521,CVE-2026-6522,CVE-2026-6523,CVE-2026-6524,CVE-2026-6527,CVE-2026-6529,CVE-2026-6530,CVE-2026-6531,CVE-2026-6532,CVE-2026-6533,CVE-2026-6534,CVE-2026-6535,CVE-2026-6537,CVE-2026-6538,CVE-2026-6868,CVE-2026-6869
This update for grub2 fixes the following issues
- CVE-2025-54770: Missing unregister call for net_set_vlan command may lead to use-after-free (bsc#1252930).
- CVE-2025-54771: grub_file_close() does not properly controls the fs refcount (bsc#1252931).
- CVE-2025-61661: Out-of-bounds write in grub_usb_get_string() function (bsc#1252932).
- CVE-2025-61662: Missing unregister call for gettext command may lead to use-after-free (bsc#1252933).
- CVE-2025-61663: Missing unregister call for normal commands may lead to use-after-free (bsc#1252934).
- CVE-2025-61664: Missing unregister call for normal_exit command may lead to use-after-free (bsc#1252935).
Changes for grub2:
- Bump upstream SBAT generation to 6
The following package changes have been done:
- grub2-2.12~rc1-8.1 updated
- grub2-i386-pc-2.12~rc1-8.1 updated
- grub2-x86_64-efi-2.12~rc1-8.1 updated
More information about the sle-container-updates
mailing list