SUSE-IU-2026:3755-1: Security update of suse/sl-micro/6.1/rt-os-container

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Wed May 27 07:27:02 UTC 2026 

SUSE Image Update Advisory: suse/sl-micro/6.1/rt-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:3755-1
Image Tags        : suse/sl-micro/6.1/rt-os-container:2.2.1 , suse/sl-micro/6.1/rt-os-container:2.2.1-5.122 , suse/sl-micro/6.1/rt-os-container:latest
Image Release     : 5.122
Severity          : important
Type              : security
References        : 1196933 1205588 1206608 1207543 1208928 1232351 1241284 1244003
                        1244011 1244325 1244937 1245667 1246011 1246025 1247432 1249657
                        1250224 1251827 1252318 1254336 1254425 1254441 1254679 1255027
                        1261280 1261606 1262223 1262223 1264013 1264450 1264511 1264512
                        1264513 1264514 1264515 1265209 1265296 1265308 CVE-2024-2312
                        CVE-2025-10158 CVE-2025-11561 CVE-2025-54518 CVE-2026-27456 CVE-2026-29518
                        CVE-2026-34743 CVE-2026-41035 CVE-2026-41035 CVE-2026-43500 CVE-2026-43617
                        CVE-2026-43618 CVE-2026-43619 CVE-2026-43620 CVE-2026-45232 CVE-2026-46300
                        CVE-2026-46333 
-----------------------------------------------------------------

The container suse/sl-micro/6.1/rt-os-container was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: 527
Released:    Fri May 15 11:43:59 2026
Summary:     Security update for rsync
Type:        security
Severity:    important
References:  1244325,1251827,1262223,CVE-2025-11561,CVE-2026-41035
This update for rsync fixes the following issue

- CVE-2026-41035: count of entries mismatch can lead to a use-after-free (bsc#1262223).

-----------------------------------------------------------------
Advisory ID: kernel-427
Released:    Fri May 15 18:43:03 2026
Summary:     Security update for the Linux Kernel
Type:        security
Severity:    important
References:  1264013,1264450,1265209,CVE-2025-54518,CVE-2026-43500,CVE-2026-46300

The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 RT kernel was updated to fix various security issues

The following security issues were fixed:

- CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache (bsc#1264013).
- CVE-2026-46300: net: skbuff: propagate shared-frag marker through pskb_copy() (bsc#1265209).
- CVE-2026-43500: rxrpc: unshare DATA/RESPONSE packets when paged frags are present (bsc#1264450).

The following non security issues were fixed:

- config: s390x/ppc64le: disable unsupported CONFIG_AFS_FS and CONFIG_AF_RXRPC (bsc#1264450).
- io-wq: check that the predecessor is hashed in io_wq_remove_pending() (git-fixes).

-----------------------------------------------------------------
Advisory ID: kernel-431
Released:    Tue May 19 17:51:11 2026
Summary:     Security update for the Linux Kernel
Type:        security
Severity:    important
References:  1265308,CVE-2026-46333

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.


The following security bugs were fixed:

- CVE-2026-46333:ptrace: slightly saner 'get_dumpable()' logic (bsc#1265308).

-----------------------------------------------------------------
Advisory ID: 539
Released:    Thu May 21 13:22:07 2026
Summary:     Security update for rsync
Type:        security
Severity:    important
References:  1254441,1255027,1262223,1264511,1264512,1264513,1264514,1264515,1265296,CVE-2025-10158,CVE-2026-29518,CVE-2026-41035,CVE-2026-43617,CVE-2026-43618,CVE-2026-43619,CVE-2026-43620,CVE-2026-45232
This update for rsync fixes the following issues

- CVE-2026-29518: Symlink-Race TOCTOU in Daemon (bsc#1264511).
- CVE-2026-43617: Authorization Bypass via Hostname Resolution (bsc#1264515).
- CVE-2026-43618: Integer Overflow Information Disclosure (bsc#1264512).
- CVE-2026-43619: Symlink Race Condition via Path-Based Syscalls (bsc#1264514).
- CVE-2026-43620: Out-of-Bounds Array Read via recv_files() (bsc#1264513).
- CVE-2026-45232: Off-by-one stack OOB write in HTTP CONNECT proxy response parsing (bsc#1265296).

-----------------------------------------------------------------
Advisory ID: 541
Released:    Thu May 21 14:22:14 2026
Summary:     Security update for xz
Type:        security
Severity:    important
References:  1205588,1247432,1254336,1254679,1261280,CVE-2024-2312,CVE-2026-34743
This update for xz fixes the following issue

- CVE-2026-34743: buffer overflow in lzma_index_append() (bsc#1261280).

-----------------------------------------------------------------
Advisory ID: 540
Released:    Thu May 21 14:40:13 2026
Summary:     Security update for util-linux
Type:        security
Severity:    moderate
References:  1196933,1206608,1207543,1208928,1232351,1241284,1244003,1244011,1244937,1245667,1246011,1246025,1249657,1250224,1252318,1254425,1261606,CVE-2026-27456
This update for util-linux fixes the following issue

- CVE-2026-27456: TOCTOU in the mount program when setting up loop devices (bsc#1261606).


The following package changes have been done:

- glibc-2.38-slfo.1.1_8.1 updated
- libuuid1-2.40.4-slfo.1.1_6.1 updated
- libsmartcols1-2.40.4-slfo.1.1_6.1 updated
- liblzma5-5.4.3-slfo.1.1_3.1 updated
- libblkid1-2.40.4-slfo.1.1_6.1 updated
- libmount1-2.40.4-slfo.1.1_6.1 updated
- libfdisk1-2.40.4-slfo.1.1_6.1 updated
- xz-5.4.3-slfo.1.1_3.1 updated
- util-linux-2.40.4-slfo.1.1_6.1 updated
- SL-Micro-release-6.1-slfo.1.12.43 updated
- util-linux-systemd-2.40.4-slfo.1.1_6.1 updated
- glibc-locale-base-2.38-slfo.1.1_8.1 updated
- rsync-3.3.0-slfo.1.1_6.1 updated
- kernel-rt-6.4.0-46.1 updated
- container:SL-Micro-container-2.2.1-7.107 updated

More information about the sle-container-updates mailing list