SUSE-IU-2026:3754-1: Security update of suse/sl-micro/6.1/kvm-os-container

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Wed May 27 07:25:04 UTC 2026 

SUSE Image Update Advisory: suse/sl-micro/6.1/kvm-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:3754-1
Image Tags        : suse/sl-micro/6.1/kvm-os-container:2.2.1 , suse/sl-micro/6.1/kvm-os-container:2.2.1-5.131 , suse/sl-micro/6.1/kvm-os-container:latest
Image Release     : 5.131
Severity          : important
Type              : security
References        : 1196933 1205588 1206608 1207543 1208928 1232351 1241284 1244003
                        1244011 1244325 1244937 1245667 1246011 1246025 1247432 1249657
                        1250224 1251827 1252318 1254336 1254425 1254441 1254679 1255027
                        1261280 1261606 1262223 1262223 1264013 1264511 1264512 1264513
                        1264514 1264515 1265209 1265296 1265308 CVE-2024-2312 CVE-2025-10158
                        CVE-2025-11561 CVE-2025-54518 CVE-2026-27456 CVE-2026-29518 CVE-2026-34743
                        CVE-2026-41035 CVE-2026-41035 CVE-2026-43617 CVE-2026-43618 CVE-2026-43619
                        CVE-2026-43620 CVE-2026-45232 CVE-2026-46300 CVE-2026-46333 
-----------------------------------------------------------------

The container suse/sl-micro/6.1/kvm-os-container was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: 527
Released:    Fri May 15 11:43:59 2026
Summary:     Security update for rsync
Type:        security
Severity:    important
References:  1244325,1251827,1262223,CVE-2025-11561,CVE-2026-41035
This update for rsync fixes the following issue

- CVE-2026-41035: count of entries mismatch can lead to a use-after-free (bsc#1262223).

-----------------------------------------------------------------
Advisory ID: kernel-429
Released:    Fri May 15 14:22:55 2026
Summary:     Security update for the Linux Kernel
Type:        security
Severity:    important
References:  1264013,1265209,CVE-2025-54518,CVE-2026-46300

The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix various security issues

The following security issues were fixed:

- CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache (bsc#1264013).
- CVE-2026-46300: net: skbuff: propagate shared-frag marker through pskb_copy() (bsc#1265209).

The following non security issue was fixed:

- io-wq: check that the predecessor is hashed in io_wq_remove_pending() (git-fixes).

-----------------------------------------------------------------
Advisory ID: kernel-433
Released:    Tue May 19 20:07:04 2026
Summary:     Security update for the Linux Kernel
Type:        security
Severity:    important
References:  1265308,CVE-2026-46333

The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix one issue

- CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265308).

-----------------------------------------------------------------
Advisory ID: 539
Released:    Thu May 21 13:22:07 2026
Summary:     Security update for rsync
Type:        security
Severity:    important
References:  1254441,1255027,1262223,1264511,1264512,1264513,1264514,1264515,1265296,CVE-2025-10158,CVE-2026-29518,CVE-2026-41035,CVE-2026-43617,CVE-2026-43618,CVE-2026-43619,CVE-2026-43620,CVE-2026-45232
This update for rsync fixes the following issues

- CVE-2026-29518: Symlink-Race TOCTOU in Daemon (bsc#1264511).
- CVE-2026-43617: Authorization Bypass via Hostname Resolution (bsc#1264515).
- CVE-2026-43618: Integer Overflow Information Disclosure (bsc#1264512).
- CVE-2026-43619: Symlink Race Condition via Path-Based Syscalls (bsc#1264514).
- CVE-2026-43620: Out-of-Bounds Array Read via recv_files() (bsc#1264513).
- CVE-2026-45232: Off-by-one stack OOB write in HTTP CONNECT proxy response parsing (bsc#1265296).

-----------------------------------------------------------------
Advisory ID: 541
Released:    Thu May 21 14:22:14 2026
Summary:     Security update for xz
Type:        security
Severity:    important
References:  1205588,1247432,1254336,1254679,1261280,CVE-2024-2312,CVE-2026-34743
This update for xz fixes the following issue

- CVE-2026-34743: buffer overflow in lzma_index_append() (bsc#1261280).

-----------------------------------------------------------------
Advisory ID: 540
Released:    Thu May 21 14:40:13 2026
Summary:     Security update for util-linux
Type:        security
Severity:    moderate
References:  1196933,1206608,1207543,1208928,1232351,1241284,1244003,1244011,1244937,1245667,1246011,1246025,1249657,1250224,1252318,1254425,1261606,CVE-2026-27456
This update for util-linux fixes the following issue

- CVE-2026-27456: TOCTOU in the mount program when setting up loop devices (bsc#1261606).


The following package changes have been done:

- glibc-2.38-slfo.1.1_8.1 updated
- libuuid1-2.40.4-slfo.1.1_6.1 updated
- libsmartcols1-2.40.4-slfo.1.1_6.1 updated
- liblzma5-5.4.3-slfo.1.1_3.1 updated
- libblkid1-2.40.4-slfo.1.1_6.1 updated
- libmount1-2.40.4-slfo.1.1_6.1 updated
- libfdisk1-2.40.4-slfo.1.1_6.1 updated
- xz-5.4.3-slfo.1.1_3.1 updated
- util-linux-2.40.4-slfo.1.1_6.1 updated
- SL-Micro-release-6.1-slfo.1.12.43 updated
- util-linux-systemd-2.40.4-slfo.1.1_6.1 updated
- kernel-default-base-6.4.0-45.1.21.22 updated
- glibc-locale-base-2.38-slfo.1.1_8.1 updated
- rsync-3.3.0-slfo.1.1_6.1 updated
- container:SL-Micro-base-container-2.2.1-5.131 updated

More information about the sle-container-updates mailing list