From null at suse.de Mon Jun 1 08:30:17 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 08:30:17 -0000 Subject: SUSE-SU-2026:2176-1: important: Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 15 SP7) Message-ID: <178030261731.1001.5613653291027189823@b43247fbb5ff> # Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 15 SP7) Announcement ID: SUSE-SU-2026:2176-1 Release Date: 2026-05-31T19:36:24Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.6 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2175=1 SUSE-2026-2177=1 SUSE-2026-2176=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-2176=1 SUSE-SLE- Module-Live-Patching-15-SP6-2026-2175=1 SUSE-SLE-Module-Live- Patching-15-SP6-2026-2177=1 * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-2179=1 SUSE-SLE- Module-Live-Patching-15-SP7-2026-2180=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_15-debugsource-12-150600.2.1 * kernel-livepatch-6_4_0-150600_23_84-default-debuginfo-7-150600.2.1 * kernel-livepatch-6_4_0-150600_23_73-default-9-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_16-debugsource-9-150600.2.1 * kernel-livepatch-6_4_0-150600_23_70-default-debuginfo-12-150600.2.1 * kernel-livepatch-6_4_0-150600_23_70-default-12-150600.2.1 * kernel-livepatch-6_4_0-150600_23_84-default-7-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_19-debugsource-7-150600.2.1 * kernel-livepatch-6_4_0-150600_23_73-default-debuginfo-9-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_15-debugsource-12-150600.2.1 * kernel-livepatch-6_4_0-150600_23_84-default-debuginfo-7-150600.2.1 * kernel-livepatch-6_4_0-150600_23_73-default-9-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_16-debugsource-9-150600.2.1 * kernel-livepatch-6_4_0-150600_23_70-default-debuginfo-12-150600.2.1 * kernel-livepatch-6_4_0-150600_23_70-default-12-150600.2.1 * kernel-livepatch-6_4_0-150600_23_84-default-7-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_19-debugsource-7-150600.2.1 * kernel-livepatch-6_4_0-150600_23_73-default-debuginfo-9-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP7 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP7_Update_2-debugsource-16-150700.2.1 * kernel-livepatch-6_4_0-150700_53_6-default-16-150700.2.1 * kernel-livepatch-6_4_0-150700_53_3-default-debuginfo-17-150700.2.1 * kernel-livepatch-SLE15-SP7_Update_1-debugsource-17-150700.2.1 * kernel-livepatch-6_4_0-150700_53_6-default-debuginfo-16-150700.2.1 * kernel-livepatch-6_4_0-150700_53_3-default-17-150700.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 08:30:30 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 08:30:30 -0000 Subject: SUSE-SU-2026:2178-1: important: Security update for the Linux Kernel (Live Patch 78 for SUSE Linux Enterprise 12 SP5) Message-ID: <178030263082.1001.15501348941330563783@b43247fbb5ff> # Security update for the Linux Kernel (Live Patch 78 for SUSE Linux Enterprise 12 SP5) Announcement ID: SUSE-SU-2026:2178-1 Release Date: 2026-05-31T19:04:38Z Rating: important References: * bsc#1259798 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 4.12.14-122.296 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2026-2178=1 SUSE-SLE-Live- Patching-12-SP5-2026-2174=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_266-default-16-2.1 * kgraft-patch-4_12_14-122_296-default-4-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 08:30:39 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 08:30:39 -0000 Subject: SUSE-SU-2026:2168-1: important: Security update for the Linux Kernel (Live Patch 76 for SUSE Linux Enterprise 12 SP5) Message-ID: <178030263904.1001.12329737446744931862@b43247fbb5ff> # Security update for the Linux Kernel (Live Patch 76 for SUSE Linux Enterprise 12 SP5) Announcement ID: SUSE-SU-2026:2168-1 Release Date: 2026-05-31T12:34:00Z Rating: important References: * bsc#1259798 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 4.12.14-122.290 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2026-2168=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_290-default-8-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 08:30:49 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 08:30:49 -0000 Subject: SUSE-SU-2026:2172-1: important: Security update for the Linux Kernel (Live Patch 21 for SUSE Linux Enterprise 15 SP6) Message-ID: <178030264992.1001.6159651829981622800@b43247fbb5ff> # Security update for the Linux Kernel (Live Patch 21 for SUSE Linux Enterprise 15 SP6) Announcement ID: SUSE-SU-2026:2172-1 Release Date: 2026-05-31T15:06:21Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.92 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2172=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-2172=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2170=1 SUSE-2026-2171=1 SUSE-2026-2165=1 SUSE-2026-2166=1 SUSE-2026-2167=1 SUSE-2026-2173=1 SUSE-2026-2169=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-2170=1 SUSE-SLE- Module-Live-Patching-15-SP6-2026-2171=1 SUSE-SLE-Module-Live- Patching-15-SP6-2026-2165=1 SUSE-SLE-Module-Live-Patching-15-SP6-2026-2166=1 SUSE-SLE-Module-Live-Patching-15-SP6-2026-2167=1 SUSE-SLE-Module-Live- Patching-15-SP6-2026-2173=1 SUSE-SLE-Module-Live-Patching-15-SP6-2026-2169=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_130-default-debuginfo-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_130-default-8-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_33-debugsource-8-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_130-default-debuginfo-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_130-default-8-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_33-debugsource-8-150500.2.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_50-default-debuginfo-18-150600.2.1 * kernel-livepatch-6_4_0-150600_23_81-default-debuginfo-7-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_13-debugsource-16-150600.2.1 * kernel-livepatch-6_4_0-150600_23_65-default-12-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_20-debugsource-6-150600.2.1 * kernel-livepatch-6_4_0-150600_23_60-default-debuginfo-16-150600.2.1 * kernel-livepatch-6_4_0-150600_23_50-default-18-150600.2.1 * kernel-livepatch-6_4_0-150600_23_60-default-16-150600.2.1 * kernel-livepatch-6_4_0-150600_23_92-default-4-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_14-debugsource-12-150600.2.1 * kernel-livepatch-6_4_0-150600_23_87-default-6-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_11-debugsource-18-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_21-debugsource-4-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_12-debugsource-18-150600.2.1 * kernel-livepatch-6_4_0-150600_23_53-default-18-150600.2.1 * kernel-livepatch-6_4_0-150600_23_81-default-7-150600.2.1 * kernel-livepatch-6_4_0-150600_23_65-default-debuginfo-12-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_18-debugsource-7-150600.2.1 * kernel-livepatch-6_4_0-150600_23_53-default-debuginfo-18-150600.2.1 * kernel-livepatch-6_4_0-150600_23_87-default-debuginfo-6-150600.2.1 * kernel-livepatch-6_4_0-150600_23_92-default-debuginfo-4-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_50-default-debuginfo-18-150600.2.1 * kernel-livepatch-6_4_0-150600_23_81-default-debuginfo-7-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_13-debugsource-16-150600.2.1 * kernel-livepatch-6_4_0-150600_23_65-default-12-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_20-debugsource-6-150600.2.1 * kernel-livepatch-6_4_0-150600_23_60-default-debuginfo-16-150600.2.1 * kernel-livepatch-6_4_0-150600_23_50-default-18-150600.2.1 * kernel-livepatch-6_4_0-150600_23_60-default-16-150600.2.1 * kernel-livepatch-6_4_0-150600_23_92-default-4-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_14-debugsource-12-150600.2.1 * kernel-livepatch-6_4_0-150600_23_87-default-6-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_11-debugsource-18-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_21-debugsource-4-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_12-debugsource-18-150600.2.1 * kernel-livepatch-6_4_0-150600_23_53-default-18-150600.2.1 * kernel-livepatch-6_4_0-150600_23_81-default-7-150600.2.1 * kernel-livepatch-6_4_0-150600_23_65-default-debuginfo-12-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_18-debugsource-7-150600.2.1 * kernel-livepatch-6_4_0-150600_23_53-default-debuginfo-18-150600.2.1 * kernel-livepatch-6_4_0-150600_23_87-default-debuginfo-6-150600.2.1 * kernel-livepatch-6_4_0-150600_23_92-default-debuginfo-4-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 08:31:01 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 08:31:01 -0000 Subject: SUSE-SU-2026:2159-1: important: Security update for the Linux Kernel (Live Patch 36 for SUSE Linux Enterprise 15 SP5) Message-ID: <178030266198.1001.5566484922552376915@b43247fbb5ff> # Security update for the Linux Kernel (Live Patch 36 for SUSE Linux Enterprise 15 SP5) Announcement ID: SUSE-SU-2026:2159-1 Release Date: 2026-05-31T11:35:08Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.141 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2159=1 SUSE-2026-2160=1 SUSE-2026-2155=1 SUSE-2026-2162=1 SUSE-2026-2163=1 SUSE-2026-2164=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-2159=1 SUSE-SLE- Module-Live-Patching-15-SP5-2026-2160=1 SUSE-SLE-Module-Live- Patching-15-SP5-2026-2155=1 SUSE-SLE-Module-Live-Patching-15-SP5-2026-2162=1 SUSE-SLE-Module-Live-Patching-15-SP5-2026-2163=1 SUSE-SLE-Module-Live- Patching-15-SP5-2026-2164=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_133-default-8-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_32-debugsource-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_133-default-debuginfo-8-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_29-debugsource-16-150500.2.1 * kernel-livepatch-5_14_21-150500_55_127-default-debuginfo-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_116-default-debuginfo-16-150500.2.1 * kernel-livepatch-5_14_21-150500_55_124-default-debuginfo-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_127-default-8-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_31-debugsource-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_136-default-7-150500.2.1 * kernel-livepatch-5_14_21-150500_55_136-default-debuginfo-7-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_35-debugsource-7-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_34-debugsource-8-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_36-debugsource-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_141-default-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_141-default-debuginfo-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_124-default-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_116-default-16-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_133-default-8-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_32-debugsource-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_133-default-debuginfo-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_127-default-debuginfo-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_116-default-debuginfo-16-150500.2.1 * kernel-livepatch-5_14_21-150500_55_124-default-debuginfo-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_127-default-8-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_31-debugsource-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_136-default-7-150500.2.1 * kernel-livepatch-5_14_21-150500_55_136-default-debuginfo-7-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_35-debugsource-7-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_34-debugsource-8-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_36-debugsource-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_141-default-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_141-default-debuginfo-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_124-default-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_116-default-16-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x) * kernel-livepatch-SLE15-SP5_Update_29-debugsource-16-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 08:31:12 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 08:31:12 -0000 Subject: SUSE-SU-2026:2158-1: important: Security update for the Linux Kernel (Live Patch 49 for SUSE Linux Enterprise 15 SP4) Message-ID: <178030267296.1001.11592709520708981874@b43247fbb5ff> # Security update for the Linux Kernel (Live Patch 49 for SUSE Linux Enterprise 15 SP4) Announcement ID: SUSE-SU-2026:2158-1 Release Date: 2026-05-31T11:34:13Z Rating: important References: * bsc#1259798 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.197 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2158=1 SUSE-2026-2161=1 SUSE-2026-2156=1 SUSE-2026-2154=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-2158=1 SUSE-SLE- Module-Live-Patching-15-SP4-2026-2161=1 SUSE-SLE-Module-Live- Patching-15-SP4-2026-2156=1 SUSE-SLE-Module-Live-Patching-15-SP4-2026-2154=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_187-default-debuginfo-8-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_49-debugsource-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_187-default-8-150400.2.1 * kernel-livepatch-5_14_21-150400_24_194-default-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_184-default-8-150400.2.1 * kernel-livepatch-5_14_21-150400_24_197-default-debuginfo-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_184-default-debuginfo-8-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_48-debugsource-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_197-default-4-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_47-debugsource-8-150400.2.1 * kernel-livepatch-5_14_21-150400_24_194-default-debuginfo-6-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_46-debugsource-8-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_187-default-debuginfo-8-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_49-debugsource-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_187-default-8-150400.2.1 * kernel-livepatch-5_14_21-150400_24_194-default-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_184-default-8-150400.2.1 * kernel-livepatch-5_14_21-150400_24_197-default-debuginfo-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_184-default-debuginfo-8-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_48-debugsource-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_197-default-4-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_47-debugsource-8-150400.2.1 * kernel-livepatch-5_14_21-150400_24_194-default-debuginfo-6-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_46-debugsource-8-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 08:31:22 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 08:31:22 -0000 Subject: SUSE-SU-2026:2153-1: important: Security update for the Linux Kernel (Live Patch 74 for SUSE Linux Enterprise 12 SP5) Message-ID: <178030268205.1001.11267475792501752074@b43247fbb5ff> # Security update for the Linux Kernel (Live Patch 74 for SUSE Linux Enterprise 12 SP5) Announcement ID: SUSE-SU-2026:2153-1 Release Date: 2026-05-31T10:05:53Z Rating: important References: * bsc#1259798 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 4.12.14-122.280 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2026-2153=1 SUSE-SLE-Live- Patching-12-SP5-2026-2157=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_280-default-8-2.1 * kgraft-patch-4_12_14-122_272-default-12-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 08:31:33 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 08:31:33 -0000 Subject: SUSE-SU-2026:2149-1: important: Security update for the Linux Kernel (Live Patch 30 for SUSE Linux Enterprise 15 SP5) Message-ID: <178030269394.1001.3971516489681605963@b43247fbb5ff> # Security update for the Linux Kernel (Live Patch 30 for SUSE Linux Enterprise 15 SP5) Announcement ID: SUSE-SU-2026:2149-1 Release Date: 2026-05-31T07:07:02Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.121 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2150=1 SUSE-2026-2151=1 SUSE-2026-2152=1 SUSE-2026-2149=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-2150=1 SUSE-SLE- Module-Live-Patching-15-SP5-2026-2151=1 SUSE-SLE-Module-Live- Patching-15-SP5-2026-2152=1 SUSE-SLE-Module-Live-Patching-15-SP5-2026-2149=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_27-debugsource-19-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_26-debugsource-20-150500.2.1 * kernel-livepatch-5_14_21-150500_55_103-default-debuginfo-20-150500.2.1 * kernel-livepatch-5_14_21-150500_55_103-default-20-150500.2.1 * kernel-livepatch-5_14_21-150500_55_113-default-debuginfo-18-150500.2.1 * kernel-livepatch-5_14_21-150500_55_121-default-13-150500.2.1 * kernel-livepatch-5_14_21-150500_55_121-default-debuginfo-13-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_30-debugsource-13-150500.2.1 * kernel-livepatch-5_14_21-150500_55_110-default-debuginfo-19-150500.2.1 * kernel-livepatch-5_14_21-150500_55_110-default-19-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_28-debugsource-18-150500.2.1 * kernel-livepatch-5_14_21-150500_55_113-default-18-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_27-debugsource-19-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_26-debugsource-20-150500.2.1 * kernel-livepatch-5_14_21-150500_55_103-default-debuginfo-20-150500.2.1 * kernel-livepatch-5_14_21-150500_55_103-default-20-150500.2.1 * kernel-livepatch-5_14_21-150500_55_113-default-debuginfo-18-150500.2.1 * kernel-livepatch-5_14_21-150500_55_121-default-13-150500.2.1 * kernel-livepatch-5_14_21-150500_55_121-default-debuginfo-13-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_30-debugsource-13-150500.2.1 * kernel-livepatch-5_14_21-150500_55_110-default-debuginfo-19-150500.2.1 * kernel-livepatch-5_14_21-150500_55_110-default-19-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_28-debugsource-18-150500.2.1 * kernel-livepatch-5_14_21-150500_55_113-default-18-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 08:31:44 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 08:31:44 -0000 Subject: SUSE-SU-2026:2141-1: important: Security update for the Linux Kernel (Live Patch 45 for SUSE Linux Enterprise 15 SP4) Message-ID: <178030270414.1001.1669772122098264182@b43247fbb5ff> # Security update for the Linux Kernel (Live Patch 45 for SUSE Linux Enterprise 15 SP4) Announcement ID: SUSE-SU-2026:2141-1 Release Date: 2026-05-31T04:35:52Z Rating: important References: * bsc#1259798 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.179 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2141=1 SUSE-2026-2142=1 SUSE-2026-2145=1 SUSE-2026-2143=1 SUSE-2026-2146=1 SUSE-2026-2147=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-2141=1 SUSE-SLE- Module-Live-Patching-15-SP4-2026-2142=1 SUSE-SLE-Module-Live- Patching-15-SP4-2026-2145=1 SUSE-SLE-Module-Live-Patching-15-SP4-2026-2143=1 SUSE-SLE-Module-Live-Patching-15-SP4-2026-2146=1 SUSE-SLE-Module-Live- Patching-15-SP4-2026-2147=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_167-default-19-150400.2.1 * kernel-livepatch-5_14_21-150400_24_164-default-20-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_44-debugsource-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_164-default-debuginfo-20-150400.2.1 * kernel-livepatch-5_14_21-150400_24_170-default-18-150400.2.1 * kernel-livepatch-5_14_21-150400_24_173-default-debuginfo-15-150400.2.1 * kernel-livepatch-5_14_21-150400_24_167-default-debuginfo-19-150400.2.1 * kernel-livepatch-5_14_21-150400_24_176-default-debuginfo-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_179-default-debuginfo-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_170-default-debuginfo-18-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_41-debugsource-19-150400.2.1 * kernel-livepatch-5_14_21-150400_24_173-default-15-150400.2.1 * kernel-livepatch-5_14_21-150400_24_176-default-14-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_43-debugsource-15-150400.2.1 * kernel-livepatch-5_14_21-150400_24_179-default-12-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_45-debugsource-12-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_42-debugsource-18-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_40-debugsource-20-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_167-default-19-150400.2.1 * kernel-livepatch-5_14_21-150400_24_164-default-20-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_44-debugsource-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_164-default-debuginfo-20-150400.2.1 * kernel-livepatch-5_14_21-150400_24_170-default-18-150400.2.1 * kernel-livepatch-5_14_21-150400_24_173-default-debuginfo-15-150400.2.1 * kernel-livepatch-5_14_21-150400_24_167-default-debuginfo-19-150400.2.1 * kernel-livepatch-5_14_21-150400_24_176-default-debuginfo-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_179-default-debuginfo-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_170-default-debuginfo-18-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_41-debugsource-19-150400.2.1 * kernel-livepatch-5_14_21-150400_24_173-default-15-150400.2.1 * kernel-livepatch-5_14_21-150400_24_176-default-14-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_43-debugsource-15-150400.2.1 * kernel-livepatch-5_14_21-150400_24_179-default-12-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_45-debugsource-12-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_42-debugsource-18-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_40-debugsource-20-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 08:31:53 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 08:31:53 -0000 Subject: SUSE-SU-2026:2148-1: important: Security update for the Linux Kernel (Live Patch 77 for SUSE Linux Enterprise 12 SP5) Message-ID: <178030271305.1001.6990194135323668596@b43247fbb5ff> # Security update for the Linux Kernel (Live Patch 77 for SUSE Linux Enterprise 12 SP5) Announcement ID: SUSE-SU-2026:2148-1 Release Date: 2026-05-31T06:04:02Z Rating: important References: * bsc#1259798 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 4.12.14-122.293 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2026-2139=1 SUSE-SLE-Live- Patching-12-SP5-2026-2144=1 SUSE-SLE-Live-Patching-12-SP5-2026-2148=1 SUSE-SLE- Live-Patching-12-SP5-2026-2140=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_283-default-8-2.1 * kgraft-patch-4_12_14-122_293-default-7-2.1 * kgraft-patch-4_12_14-122_269-default-13-2.1 * kgraft-patch-4_12_14-122_275-default-10-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 08:32:00 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 08:32:00 -0000 Subject: SUSE-SU-2026:2137-1: important: Security update for the Linux Kernel (Live Patch 69 for SUSE Linux Enterprise 12 SP5) Message-ID: <178030272067.1001.15816845681511056697@b43247fbb5ff> # Security update for the Linux Kernel (Live Patch 69 for SUSE Linux Enterprise 12 SP5) Announcement ID: SUSE-SU-2026:2137-1 Release Date: 2026-05-30T19:34:08Z Rating: important References: * bsc#1259798 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 4.12.14-122.261 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2026-2137=1 SUSE-SLE-Live- Patching-12-SP5-2026-2138=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_261-default-16-2.1 * kgraft-patch-4_12_14-122_258-default-17-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 08:32:08 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 08:32:08 -0000 Subject: SUSE-SU-2026:2133-1: important: Security update for the Linux Kernel RT (Live Patch 13 for SUSE Linux Enterprise 15 SP7) Message-ID: <178030272869.1001.13237765637664090954@b43247fbb5ff> # Security update for the Linux Kernel RT (Live Patch 13 for SUSE Linux Enterprise 15 SP7) Announcement ID: SUSE-SU-2026:2133-1 Release Date: 2026-05-29T23:44:24Z Rating: important References: * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.44 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-2133=1 SUSE-SLE- Module-Live-Patching-15-SP7-2026-2132=1 SUSE-SLE-Module-Live- Patching-15-SP7-2026-2136=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (x86_64) * kernel-livepatch-6_4_0-150700_7_44-rt-debuginfo-2-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_12-debugsource-3-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_11-debugsource-4-150700.2.1 * kernel-livepatch-6_4_0-150700_7_37-rt-4-150700.2.1 * kernel-livepatch-6_4_0-150700_7_44-rt-2-150700.2.1 * kernel-livepatch-6_4_0-150700_7_40-rt-debuginfo-3-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_13-debugsource-2-150700.2.1 * kernel-livepatch-6_4_0-150700_7_37-rt-debuginfo-4-150700.2.1 * kernel-livepatch-6_4_0-150700_7_40-rt-3-150700.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 08:32:18 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 08:32:18 -0000 Subject: SUSE-SU-2026:2131-1: important: Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise 15 SP7) Message-ID: <178030273810.1001.10319606313396396737@b43247fbb5ff> # Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise 15 SP7) Announcement ID: SUSE-SU-2026:2131-1 Release Date: 2026-05-29T21:06:53Z Rating: important References: * bsc#1259798 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.34 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-2131=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (x86_64) * kernel-livepatch-6_4_0-150700_7_34-rt-4-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_10-debugsource-4-150700.2.1 * kernel-livepatch-6_4_0-150700_7_34-rt-debuginfo-4-150700.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 08:32:29 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 08:32:29 -0000 Subject: SUSE-SU-2026:2134-1: important: Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise 15 SP7) Message-ID: <178030274917.1001.16943950076711601471@b43247fbb5ff> # Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise 15 SP7) Announcement ID: SUSE-SU-2026:2134-1 Release Date: 2026-05-29T23:44:17Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.31 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-2134=1 SUSE-SLE- Module-Live-Patching-15-SP7-2026-2123=1 SUSE-SLE-Module-Live- Patching-15-SP7-2026-2126=1 SUSE-SLE-Module-Live-Patching-15-SP7-2026-2124=1 SUSE-SLE-Module-Live-Patching-15-SP7-2026-2127=1 SUSE-SLE-Module-Live- Patching-15-SP7-2026-2128=1 SUSE-SLE-Module-Live-Patching-15-SP7-2026-2129=1 SUSE-SLE-Module-Live-Patching-15-SP7-2026-2130=1 SUSE-SLE-Module-Live- Patching-15-SP7-2026-2125=1 SUSE-SLE-Module-Live-Patching-15-SP7-2026-2135=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (x86_64) * kernel-livepatch-SLE15-SP7-RT_Update_2-debugsource-16-150700.2.1 * kernel-livepatch-6_4_0-150700_7_3-rt-debuginfo-17-150700.2.1 * kernel-livepatch-6_4_0-150700_7_22-rt-debuginfo-8-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_9-debugsource-6-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_6-debugsource-8-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_1-debugsource-17-150700.2.1 * kernel-livepatch-6_4_0-150700_7_19-rt-debuginfo-9-150700.2.1 * kernel-livepatch-6_4_0-150700_7_16-rt-12-150700.2.1 * kernel-livepatch-6_4_0-150700_7_3-rt-17-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_0-debugsource-17-150700.3.1 * kernel-livepatch-6_4_0-150700_7_8-rt-16-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_3-debugsource-12-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_8-debugsource-7-150700.2.1 * kernel-livepatch-6_4_0-150700_7_28-rt-7-150700.2.1 * kernel-livepatch-6_4_0-150700_7_13-rt-12-150700.2.1 * kernel-livepatch-6_4_0-150700_7_16-rt-debuginfo-12-150700.2.1 * kernel-livepatch-6_4_0-150700_7_22-rt-8-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_4-debugsource-12-150700.2.1 * kernel-livepatch-6_4_0-150700_7_31-rt-debuginfo-6-150700.2.1 * kernel-livepatch-6_4_0-150700_5-rt-debuginfo-17-150700.3.1 * kernel-livepatch-6_4_0-150700_7_31-rt-6-150700.2.1 * kernel-livepatch-6_4_0-150700_5-rt-17-150700.3.1 * kernel-livepatch-6_4_0-150700_7_8-rt-debuginfo-16-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_5-debugsource-9-150700.2.1 * kernel-livepatch-6_4_0-150700_7_25-rt-7-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_7-debugsource-7-150700.2.1 * kernel-livepatch-6_4_0-150700_7_13-rt-debuginfo-12-150700.2.1 * kernel-livepatch-6_4_0-150700_7_28-rt-debuginfo-7-150700.2.1 * kernel-livepatch-6_4_0-150700_7_25-rt-debuginfo-7-150700.2.1 * kernel-livepatch-6_4_0-150700_7_19-rt-9-150700.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 12:30:12 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 12:30:12 -0000 Subject: SUSE-SU-2026:2191-1: important: Security update for the Linux Kernel (Live Patch 51 for SUSE Linux Enterprise 15 SP4) Message-ID: <178031701235.904.12854640060510304064@28a6f8bc0cea> # Security update for the Linux Kernel (Live Patch 51 for SUSE Linux Enterprise 15 SP4) Announcement ID: SUSE-SU-2026:2191-1 Release Date: 2026-06-01T06:36:48Z Rating: important References: * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.205 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2191=1 SUSE-2026-2190=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-2191=1 SUSE-SLE- Module-Live-Patching-15-SP4-2026-2190=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_200-default-debuginfo-4-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_51-debugsource-3-150400.2.1 * kernel-livepatch-5_14_21-150400_24_200-default-4-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_50-debugsource-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_205-default-3-150400.2.1 * kernel-livepatch-5_14_21-150400_24_205-default-debuginfo-3-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_200-default-debuginfo-4-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_51-debugsource-3-150400.2.1 * kernel-livepatch-5_14_21-150400_24_200-default-4-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_50-debugsource-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_205-default-3-150400.2.1 * kernel-livepatch-5_14_21-150400_24_205-default-debuginfo-3-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 12:30:25 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 12:30:25 -0000 Subject: SUSE-SU-2026:2189-1: important: Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP7) Message-ID: <178031702586.904.16245538442965838213@28a6f8bc0cea> # Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP7) Announcement ID: SUSE-SU-2026:2189-1 Release Date: 2026-06-01T01:36:34Z Rating: important References: * bsc#1259798 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.34 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-2189=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150700_53_34-default-debuginfo-4-150700.2.1 * kernel-livepatch-SLE15-SP7_Update_10-debugsource-4-150700.2.1 * kernel-livepatch-6_4_0-150700_53_34-default-4-150700.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 12:30:37 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 12:30:37 -0000 Subject: SUSE-SU-2026:2181-1: important: Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise 15 SP7) Message-ID: <178031703748.904.10200679614570078147@28a6f8bc0cea> # Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise 15 SP7) Announcement ID: SUSE-SU-2026:2181-1 Release Date: 2026-06-01T01:36:25Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.31 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-2187=1 SUSE-SLE- Module-Live-Patching-15-SP7-2026-2188=1 SUSE-SLE-Module-Live- Patching-15-SP7-2026-2181=1 SUSE-SLE-Module-Live-Patching-15-SP7-2026-2182=1 SUSE-SLE-Module-Live-Patching-15-SP7-2026-2184=1 SUSE-SLE-Module-Live- Patching-15-SP7-2026-2185=1 SUSE-SLE-Module-Live-Patching-15-SP7-2026-2183=1 SUSE-SLE-Module-Live-Patching-15-SP7-2026-2186=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150700_53_28-default-debuginfo-7-150700.2.1 * kernel-livepatch-SLE15-SP7_Update_8-debugsource-7-150700.2.1 * kernel-livepatch-6_4_0-150700_53_16-default-debuginfo-12-150700.2.1 * kernel-livepatch-6_4_0-150700_53_19-default-9-150700.2.1 * kernel-livepatch-6_4_0-150700_53_22-default-7-150700.2.1 * kernel-livepatch-SLE15-SP7_Update_3-debugsource-12-150700.2.1 * kernel-livepatch-6_4_0-150700_53_31-default-debuginfo-6-150700.2.1 * kernel-livepatch-6_4_0-150700_53_19-default-debuginfo-9-150700.2.1 * kernel-livepatch-6_4_0-150700_51-default-17-150700.3.48.1 * kernel-livepatch-6_4_0-150700_53_25-default-7-150700.2.1 * kernel-livepatch-SLE15-SP7_Update_7-debugsource-7-150700.2.1 * kernel-livepatch-6_4_0-150700_51-default-debuginfo-17-150700.3.48.1 * kernel-livepatch-SLE15-SP7_Update_0-debugsource-17-150700.3.48.1 * kernel-livepatch-6_4_0-150700_53_22-default-debuginfo-7-150700.2.1 * kernel-livepatch-SLE15-SP7_Update_9-debugsource-6-150700.2.1 * kernel-livepatch-6_4_0-150700_53_28-default-7-150700.2.1 * kernel-livepatch-SLE15-SP7_Update_5-debugsource-9-150700.2.1 * kernel-livepatch-6_4_0-150700_53_11-default-debuginfo-12-150700.2.1 * kernel-livepatch-SLE15-SP7_Update_6-debugsource-7-150700.2.1 * kernel-livepatch-6_4_0-150700_53_31-default-6-150700.2.1 * kernel-livepatch-6_4_0-150700_53_11-default-12-150700.2.1 * kernel-livepatch-SLE15-SP7_Update_4-debugsource-12-150700.2.1 * kernel-livepatch-6_4_0-150700_53_25-default-debuginfo-7-150700.2.1 * kernel-livepatch-6_4_0-150700_53_16-default-12-150700.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 12:30:49 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 12:30:49 -0000 Subject: SUSE-SU-2026:2197-1: important: Security update for strongswan Message-ID: <178031704912.904.13877274727258459836@28a6f8bc0cea> # Security update for strongswan Announcement ID: SUSE-SU-2026:2197-1 Release Date: 2026-06-01T07:45:03Z Rating: important References: * bsc#1261705 * bsc#1261706 * bsc#1261708 * bsc#1261712 * bsc#1261717 * bsc#1261720 Cross-References: * CVE-2026-35328 * CVE-2026-35329 * CVE-2026-35330 * CVE-2026-35332 * CVE-2026-35333 * CVE-2026-35334 CVSS scores: * CVE-2026-35328 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-35328 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35329 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-35329 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35330 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-35330 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-35332 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-35332 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35333 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-35333 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35334 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-35334 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves six vulnerabilities can now be installed. ## Description: This update for strongswan fixes the following issues: * CVE-2026-35328: infinite loop when handling supported versions TLS extension (bsc#1261712). * CVE-2026-35329: null pointer dereference when processing padding in PKCS#7 (bsc#1261717). * CVE-2026-35330: integer underflow when handling EAP-SIM/AKA attributes (bsc#1261705). * CVE-2026-35332: null pointer dereference when handling ECDH public value in TLS (bsc#1261708). * CVE-2026-35333: integer underflow when handling RADIUS attributes (bsc#1261706). * CVE-2026-35334: null pointer dereference in RSA decryption (bsc#1261720). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2197=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2197=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2197=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * strongswan-debuginfo-5.9.12-150600.3.16.1 * strongswan-mysql-debuginfo-5.9.12-150600.3.16.1 * strongswan-ipsec-5.9.12-150600.3.16.1 * strongswan-5.9.12-150600.3.16.1 * strongswan-sqlite-debuginfo-5.9.12-150600.3.16.1 * strongswan-hmac-5.9.12-150600.3.16.1 * strongswan-libs0-5.9.12-150600.3.16.1 * strongswan-libs0-debuginfo-5.9.12-150600.3.16.1 * strongswan-ipsec-debuginfo-5.9.12-150600.3.16.1 * strongswan-sqlite-5.9.12-150600.3.16.1 * strongswan-nm-5.9.12-150600.3.16.1 * strongswan-nm-debuginfo-5.9.12-150600.3.16.1 * strongswan-debugsource-5.9.12-150600.3.16.1 * strongswan-mysql-5.9.12-150600.3.16.1 * openSUSE Leap 15.6 (noarch) * strongswan-doc-5.9.12-150600.3.16.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * strongswan-debuginfo-5.9.12-150600.3.16.1 * strongswan-ipsec-5.9.12-150600.3.16.1 * strongswan-5.9.12-150600.3.16.1 * strongswan-hmac-5.9.12-150600.3.16.1 * strongswan-libs0-5.9.12-150600.3.16.1 * strongswan-libs0-debuginfo-5.9.12-150600.3.16.1 * strongswan-ipsec-debuginfo-5.9.12-150600.3.16.1 * strongswan-debugsource-5.9.12-150600.3.16.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * strongswan-doc-5.9.12-150600.3.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * strongswan-debuginfo-5.9.12-150600.3.16.1 * strongswan-ipsec-5.9.12-150600.3.16.1 * strongswan-5.9.12-150600.3.16.1 * strongswan-hmac-5.9.12-150600.3.16.1 * strongswan-libs0-5.9.12-150600.3.16.1 * strongswan-libs0-debuginfo-5.9.12-150600.3.16.1 * strongswan-ipsec-debuginfo-5.9.12-150600.3.16.1 * strongswan-debugsource-5.9.12-150600.3.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * strongswan-doc-5.9.12-150600.3.16.1 ## References: * https://www.suse.com/security/cve/CVE-2026-35328.html * https://www.suse.com/security/cve/CVE-2026-35329.html * https://www.suse.com/security/cve/CVE-2026-35330.html * https://www.suse.com/security/cve/CVE-2026-35332.html * https://www.suse.com/security/cve/CVE-2026-35333.html * https://www.suse.com/security/cve/CVE-2026-35334.html * https://bugzilla.suse.com/show_bug.cgi?id=1261705 * https://bugzilla.suse.com/show_bug.cgi?id=1261706 * https://bugzilla.suse.com/show_bug.cgi?id=1261708 * https://bugzilla.suse.com/show_bug.cgi?id=1261712 * https://bugzilla.suse.com/show_bug.cgi?id=1261717 * https://bugzilla.suse.com/show_bug.cgi?id=1261720 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 12:32:50 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 12:32:50 -0000 Subject: SUSE-SU-2026:2195-1: important: Security update for the Linux Kernel Message-ID: <178031717034.904.5305400034213599981@28a6f8bc0cea> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:2195-1 Release Date: 2026-06-01T07:40:43Z Rating: important References: * bsc#1234634 * bsc#1243603 * bsc#1248754 * bsc#1253754 * bsc#1258518 * bsc#1258718 * bsc#1258849 * bsc#1258850 * bsc#1258854 * bsc#1258855 * bsc#1258856 * bsc#1258857 * bsc#1258961 * bsc#1259484 * bsc#1259485 * bsc#1259857 * bsc#1260010 * bsc#1260018 * bsc#1260522 * bsc#1260526 * bsc#1261287 * bsc#1261295 * bsc#1261584 * bsc#1261638 * bsc#1261648 * bsc#1261707 * bsc#1261710 * bsc#1261779 * bsc#1261781 * bsc#1261796 * bsc#1261797 * bsc#1262020 * bsc#1262179 * bsc#1262181 * bsc#1262602 * bsc#1262665 * bsc#1262734 * bsc#1262758 * bsc#1263001 * bsc#1263065 * bsc#1263085 * bsc#1263093 * bsc#1263095 * bsc#1263131 * bsc#1263141 * bsc#1263165 * bsc#1263170 * bsc#1263176 * bsc#1263582 * bsc#1263600 * bsc#1263668 * bsc#1263723 * bsc#1263797 * bsc#1263815 * bsc#1263882 * bsc#1263901 * bsc#1263931 * bsc#1263933 * bsc#1264013 * bsc#1264059 * bsc#1264082 * bsc#1264087 * bsc#1264097 * bsc#1264482 * bsc#1264634 * bsc#1264651 * bsc#1264801 * bsc#1264848 * bsc#1265085 * bsc#1265090 * bsc#1265116 * bsc#1265119 * bsc#1265126 * bsc#1265421 * bsc#1265449 * bsc#1265456 * bsc#1265626 * bsc#1265846 * jsc#PED-7249 Cross-References: * CVE-2023-2058 * CVE-2025-54518 * CVE-2026-23209 * CVE-2026-23239 * CVE-2026-23240 * CVE-2026-23268 * CVE-2026-23269 * CVE-2026-23271 * CVE-2026-23273 * CVE-2026-23351 * CVE-2026-23393 * CVE-2026-23403 * CVE-2026-23404 * CVE-2026-23405 * CVE-2026-23406 * CVE-2026-23407 * CVE-2026-23408 * CVE-2026-23409 * CVE-2026-23410 * CVE-2026-23411 * CVE-2026-23449 * CVE-2026-23450 * CVE-2026-23458 * CVE-2026-23461 * CVE-2026-23462 * CVE-2026-31402 * CVE-2026-31403 * CVE-2026-31408 * CVE-2026-31436 * CVE-2026-31470 * CVE-2026-31504 * CVE-2026-31505 * CVE-2026-31507 * CVE-2026-31512 * CVE-2026-31528 * CVE-2026-31533 * CVE-2026-31570 * CVE-2026-31586 * CVE-2026-31588 * CVE-2026-31602 * CVE-2026-31607 * CVE-2026-31622 * CVE-2026-31649 * CVE-2026-31656 * CVE-2026-31662 * CVE-2026-31669 * CVE-2026-31685 * CVE-2026-31694 * CVE-2026-31700 * CVE-2026-31738 * CVE-2026-31787 * CVE-2026-43025 * CVE-2026-43027 * CVE-2026-43038 * CVE-2026-43044 * CVE-2026-43050 * CVE-2026-43110 * CVE-2026-43120 * CVE-2026-43126 * CVE-2026-43190 * CVE-2026-43214 * CVE-2026-43329 * CVE-2026-43330 * CVE-2026-43334 * CVE-2026-43365 * CVE-2026-43366 * CVE-2026-43437 * CVE-2026-43494 CVSS scores: * CVE-2023-2058 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2023-2058 ( NVD ): 2.4 CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23209 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23209 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23239 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23239 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23240 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23268 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23269 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23269 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23269 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23271 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23271 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23273 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23351 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23393 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23403 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23403 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23404 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23406 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23406 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23407 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23407 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23407 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23408 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23409 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23409 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23410 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23410 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23411 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23450 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23458 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23458 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23458 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23461 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23461 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23461 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23462 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31402 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31402 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-31402 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31403 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31408 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31408 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31408 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31436 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31436 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31436 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31470 ( SUSE ): 6.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31470 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31470 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31504 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31504 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31504 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31505 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31507 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31512 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31512 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-31512 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31528 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31528 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31528 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31533 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:N/SA:N * CVE-2026-31570 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31586 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31588 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-31602 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31602 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31602 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31607 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31607 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2026-31607 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31622 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31622 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31622 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31649 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31656 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31662 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31662 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31662 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31669 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31669 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31685 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31685 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31685 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31694 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31694 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31694 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31700 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31738 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-43027 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43027 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43038 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43038 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43044 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43044 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43044 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43050 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43110 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43110 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43110 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43120 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43126 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43190 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43190 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43190 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43214 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43214 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43214 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43329 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43329 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43329 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43330 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43330 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43330 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43334 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-43334 ( SUSE ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-43334 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43365 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43365 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43365 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43366 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43366 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43366 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43437 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43437 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43494 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 68 vulnerabilities, contains one feature and has 10 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2023-2058: x86/CPU: Fix FPDSS on Zen1 (bsc#1243603). * CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache (bsc#1264013). * CVE-2026-23239: espintcp: Fix race condition in espintcp_close() (bsc#1259485). * CVE-2026-23240: tls: Fix race condition in tls_sw_cancel_work_tx() (bsc#1259484). * CVE-2026-23271: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race (bsc#1260018). * CVE-2026-23351: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase (bsc#1260526). * CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260522). * CVE-2026-23449: net/sched: teql: Fix double-free in teql_master_xmit (bsc#1261779). * CVE-2026-23450: net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock() (bsc#1261584). * CVE-2026-23458: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() (bsc#1261781). * CVE-2026-23461: Bluetooth: L2CAP: Fix use-after-free in l2cap_unregister_user (bsc#1261707). * CVE-2026-23462: Bluetooth: HIDP: Fix possible UAF (bsc#1261710). * CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (bsc#1261638). * CVE-2026-31403: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd (bsc#1261796). * CVE-2026-31408: Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold (bsc#1261797). * CVE-2026-31436: dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() (bsc#1262602). * CVE-2026-31470: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (bsc#1262665). * CVE-2026-31504: net: fix fanout UAF in packet_release() via NETDEV_UP race (bsc#1263085). * CVE-2026-31505: iavf: fix out-of-bounds writes in iavf_get_ethtool_stats() (bsc#1263093). * CVE-2026-31507: net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer (bsc#1263095). * CVE-2026-31512: Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv() (bsc#1262734). * CVE-2026-31528: perf: Make sure to use pmu_ctx->pmu for groups (bsc#1263001). * CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (bsc#1262758). * CVE-2026-31570: can: gw: fix OOB heap access in cgw_csum_crc8_rel() (bsc#1263065). * CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (bsc#1263176). * CVE-2026-31588: KVM: x86: Use scratch field in MMIO fragment to hold small write values (bsc#1263165). * CVE-2026-31602: ALSA: ctxfi: Limit PTP to a single page (bsc#1263723). * CVE-2026-31607: usbip: validate number_of_packets in usbip_pack_ret_submit() (bsc#1263600). * CVE-2026-31622: NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (bsc#1263797). * CVE-2026-31649: net: stmmac: fix integer underflow in chain mode (bsc#1263582). * CVE-2026-31656: drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (bsc#1263170). * CVE-2026-31662: tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG (bsc#1263131). * CVE-2026-31669: mptcp: fix slab-use-after-free in __inet_lookup_established (bsc#1263141). * CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263668). * CVE-2026-31694: fuse: reject oversized dirents in page cache (bsc#1263901). * CVE-2026-31700: net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (bsc#1263882). * CVE-2026-31738: vxlan: validate ND option lengths in vxlan_na_create (bsc#1264059). * CVE-2026-31787: xen/privcmd: fix double free via VMA splitting (bsc#1262181). * CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new expectations (bsc#1263931). * CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect cleanup (bsc#1263933). * CVE-2026-43038: ipv6: icmp: clear skb2->cb in ip6_err_gen_icmpv6_unreach() (bsc#1264097). * CVE-2026-43044: crypto: caam - fix DMA corruption on long hmac keys (bsc#1264087). * CVE-2026-43050: atm: lec: fix use-after-free in sock_def_readable() (bsc#1264082). * CVE-2026-43110: wifi: brcmfmac: validate bsscfg indices in IF events (bsc#1264482). * CVE-2026-43120: RDMA/irdma: Fix double free related to rereg_user_mr. * CVE-2026-43126: ALSA: mixer: oss: Add card disconnect checkpoints (bsc#1264634). * CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264848). * CVE-2026-43214: KVM: x86: Add SRCU protection for reading PDPTRs in __get_sregs2() (bsc#1264651). * CVE-2026-43329: netfilter: flowtable: strictly check for maximum number of actions (bsc#1265085). * CVE-2026-43330: crypto: caam - fix overflow on long hmac keys (bsc#1264801). * CVE-2026-43334: Bluetooth: SMP: force responder MITM requirements before building the pairing response (bsc#1265090). * CVE-2026-43365: xfs: fix undersized l_iclog_roundoff values (bsc#1265119). * CVE-2026-43366: io_uring/kbuf: check if target buffer list is still legacy on recycle (bsc#1265116). * CVE-2026-43437: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (bsc#1265126). * CVE-2026-43494: net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). The following non security issues were fixed: * btrfs: reject root items with drop_progress and zero drop_level (git-fixes). * btrfs: replace BUG() with error handling in __btrfs_balance() (git-fixes). * check-for-config-changes: Exclude CC_MS_EXTENSIONS. * check-for-config-changes: Exclude HAVE_CFI_ICALL_NORMALIZE_INTEGERS{,_RUSTC}. * dm init: ensure device probing has finished in dm-mod.waitfor= (git-fixes). * hv_sock: fix ARM64 support (git-fixes). * ice: set max queues in alloc_etherdev_mqs() (git-fixes). * kdump, documentation: describe craskernel CMA reservation (jsc#PED-7249). * mkspec: Add signature to source list only when it exists. * net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * net/sched: fix pedit partial COW leading to page cache corruption (bsc#1265421). * net: mana: Add MAC address to vPort logs and clarify error messages (git- fixes). * net: mana: check xdp_rxq registration before unreg in mana_destroy_rxq() (git-fixes). * net: mana: Don't overwrite port probe error with add_adev result (git- fixes). * net: mana: Fix crash from unvalidated SHM offset read from BAR0 during FLR (bsc#1265846). * net: mana: Fix EQ leak in mana_remove on NULL port (git-fixes). * net: mana: Fix RX skb truesize accounting (bsc#1248754). * net: mana: fix use-after-free in mana_hwc_destroy_channel() by reordering teardown (git-fixes). * net: mana: Guard mana_remove against double invocation (git-fixes). * net: mana: hardening: Validate adapter_mtu from MANA_QUERY_DEV_CONFIG (git- fixes). * net: mana: hardening: Validate doorbell ID from GDMA_REGISTER_DEVICE response (git-fixes). * net: mana: Init gf_stats_work before potential error paths in probe (git- fixes). * net: mana: Init link_change_work before potential error paths in probe (git- fixes). * net: mana: remove double CQ cleanup in mana_create_rxq error path (git- fixes). * net: mana: Set default number of queues to 16 (bsc#1261648). * net: mana: Skip WQ object destruction for uninitialized RXQ (git-fixes). * net: mana: Use at least SZ_4K in doorbell ID range check (git-fixes). * net: mana: Use pci_name() for debugfs directory naming (git-fixes). * ocfs2: fix possible deadlock between unlink and dio_end_io_write (bsc#1258718). * ocfs2: split transactions in dio completion to avoid credit exhaustion (bsc#1258718). * PCI: hv: Set default NUMA node to 0 for devices without affinity info (git- fixes). * RDMA/mana: Fix error unwind in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Fix mana_destroy_wq_obj() cleanup in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Validate rx_hash_key_len (git-fixes). * RDMA/mana_ib: cleanup the usage of mana_gd_send_request() (git-fixes). * RDMA/mana_ib: Disable RX steering on RSS QP destroy (git-fixes). * RDMA/mana_ib: Support memory windows (git-fixes). * sched/balancing: Switch the 'DEFINE_SPINLOCK(balancing)' spinlock into an 'atomic_t sched_balance_running' flag (bsc#1253754). * sched/fair: Change likelyhood of nohz.nr_cpus (bsc#1234634 bsc#1258961). * sched/fair: Have SD_SERIALIZE affect newidle balancing (bsc#1253754). * sched/fair: Move checking for nohz cpus after time check (bsc#1234634 bsc#1258961). * sched/fair: Remove nohz.nr_cpus and use weight of cpumask instead (bsc#1234634 bsc#1258961). * sched/fair: Skip sched_balance_running cmpxchg when balance is not due (bsc#1253754). * scsi: storvsc: Handle PERSISTENT_RESERVE_IN truncation for Hyper-V vFC (git- fixes). * scsi: target: iscsi: validate CHAP_R length before base64 decode (bsc#1265449). * tty: tty_io: update timestamps on all device nodes (bsc#1262020). * virt: tdx-guest: Return error for GetQuote failures (git-fixes). * workqueue: Break up enum definitions and give names to the types (bsc#1260522). * workqueue: Clean up enum work_bits and related constants (bsc#1260522). * workqueue: Factor out work_grab_pending() from __cancel_work_sync() (bsc#1260522). * workqueue: Fix UBSAN 'subtraction overflow' error in shift_and_mask() (bsc#1260522). * workqueue: Implement disable/enable for (delayed) work items (bsc#1260522). * workqueue: Introduce work_cancel_flags (bsc#1260522). * workqueue: Make @flags handling consistent across set_work_data() and friends (bsc#1260522). * workqueue: Preserve OFFQ bits in cancel[_sync] paths (bsc#1260522). * workqueue: Rename __cancel_work_timer() to __cancel_timer_sync() (bsc#1260522). * workqueue: Reorganize flush and cancel[_sync] functions (bsc#1260522). * Xarray: do not return sibling entries from xas_find_marked() (bsc#1263815). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2195=1 * SUSE Linux Enterprise High Availability Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2026-2195=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2195=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2195=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-2195=1 ## Package List: * openSUSE Leap 15.6 (noarch nosrc) * kernel-docs-6.4.0-150600.23.112.1 * openSUSE Leap 15.6 (noarch) * kernel-source-6.4.0-150600.23.112.1 * kernel-source-vanilla-6.4.0-150600.23.112.1 * kernel-macros-6.4.0-150600.23.112.1 * kernel-devel-6.4.0-150600.23.112.1 * kernel-docs-html-6.4.0-150600.23.112.1 * openSUSE Leap 15.6 (nosrc ppc64le x86_64) * kernel-debug-6.4.0-150600.23.112.1 * openSUSE Leap 15.6 (ppc64le x86_64) * kernel-debug-devel-debuginfo-6.4.0-150600.23.112.1 * kernel-debug-devel-6.4.0-150600.23.112.1 * kernel-debug-debugsource-6.4.0-150600.23.112.1 * kernel-debug-debuginfo-6.4.0-150600.23.112.1 * openSUSE Leap 15.6 (x86_64) * kernel-kvmsmall-vdso-6.4.0-150600.23.112.1 * kernel-kvmsmall-vdso-debuginfo-6.4.0-150600.23.112.1 * kernel-debug-vdso-6.4.0-150600.23.112.1 * kernel-default-vdso-6.4.0-150600.23.112.1 * kernel-default-vdso-debuginfo-6.4.0-150600.23.112.1 * kernel-debug-vdso-debuginfo-6.4.0-150600.23.112.1 * openSUSE Leap 15.6 (aarch64 ppc64le x86_64) * kernel-default-base-rebuild-6.4.0-150600.23.112.1.150600.12.52.1 * kernel-kvmsmall-devel-6.4.0-150600.23.112.1 * kernel-kvmsmall-debuginfo-6.4.0-150600.23.112.1 * kernel-default-base-6.4.0-150600.23.112.1.150600.12.52.1 * kernel-kvmsmall-devel-debuginfo-6.4.0-150600.23.112.1 * kernel-kvmsmall-debugsource-6.4.0-150600.23.112.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-6.4.0-150600.23.112.1 * kernel-livepatch-6_4_0-150600_23_112-default-1-150600.13.3.1 * kernel-livepatch-SLE15-SP6_Update_26-debugsource-1-150600.13.3.1 * kernel-livepatch-6_4_0-150600_23_112-default-debuginfo-1-150600.13.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-debugsource-6.4.0-150600.23.112.1 * kernel-default-debuginfo-6.4.0-150600.23.112.1 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.112.1 * kernel-obs-qa-6.4.0-150600.23.112.1 * cluster-md-kmp-default-6.4.0-150600.23.112.1 * kernel-default-devel-6.4.0-150600.23.112.1 * dlm-kmp-default-debuginfo-6.4.0-150600.23.112.1 * kernel-obs-build-6.4.0-150600.23.112.1 * kernel-default-devel-debuginfo-6.4.0-150600.23.112.1 * kernel-default-optional-debuginfo-6.4.0-150600.23.112.1 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.112.1 * dlm-kmp-default-6.4.0-150600.23.112.1 * kselftests-kmp-default-6.4.0-150600.23.112.1 * kselftests-kmp-default-debuginfo-6.4.0-150600.23.112.1 * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.112.1 * kernel-default-debugsource-6.4.0-150600.23.112.1 * gfs2-kmp-default-6.4.0-150600.23.112.1 * kernel-default-extra-debuginfo-6.4.0-150600.23.112.1 * ocfs2-kmp-default-6.4.0-150600.23.112.1 * reiserfs-kmp-default-6.4.0-150600.23.112.1 * kernel-default-extra-6.4.0-150600.23.112.1 * kernel-syms-6.4.0-150600.23.112.1 * kernel-default-optional-6.4.0-150600.23.112.1 * kernel-default-livepatch-6.4.0-150600.23.112.1 * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.112.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-150600.23.112.1 * openSUSE Leap 15.6 (nosrc s390x) * kernel-zfcpdump-6.4.0-150600.23.112.1 * openSUSE Leap 15.6 (s390x) * kernel-zfcpdump-debugsource-6.4.0-150600.23.112.1 * kernel-zfcpdump-debuginfo-6.4.0-150600.23.112.1 * openSUSE Leap 15.6 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-6.4.0-150600.23.112.1 * openSUSE Leap 15.6 (nosrc) * dtb-aarch64-6.4.0-150600.23.112.1 * openSUSE Leap 15.6 (aarch64) * dtb-apm-6.4.0-150600.23.112.1 * cluster-md-kmp-64kb-debuginfo-6.4.0-150600.23.112.1 * dtb-cavium-6.4.0-150600.23.112.1 * kselftests-kmp-64kb-6.4.0-150600.23.112.1 * dtb-hisilicon-6.4.0-150600.23.112.1 * dtb-marvell-6.4.0-150600.23.112.1 * dtb-mediatek-6.4.0-150600.23.112.1 * dlm-kmp-64kb-debuginfo-6.4.0-150600.23.112.1 * kernel-64kb-extra-debuginfo-6.4.0-150600.23.112.1 * cluster-md-kmp-64kb-6.4.0-150600.23.112.1 * dtb-allwinner-6.4.0-150600.23.112.1 * ocfs2-kmp-64kb-6.4.0-150600.23.112.1 * gfs2-kmp-64kb-debuginfo-6.4.0-150600.23.112.1 * dtb-altera-6.4.0-150600.23.112.1 * kernel-64kb-optional-debuginfo-6.4.0-150600.23.112.1 * dtb-xilinx-6.4.0-150600.23.112.1 * kernel-64kb-debugsource-6.4.0-150600.23.112.1 * dtb-nvidia-6.4.0-150600.23.112.1 * gfs2-kmp-64kb-6.4.0-150600.23.112.1 * dtb-freescale-6.4.0-150600.23.112.1 * dtb-sprd-6.4.0-150600.23.112.1 * dtb-lg-6.4.0-150600.23.112.1 * dtb-rockchip-6.4.0-150600.23.112.1 * kernel-64kb-devel-6.4.0-150600.23.112.1 * dtb-socionext-6.4.0-150600.23.112.1 * dtb-apple-6.4.0-150600.23.112.1 * kernel-64kb-optional-6.4.0-150600.23.112.1 * dlm-kmp-64kb-6.4.0-150600.23.112.1 * reiserfs-kmp-64kb-debuginfo-6.4.0-150600.23.112.1 * dtb-amlogic-6.4.0-150600.23.112.1 * reiserfs-kmp-64kb-6.4.0-150600.23.112.1 * ocfs2-kmp-64kb-debuginfo-6.4.0-150600.23.112.1 * dtb-amazon-6.4.0-150600.23.112.1 * dtb-arm-6.4.0-150600.23.112.1 * kselftests-kmp-64kb-debuginfo-6.4.0-150600.23.112.1 * dtb-exynos-6.4.0-150600.23.112.1 * dtb-amd-6.4.0-150600.23.112.1 * kernel-64kb-devel-debuginfo-6.4.0-150600.23.112.1 * kernel-64kb-debuginfo-6.4.0-150600.23.112.1 * dtb-qcom-6.4.0-150600.23.112.1 * dtb-broadcom-6.4.0-150600.23.112.1 * kernel-64kb-extra-6.4.0-150600.23.112.1 * dtb-renesas-6.4.0-150600.23.112.1 * openSUSE Leap 15.6 (aarch64 nosrc) * kernel-64kb-6.4.0-150600.23.112.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (nosrc) * kernel-default-6.4.0-150600.23.112.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-6.4.0-150600.23.112.1 * kernel-default-debugsource-6.4.0-150600.23.112.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-6.4.0-150600.23.112.1 * kernel-obs-build-debugsource-6.4.0-150600.23.112.1 * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.112.1 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.112.1 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.112.1 * dlm-kmp-default-6.4.0-150600.23.112.1 * kernel-default-debugsource-6.4.0-150600.23.112.1 * kernel-syms-6.4.0-150600.23.112.1 * gfs2-kmp-default-6.4.0-150600.23.112.1 * cluster-md-kmp-default-6.4.0-150600.23.112.1 * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.112.1 * kernel-default-devel-6.4.0-150600.23.112.1 * reiserfs-kmp-default-6.4.0-150600.23.112.1 * ocfs2-kmp-default-6.4.0-150600.23.112.1 * dlm-kmp-default-debuginfo-6.4.0-150600.23.112.1 * kernel-obs-build-6.4.0-150600.23.112.1 * kernel-default-devel-debuginfo-6.4.0-150600.23.112.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 nosrc) * kernel-64kb-6.4.0-150600.23.112.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64) * kernel-64kb-debuginfo-6.4.0-150600.23.112.1 * kernel-64kb-devel-6.4.0-150600.23.112.1 * kernel-64kb-devel-debuginfo-6.4.0-150600.23.112.1 * kernel-64kb-debugsource-6.4.0-150600.23.112.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-150600.23.112.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le x86_64) * kernel-default-base-6.4.0-150600.23.112.1.150600.12.52.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * kernel-source-6.4.0-150600.23.112.1 * kernel-devel-6.4.0-150600.23.112.1 * kernel-macros-6.4.0-150600.23.112.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch nosrc) * kernel-docs-6.4.0-150600.23.112.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (nosrc s390x) * kernel-zfcpdump-6.4.0-150600.23.112.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (s390x) * kernel-zfcpdump-debugsource-6.4.0-150600.23.112.1 * kernel-zfcpdump-debuginfo-6.4.0-150600.23.112.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * kernel-default-debuginfo-6.4.0-150600.23.112.1 * kernel-obs-build-debugsource-6.4.0-150600.23.112.1 * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.112.1 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.112.1 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.112.1 * dlm-kmp-default-6.4.0-150600.23.112.1 * kernel-default-debugsource-6.4.0-150600.23.112.1 * kernel-syms-6.4.0-150600.23.112.1 * gfs2-kmp-default-6.4.0-150600.23.112.1 * cluster-md-kmp-default-6.4.0-150600.23.112.1 * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.112.1 * kernel-default-devel-6.4.0-150600.23.112.1 * kernel-default-base-6.4.0-150600.23.112.1.150600.12.52.1 * reiserfs-kmp-default-6.4.0-150600.23.112.1 * ocfs2-kmp-default-6.4.0-150600.23.112.1 * dlm-kmp-default-debuginfo-6.4.0-150600.23.112.1 * kernel-obs-build-6.4.0-150600.23.112.1 * kernel-default-devel-debuginfo-6.4.0-150600.23.112.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (nosrc ppc64le x86_64) * kernel-default-6.4.0-150600.23.112.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * kernel-source-6.4.0-150600.23.112.1 * kernel-devel-6.4.0-150600.23.112.1 * kernel-macros-6.4.0-150600.23.112.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch nosrc) * kernel-docs-6.4.0-150600.23.112.1 * SUSE Linux Enterprise Live Patching 15-SP6 (nosrc) * kernel-default-6.4.0-150600.23.112.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-default-debuginfo-6.4.0-150600.23.112.1 * kernel-default-debugsource-6.4.0-150600.23.112.1 * kernel-livepatch-6_4_0-150600_23_112-default-1-150600.13.3.1 * kernel-livepatch-SLE15-SP6_Update_26-debugsource-1-150600.13.3.1 * kernel-default-livepatch-6.4.0-150600.23.112.1 * kernel-livepatch-6_4_0-150600_23_112-default-debuginfo-1-150600.13.3.1 * kernel-default-livepatch-devel-6.4.0-150600.23.112.1 ## References: * https://www.suse.com/security/cve/CVE-2023-2058.html * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23209.html * https://www.suse.com/security/cve/CVE-2026-23239.html * https://www.suse.com/security/cve/CVE-2026-23240.html * https://www.suse.com/security/cve/CVE-2026-23268.html * https://www.suse.com/security/cve/CVE-2026-23269.html * https://www.suse.com/security/cve/CVE-2026-23271.html * https://www.suse.com/security/cve/CVE-2026-23273.html * https://www.suse.com/security/cve/CVE-2026-23351.html * https://www.suse.com/security/cve/CVE-2026-23393.html * https://www.suse.com/security/cve/CVE-2026-23403.html * https://www.suse.com/security/cve/CVE-2026-23404.html * https://www.suse.com/security/cve/CVE-2026-23405.html * https://www.suse.com/security/cve/CVE-2026-23406.html * https://www.suse.com/security/cve/CVE-2026-23407.html * https://www.suse.com/security/cve/CVE-2026-23408.html * https://www.suse.com/security/cve/CVE-2026-23409.html * https://www.suse.com/security/cve/CVE-2026-23410.html * https://www.suse.com/security/cve/CVE-2026-23411.html * https://www.suse.com/security/cve/CVE-2026-23449.html * https://www.suse.com/security/cve/CVE-2026-23450.html * https://www.suse.com/security/cve/CVE-2026-23458.html * https://www.suse.com/security/cve/CVE-2026-23461.html * https://www.suse.com/security/cve/CVE-2026-23462.html * https://www.suse.com/security/cve/CVE-2026-31402.html * https://www.suse.com/security/cve/CVE-2026-31403.html * https://www.suse.com/security/cve/CVE-2026-31408.html * https://www.suse.com/security/cve/CVE-2026-31436.html * https://www.suse.com/security/cve/CVE-2026-31470.html * https://www.suse.com/security/cve/CVE-2026-31504.html * https://www.suse.com/security/cve/CVE-2026-31505.html * https://www.suse.com/security/cve/CVE-2026-31507.html * https://www.suse.com/security/cve/CVE-2026-31512.html * https://www.suse.com/security/cve/CVE-2026-31528.html * https://www.suse.com/security/cve/CVE-2026-31533.html * https://www.suse.com/security/cve/CVE-2026-31570.html * https://www.suse.com/security/cve/CVE-2026-31586.html * https://www.suse.com/security/cve/CVE-2026-31588.html * https://www.suse.com/security/cve/CVE-2026-31602.html * https://www.suse.com/security/cve/CVE-2026-31607.html * https://www.suse.com/security/cve/CVE-2026-31622.html * https://www.suse.com/security/cve/CVE-2026-31649.html * https://www.suse.com/security/cve/CVE-2026-31656.html * https://www.suse.com/security/cve/CVE-2026-31662.html * https://www.suse.com/security/cve/CVE-2026-31669.html * https://www.suse.com/security/cve/CVE-2026-31685.html * https://www.suse.com/security/cve/CVE-2026-31694.html * https://www.suse.com/security/cve/CVE-2026-31700.html * https://www.suse.com/security/cve/CVE-2026-31738.html * https://www.suse.com/security/cve/CVE-2026-31787.html * https://www.suse.com/security/cve/CVE-2026-43025.html * https://www.suse.com/security/cve/CVE-2026-43027.html * https://www.suse.com/security/cve/CVE-2026-43038.html * https://www.suse.com/security/cve/CVE-2026-43044.html * https://www.suse.com/security/cve/CVE-2026-43050.html * https://www.suse.com/security/cve/CVE-2026-43110.html * https://www.suse.com/security/cve/CVE-2026-43120.html * https://www.suse.com/security/cve/CVE-2026-43126.html * https://www.suse.com/security/cve/CVE-2026-43190.html * https://www.suse.com/security/cve/CVE-2026-43214.html * https://www.suse.com/security/cve/CVE-2026-43329.html * https://www.suse.com/security/cve/CVE-2026-43330.html * https://www.suse.com/security/cve/CVE-2026-43334.html * https://www.suse.com/security/cve/CVE-2026-43365.html * https://www.suse.com/security/cve/CVE-2026-43366.html * https://www.suse.com/security/cve/CVE-2026-43437.html * https://www.suse.com/security/cve/CVE-2026-43494.html * https://bugzilla.suse.com/show_bug.cgi?id=1234634 * https://bugzilla.suse.com/show_bug.cgi?id=1243603 * https://bugzilla.suse.com/show_bug.cgi?id=1248754 * https://bugzilla.suse.com/show_bug.cgi?id=1253754 * https://bugzilla.suse.com/show_bug.cgi?id=1258518 * https://bugzilla.suse.com/show_bug.cgi?id=1258718 * https://bugzilla.suse.com/show_bug.cgi?id=1258849 * https://bugzilla.suse.com/show_bug.cgi?id=1258850 * https://bugzilla.suse.com/show_bug.cgi?id=1258854 * https://bugzilla.suse.com/show_bug.cgi?id=1258855 * https://bugzilla.suse.com/show_bug.cgi?id=1258856 * https://bugzilla.suse.com/show_bug.cgi?id=1258857 * https://bugzilla.suse.com/show_bug.cgi?id=1258961 * https://bugzilla.suse.com/show_bug.cgi?id=1259484 * https://bugzilla.suse.com/show_bug.cgi?id=1259485 * https://bugzilla.suse.com/show_bug.cgi?id=1259857 * https://bugzilla.suse.com/show_bug.cgi?id=1260010 * https://bugzilla.suse.com/show_bug.cgi?id=1260018 * https://bugzilla.suse.com/show_bug.cgi?id=1260522 * https://bugzilla.suse.com/show_bug.cgi?id=1260526 * https://bugzilla.suse.com/show_bug.cgi?id=1261287 * https://bugzilla.suse.com/show_bug.cgi?id=1261295 * https://bugzilla.suse.com/show_bug.cgi?id=1261584 * https://bugzilla.suse.com/show_bug.cgi?id=1261638 * https://bugzilla.suse.com/show_bug.cgi?id=1261648 * https://bugzilla.suse.com/show_bug.cgi?id=1261707 * https://bugzilla.suse.com/show_bug.cgi?id=1261710 * https://bugzilla.suse.com/show_bug.cgi?id=1261779 * https://bugzilla.suse.com/show_bug.cgi?id=1261781 * https://bugzilla.suse.com/show_bug.cgi?id=1261796 * https://bugzilla.suse.com/show_bug.cgi?id=1261797 * https://bugzilla.suse.com/show_bug.cgi?id=1262020 * https://bugzilla.suse.com/show_bug.cgi?id=1262179 * https://bugzilla.suse.com/show_bug.cgi?id=1262181 * https://bugzilla.suse.com/show_bug.cgi?id=1262602 * https://bugzilla.suse.com/show_bug.cgi?id=1262665 * https://bugzilla.suse.com/show_bug.cgi?id=1262734 * https://bugzilla.suse.com/show_bug.cgi?id=1262758 * https://bugzilla.suse.com/show_bug.cgi?id=1263001 * https://bugzilla.suse.com/show_bug.cgi?id=1263065 * https://bugzilla.suse.com/show_bug.cgi?id=1263085 * https://bugzilla.suse.com/show_bug.cgi?id=1263093 * https://bugzilla.suse.com/show_bug.cgi?id=1263095 * https://bugzilla.suse.com/show_bug.cgi?id=1263131 * https://bugzilla.suse.com/show_bug.cgi?id=1263141 * https://bugzilla.suse.com/show_bug.cgi?id=1263165 * https://bugzilla.suse.com/show_bug.cgi?id=1263170 * https://bugzilla.suse.com/show_bug.cgi?id=1263176 * https://bugzilla.suse.com/show_bug.cgi?id=1263582 * https://bugzilla.suse.com/show_bug.cgi?id=1263600 * https://bugzilla.suse.com/show_bug.cgi?id=1263668 * https://bugzilla.suse.com/show_bug.cgi?id=1263723 * https://bugzilla.suse.com/show_bug.cgi?id=1263797 * https://bugzilla.suse.com/show_bug.cgi?id=1263815 * https://bugzilla.suse.com/show_bug.cgi?id=1263882 * https://bugzilla.suse.com/show_bug.cgi?id=1263901 * https://bugzilla.suse.com/show_bug.cgi?id=1263931 * https://bugzilla.suse.com/show_bug.cgi?id=1263933 * https://bugzilla.suse.com/show_bug.cgi?id=1264013 * https://bugzilla.suse.com/show_bug.cgi?id=1264059 * https://bugzilla.suse.com/show_bug.cgi?id=1264082 * https://bugzilla.suse.com/show_bug.cgi?id=1264087 * https://bugzilla.suse.com/show_bug.cgi?id=1264097 * https://bugzilla.suse.com/show_bug.cgi?id=1264482 * https://bugzilla.suse.com/show_bug.cgi?id=1264634 * https://bugzilla.suse.com/show_bug.cgi?id=1264651 * https://bugzilla.suse.com/show_bug.cgi?id=1264801 * https://bugzilla.suse.com/show_bug.cgi?id=1264848 * https://bugzilla.suse.com/show_bug.cgi?id=1265085 * https://bugzilla.suse.com/show_bug.cgi?id=1265090 * https://bugzilla.suse.com/show_bug.cgi?id=1265116 * https://bugzilla.suse.com/show_bug.cgi?id=1265119 * https://bugzilla.suse.com/show_bug.cgi?id=1265126 * https://bugzilla.suse.com/show_bug.cgi?id=1265421 * https://bugzilla.suse.com/show_bug.cgi?id=1265449 * https://bugzilla.suse.com/show_bug.cgi?id=1265456 * https://bugzilla.suse.com/show_bug.cgi?id=1265626 * https://bugzilla.suse.com/show_bug.cgi?id=1265846 * https://jira.suse.com/browse/PED-7249 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 12:32:54 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 12:32:54 -0000 Subject: SUSE-SU-2026:2194-1: important: Security update for ignition Message-ID: <178031717425.904.9993272752940859165@28a6f8bc0cea> # Security update for ignition Announcement ID: SUSE-SU-2026:2194-1 Release Date: 2026-06-01T07:08:59Z Rating: important References: * bsc#1265751 Cross-References: * CVE-2026-33814 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro for Rancher 5.3 An update that solves one vulnerability can now be installed. ## Description: This update for ignition fixes the following issue * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265751). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2194=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2194=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * ignition-debuginfo-2.14.0-150400.4.18.1 * ignition-dracut-grub2-2.14.0-150400.4.18.1 * ignition-2.14.0-150400.4.18.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * ignition-debuginfo-2.14.0-150400.4.18.1 * ignition-dracut-grub2-2.14.0-150400.4.18.1 * ignition-2.14.0-150400.4.18.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://bugzilla.suse.com/show_bug.cgi?id=1265751 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 12:32:58 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 12:32:58 -0000 Subject: SUSE-SU-2026:2193-1: important: Security update for ignition Message-ID: <178031717821.904.15794764101807908591@28a6f8bc0cea> # Security update for ignition Announcement ID: SUSE-SU-2026:2193-1 Release Date: 2026-06-01T07:08:53Z Rating: important References: * bsc#1265751 Cross-References: * CVE-2026-33814 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for ignition fixes the following issue * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265751). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2193=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2193=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * ignition-dracut-grub2-2.15.0-150400.4.17.1 * ignition-debuginfo-2.15.0-150400.4.17.1 * ignition-2.15.0-150400.4.17.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * ignition-dracut-grub2-2.15.0-150400.4.17.1 * ignition-debuginfo-2.15.0-150400.4.17.1 * ignition-2.15.0-150400.4.17.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://bugzilla.suse.com/show_bug.cgi?id=1265751 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 12:33:01 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 12:33:01 -0000 Subject: SUSE-SU-2026:2192-1: important: Security update for ignition Message-ID: <178031718151.904.8441177287021438524@28a6f8bc0cea> # Security update for ignition Announcement ID: SUSE-SU-2026:2192-1 Release Date: 2026-06-01T07:08:47Z Rating: important References: * bsc#1265751 Cross-References: * CVE-2026-33814 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for ignition fixes the following issue * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265751). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2192=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * ignition-debuginfo-2.17.0-150500.3.18.1 * ignition-dracut-grub2-2.17.0-150500.3.18.1 * ignition-2.17.0-150500.3.18.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://bugzilla.suse.com/show_bug.cgi?id=1265751 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 16:30:19 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 16:30:19 -0000 Subject: SUSE-SU-2026:2199-1: important: Security update for the Linux Kernel (Live Patch 17 for SUSE Linux Enterprise 15 SP6) Message-ID: <178033141943.1897.12312912158835768638@c5908e215476> # Security update for the Linux Kernel (Live Patch 17 for SUSE Linux Enterprise 15 SP6) Announcement ID: SUSE-SU-2026:2199-1 Release Date: 2026-06-01T08:34:21Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.78 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2199=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-2199=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_78-default-7-150600.2.1 * kernel-livepatch-6_4_0-150600_23_78-default-debuginfo-7-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_17-debugsource-7-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_78-default-7-150600.2.1 * kernel-livepatch-6_4_0-150600_23_78-default-debuginfo-7-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_17-debugsource-7-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 16:30:26 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 16:30:26 -0000 Subject: SUSE-SU-2026:2200-1: important: Security update for the Linux Kernel (Live Patch 22 for SUSE Linux Enterprise 15 SP6) Message-ID: <178033142660.1897.14269266120110755092@c5908e215476> # Security update for the Linux Kernel (Live Patch 22 for SUSE Linux Enterprise 15 SP6) Announcement ID: SUSE-SU-2026:2200-1 Release Date: 2026-06-01T10:07:50Z Rating: important References: * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.95 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2026-2200=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2205=1 SUSE-2026-2198=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-2198=1 SUSE-SLE- Module-Live-Patching-15-SP5-2026-2205=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2201=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-2201=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_302-default-3-2.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_37-debugsource-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_149-default-debuginfo-3-150500.2.1 * kernel-livepatch-5_14_21-150500_55_149-default-3-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_38-debugsource-3-150500.2.1 * kernel-livepatch-5_14_21-150500_55_144-default-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_144-default-debuginfo-4-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_37-debugsource-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_149-default-debuginfo-3-150500.2.1 * kernel-livepatch-5_14_21-150500_55_149-default-3-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_38-debugsource-3-150500.2.1 * kernel-livepatch-5_14_21-150500_55_144-default-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_144-default-debuginfo-4-150500.2.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_95-default-debuginfo-4-150600.2.1 * kernel-livepatch-6_4_0-150600_23_95-default-4-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_22-debugsource-4-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_95-default-debuginfo-4-150600.2.1 * kernel-livepatch-6_4_0-150600_23_95-default-4-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_22-debugsource-4-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 16:30:30 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 16:30:30 -0000 Subject: SUSE-SU-2026:2204-1: important: Security update for busybox Message-ID: <178033143051.1897.16733430361241065126@c5908e215476> # Security update for busybox Announcement ID: SUSE-SU-2026:2204-1 Release Date: 2026-06-01T10:04:56Z Rating: important References: * bsc#1263989 Cross-References: * CVE-2026-29004 CVSS scores: * CVE-2026-29004 ( SUSE ): 7.2 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-29004 ( SUSE ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2026-29004 ( NVD ): 7.2 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-29004 ( NVD ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for busybox fixes the following issue * CVE-2026-29004: a crafted DHCPv6 response can lead to a heap buffer overflow in the DHCPv6 client (bsc#1263989). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2204=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2204=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2204=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2204=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2204=1 ## Package List: * openSUSE Leap 15.4 (noarch) * busybox-net-tools-1.35.0-150400.4.7.1 * busybox-gzip-1.35.0-150400.4.7.1 * busybox-tar-1.35.0-150400.4.7.1 * busybox-adduser-1.35.0-150400.4.7.1 * busybox-diffutils-1.35.0-150400.4.7.1 * busybox-sendmail-1.35.0-150400.4.7.1 * busybox-patch-1.35.0-150400.4.7.1 * busybox-sh-1.35.0-150400.4.7.1 * busybox-iputils-1.35.0-150400.4.7.1 * busybox-misc-1.35.0-150400.4.7.1 * busybox-ncurses-utils-1.35.0-150400.4.7.1 * busybox-less-1.35.0-150400.4.7.1 * busybox-syslogd-1.35.0-150400.4.7.1 * busybox-dos2unix-1.35.0-150400.4.7.1 * busybox-sysvinit-tools-1.35.0-150400.4.7.1 * busybox-telnet-1.35.0-150400.4.7.1 * busybox-vlan-1.35.0-150400.4.7.1 * busybox-man-1.35.0-150400.4.7.1 * busybox-vi-1.35.0-150400.4.7.1 * busybox-gawk-1.35.0-150400.4.7.1 * busybox-util-linux-1.35.0-150400.4.7.1 * busybox-findutils-1.35.0-150400.4.7.1 * busybox-kbd-1.35.0-150400.4.7.1 * busybox-xz-1.35.0-150400.4.7.1 * busybox-grep-1.35.0-150400.4.7.1 * busybox-links-1.35.0-150400.4.7.1 * busybox-hostname-1.35.0-150400.4.7.1 * busybox-psmisc-1.35.0-150400.4.7.1 * busybox-time-1.35.0-150400.4.7.1 * busybox-netcat-1.35.0-150400.4.7.1 * busybox-procps-1.35.0-150400.4.7.1 * busybox-unzip-1.35.0-150400.4.7.1 * busybox-bc-1.35.0-150400.4.7.1 * busybox-policycoreutils-1.35.0-150400.4.7.1 * busybox-bzip2-1.35.0-150400.4.7.1 * busybox-bind-utils-1.35.0-150400.4.7.1 * busybox-coreutils-1.35.0-150400.4.7.1 * busybox-tunctl-1.35.0-150400.4.7.1 * busybox-attr-1.35.0-150400.4.7.1 * busybox-selinux-tools-1.35.0-150400.4.7.1 * busybox-traceroute-1.35.0-150400.4.7.1 * busybox-cpio-1.35.0-150400.4.7.1 * busybox-which-1.35.0-150400.4.7.1 * busybox-sharutils-1.35.0-150400.4.7.1 * busybox-whois-1.35.0-150400.4.7.1 * busybox-kmod-1.35.0-150400.4.7.1 * busybox-wget-1.35.0-150400.4.7.1 * busybox-iproute2-1.35.0-150400.4.7.1 * busybox-ed-1.35.0-150400.4.7.1 * busybox-sed-1.35.0-150400.4.7.1 * busybox-tftp-1.35.0-150400.4.7.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * busybox-testsuite-1.35.0-150400.3.17.1 * busybox-1.35.0-150400.3.17.1 * busybox-static-1.35.0-150400.3.17.1 * openSUSE Leap 15.4 (aarch64 x86_64 i586) * busybox-warewulf3-1.35.0-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * busybox-1.35.0-150400.3.17.1 * busybox-static-1.35.0-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * busybox-1.35.0-150400.3.17.1 * busybox-static-1.35.0-150400.3.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * busybox-1.35.0-150400.3.17.1 * busybox-static-1.35.0-150400.3.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * busybox-1.35.0-150400.3.17.1 * busybox-static-1.35.0-150400.3.17.1 ## References: * https://www.suse.com/security/cve/CVE-2026-29004.html * https://bugzilla.suse.com/show_bug.cgi?id=1263989 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 16:31:13 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 16:31:13 -0000 Subject: SUSE-SU-2026:2203-1: important: Security update for wireshark Message-ID: <178033147358.1897.16954011158201271876@c5908e215476> # Security update for wireshark Announcement ID: SUSE-SU-2026:2203-1 Release Date: 2026-06-01T10:03:24Z Rating: important References: * bsc#1263725 * bsc#1263726 * bsc#1263727 * bsc#1263728 * bsc#1263731 * bsc#1263732 * bsc#1263734 * bsc#1263736 * bsc#1263737 * bsc#1263739 * bsc#1263740 * bsc#1263742 * bsc#1263743 * bsc#1263744 * bsc#1263745 * bsc#1263746 * bsc#1263747 * bsc#1263750 * bsc#1263752 * bsc#1263753 * bsc#1263754 * bsc#1263756 * bsc#1263758 * bsc#1263759 * bsc#1263762 * bsc#1263765 * bsc#1263766 * bsc#1263767 * bsc#1263809 Cross-References: * CVE-2026-5401 * CVE-2026-5403 * CVE-2026-5404 * CVE-2026-5405 * CVE-2026-5406 * CVE-2026-5407 * CVE-2026-5408 * CVE-2026-5653 * CVE-2026-5656 * CVE-2026-5657 * CVE-2026-6519 * CVE-2026-6520 * CVE-2026-6521 * CVE-2026-6522 * CVE-2026-6523 * CVE-2026-6526 * CVE-2026-6527 * CVE-2026-6529 * CVE-2026-6530 * CVE-2026-6532 * CVE-2026-6534 * CVE-2026-6535 * CVE-2026-6538 * CVE-2026-6867 * CVE-2026-6868 * CVE-2026-6869 * CVE-2026-6870 * CVE-2026-7378 * CVE-2026-7379 CVSS scores: * CVE-2026-5401 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5401 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5403 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5403 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-5404 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5404 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5404 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5405 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-5405 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-5406 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5406 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5407 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5407 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5408 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5408 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5653 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5653 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-5653 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5656 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-5656 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-5656 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-5657 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5657 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5657 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6519 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6519 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6520 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6520 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6520 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6521 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6521 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6522 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6522 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6523 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6523 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6526 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6526 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6527 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6527 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6529 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6529 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6530 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6530 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6532 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6534 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6534 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6535 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6535 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6538 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6538 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6867 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6867 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6868 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6868 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6868 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6869 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6869 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6870 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6870 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-7378 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-7378 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-7378 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-7379 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-7379 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-7379 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 29 vulnerabilities can now be installed. ## Description: This update for wireshark fixes the following issues * CVE-2026-5401: AFP dissector crash (bsc#1263756). * CVE-2026-5403: SBC audio codec crash (bsc#1263765). * CVE-2026-5404: K12 RF5 file parser crash (bsc#1263766). * CVE-2026-5405: RDP dissector crash (bsc#1263767). * CVE-2026-5406: FC-SWILS dissector crash (bsc#1263754). * CVE-2026-5407: SMB2 dissector infinite loop (bsc#1263753). * CVE-2026-5408: BT-DHT dissector crash (bsc#1263752). * CVE-2026-5653: DCP-ETSI dissector crash (bsc#1263750). * CVE-2026-5656: Profile import crash and possible code execution (bsc#1263809). * CVE-2026-5657: iLBC audio codec crash (bsc#1263747). * CVE-2026-6519: MBIM protocol dissector infinite loop (bsc#1263746). * CVE-2026-6520: OpenFlow v6 protocol dissector infinite loop (bsc#1263745). * CVE-2026-6521: OpenFlow v5 protocol dissector infinite loops (bsc#1263744). * CVE-2026-6522: RPKI-Router protocol dissector infinite loop (bsc#1263743). * CVE-2026-6523: GNW protocol dissector infinite loop (bsc#1263742). * CVE-2026-6526: RTSP protocol dissector crash (bsc#1263740). * CVE-2026-6527: ASN.1 PER dissector crash (bsc#1263739). * CVE-2026-6529: iLBC audio codec crash (bsc#1263737). * CVE-2026-6530: DCP-ETSI protocol dissector crash (bsc#1263736). * CVE-2026-6532: Kismet protocol dissector crash (bsc#1263734). * CVE-2026-6534: USB HID dissector infinite loop (bsc#1263732). * CVE-2026-6535: Dissection engine zlib decompression crash (bsc#1263731). * CVE-2026-6538: BEEP dissector crash (bsc#1263728). * CVE-2026-6867: SMB2 protocol dissector crash (bsc#1263727). * CVE-2026-6868: HTTP protocol dissector crash (bsc#1263762). * CVE-2026-6869: WebSocket protocol dissector crash (bsc#1263726). * CVE-2026-6870: GSM RP protocol dissector crash (bsc#1263725). * CVE-2026-7378: Sharkd utility crash (bsc#1263759). * CVE-2026-7379: Sharkd utility memory leak (bsc#1263758). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2203=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2203=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2203=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2203=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2203=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2203=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2203=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2203=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libwiretap12-debuginfo-3.6.24-150000.3.133.1 * wireshark-debuginfo-3.6.24-150000.3.133.1 * wireshark-devel-3.6.24-150000.3.133.1 * wireshark-ui-qt-3.6.24-150000.3.133.1 * libwireshark15-3.6.24-150000.3.133.1 * libwsutil13-3.6.24-150000.3.133.1 * wireshark-3.6.24-150000.3.133.1 * libwsutil13-debuginfo-3.6.24-150000.3.133.1 * wireshark-debugsource-3.6.24-150000.3.133.1 * libwireshark15-debuginfo-3.6.24-150000.3.133.1 * wireshark-ui-qt-debuginfo-3.6.24-150000.3.133.1 * libwiretap12-3.6.24-150000.3.133.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libwiretap12-debuginfo-3.6.24-150000.3.133.1 * wireshark-debuginfo-3.6.24-150000.3.133.1 * libwireshark15-3.6.24-150000.3.133.1 * wireshark-devel-3.6.24-150000.3.133.1 * wireshark-ui-qt-3.6.24-150000.3.133.1 * libwsutil13-3.6.24-150000.3.133.1 * wireshark-3.6.24-150000.3.133.1 * libwsutil13-debuginfo-3.6.24-150000.3.133.1 * wireshark-debugsource-3.6.24-150000.3.133.1 * libwireshark15-debuginfo-3.6.24-150000.3.133.1 * wireshark-ui-qt-debuginfo-3.6.24-150000.3.133.1 * libwiretap12-3.6.24-150000.3.133.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libwiretap12-debuginfo-3.6.24-150000.3.133.1 * wireshark-debuginfo-3.6.24-150000.3.133.1 * libwireshark15-3.6.24-150000.3.133.1 * wireshark-devel-3.6.24-150000.3.133.1 * wireshark-ui-qt-3.6.24-150000.3.133.1 * libwsutil13-3.6.24-150000.3.133.1 * wireshark-3.6.24-150000.3.133.1 * libwsutil13-debuginfo-3.6.24-150000.3.133.1 * wireshark-debugsource-3.6.24-150000.3.133.1 * libwireshark15-debuginfo-3.6.24-150000.3.133.1 * wireshark-ui-qt-debuginfo-3.6.24-150000.3.133.1 * libwiretap12-3.6.24-150000.3.133.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libwiretap12-debuginfo-3.6.24-150000.3.133.1 * wireshark-debuginfo-3.6.24-150000.3.133.1 * libwireshark15-3.6.24-150000.3.133.1 * wireshark-devel-3.6.24-150000.3.133.1 * wireshark-ui-qt-3.6.24-150000.3.133.1 * libwsutil13-3.6.24-150000.3.133.1 * wireshark-3.6.24-150000.3.133.1 * libwsutil13-debuginfo-3.6.24-150000.3.133.1 * wireshark-debugsource-3.6.24-150000.3.133.1 * libwireshark15-debuginfo-3.6.24-150000.3.133.1 * wireshark-ui-qt-debuginfo-3.6.24-150000.3.133.1 * libwiretap12-3.6.24-150000.3.133.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libwiretap12-debuginfo-3.6.24-150000.3.133.1 * wireshark-debuginfo-3.6.24-150000.3.133.1 * libwireshark15-3.6.24-150000.3.133.1 * wireshark-devel-3.6.24-150000.3.133.1 * wireshark-ui-qt-3.6.24-150000.3.133.1 * libwsutil13-3.6.24-150000.3.133.1 * wireshark-3.6.24-150000.3.133.1 * libwsutil13-debuginfo-3.6.24-150000.3.133.1 * wireshark-debugsource-3.6.24-150000.3.133.1 * libwireshark15-debuginfo-3.6.24-150000.3.133.1 * wireshark-ui-qt-debuginfo-3.6.24-150000.3.133.1 * libwiretap12-3.6.24-150000.3.133.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libwiretap12-debuginfo-3.6.24-150000.3.133.1 * wireshark-debuginfo-3.6.24-150000.3.133.1 * libwireshark15-3.6.24-150000.3.133.1 * wireshark-devel-3.6.24-150000.3.133.1 * wireshark-ui-qt-3.6.24-150000.3.133.1 * libwsutil13-3.6.24-150000.3.133.1 * wireshark-3.6.24-150000.3.133.1 * libwsutil13-debuginfo-3.6.24-150000.3.133.1 * wireshark-debugsource-3.6.24-150000.3.133.1 * libwireshark15-debuginfo-3.6.24-150000.3.133.1 * wireshark-ui-qt-debuginfo-3.6.24-150000.3.133.1 * libwiretap12-3.6.24-150000.3.133.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libwiretap12-debuginfo-3.6.24-150000.3.133.1 * wireshark-debuginfo-3.6.24-150000.3.133.1 * libwireshark15-3.6.24-150000.3.133.1 * wireshark-devel-3.6.24-150000.3.133.1 * wireshark-ui-qt-3.6.24-150000.3.133.1 * libwsutil13-3.6.24-150000.3.133.1 * wireshark-3.6.24-150000.3.133.1 * libwsutil13-debuginfo-3.6.24-150000.3.133.1 * wireshark-debugsource-3.6.24-150000.3.133.1 * libwireshark15-debuginfo-3.6.24-150000.3.133.1 * wireshark-ui-qt-debuginfo-3.6.24-150000.3.133.1 * libwiretap12-3.6.24-150000.3.133.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libwiretap12-debuginfo-3.6.24-150000.3.133.1 * wireshark-debuginfo-3.6.24-150000.3.133.1 * libwireshark15-3.6.24-150000.3.133.1 * wireshark-devel-3.6.24-150000.3.133.1 * wireshark-ui-qt-3.6.24-150000.3.133.1 * libwsutil13-3.6.24-150000.3.133.1 * wireshark-3.6.24-150000.3.133.1 * libwsutil13-debuginfo-3.6.24-150000.3.133.1 * wireshark-debugsource-3.6.24-150000.3.133.1 * libwireshark15-debuginfo-3.6.24-150000.3.133.1 * wireshark-ui-qt-debuginfo-3.6.24-150000.3.133.1 * libwiretap12-3.6.24-150000.3.133.1 ## References: * https://www.suse.com/security/cve/CVE-2026-5401.html * https://www.suse.com/security/cve/CVE-2026-5403.html * https://www.suse.com/security/cve/CVE-2026-5404.html * https://www.suse.com/security/cve/CVE-2026-5405.html * https://www.suse.com/security/cve/CVE-2026-5406.html * https://www.suse.com/security/cve/CVE-2026-5407.html * https://www.suse.com/security/cve/CVE-2026-5408.html * https://www.suse.com/security/cve/CVE-2026-5653.html * https://www.suse.com/security/cve/CVE-2026-5656.html * https://www.suse.com/security/cve/CVE-2026-5657.html * https://www.suse.com/security/cve/CVE-2026-6519.html * https://www.suse.com/security/cve/CVE-2026-6520.html * https://www.suse.com/security/cve/CVE-2026-6521.html * https://www.suse.com/security/cve/CVE-2026-6522.html * https://www.suse.com/security/cve/CVE-2026-6523.html * https://www.suse.com/security/cve/CVE-2026-6526.html * https://www.suse.com/security/cve/CVE-2026-6527.html * https://www.suse.com/security/cve/CVE-2026-6529.html * https://www.suse.com/security/cve/CVE-2026-6530.html * https://www.suse.com/security/cve/CVE-2026-6532.html * https://www.suse.com/security/cve/CVE-2026-6534.html * https://www.suse.com/security/cve/CVE-2026-6535.html * https://www.suse.com/security/cve/CVE-2026-6538.html * https://www.suse.com/security/cve/CVE-2026-6867.html * https://www.suse.com/security/cve/CVE-2026-6868.html * https://www.suse.com/security/cve/CVE-2026-6869.html * https://www.suse.com/security/cve/CVE-2026-6870.html * https://www.suse.com/security/cve/CVE-2026-7378.html * https://www.suse.com/security/cve/CVE-2026-7379.html * https://bugzilla.suse.com/show_bug.cgi?id=1263725 * https://bugzilla.suse.com/show_bug.cgi?id=1263726 * https://bugzilla.suse.com/show_bug.cgi?id=1263727 * https://bugzilla.suse.com/show_bug.cgi?id=1263728 * https://bugzilla.suse.com/show_bug.cgi?id=1263731 * https://bugzilla.suse.com/show_bug.cgi?id=1263732 * https://bugzilla.suse.com/show_bug.cgi?id=1263734 * https://bugzilla.suse.com/show_bug.cgi?id=1263736 * https://bugzilla.suse.com/show_bug.cgi?id=1263737 * https://bugzilla.suse.com/show_bug.cgi?id=1263739 * https://bugzilla.suse.com/show_bug.cgi?id=1263740 * https://bugzilla.suse.com/show_bug.cgi?id=1263742 * https://bugzilla.suse.com/show_bug.cgi?id=1263743 * https://bugzilla.suse.com/show_bug.cgi?id=1263744 * https://bugzilla.suse.com/show_bug.cgi?id=1263745 * https://bugzilla.suse.com/show_bug.cgi?id=1263746 * https://bugzilla.suse.com/show_bug.cgi?id=1263747 * https://bugzilla.suse.com/show_bug.cgi?id=1263750 * https://bugzilla.suse.com/show_bug.cgi?id=1263752 * https://bugzilla.suse.com/show_bug.cgi?id=1263753 * https://bugzilla.suse.com/show_bug.cgi?id=1263754 * https://bugzilla.suse.com/show_bug.cgi?id=1263756 * https://bugzilla.suse.com/show_bug.cgi?id=1263758 * https://bugzilla.suse.com/show_bug.cgi?id=1263759 * https://bugzilla.suse.com/show_bug.cgi?id=1263762 * https://bugzilla.suse.com/show_bug.cgi?id=1263765 * https://bugzilla.suse.com/show_bug.cgi?id=1263766 * https://bugzilla.suse.com/show_bug.cgi?id=1263767 * https://bugzilla.suse.com/show_bug.cgi?id=1263809 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 16:32:51 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 16:32:51 -0000 Subject: SUSE-SU-2026:2202-1: important: Security update for the Linux Kernel Message-ID: <178033157108.1897.1699397110519264736@c5908e215476> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:2202-1 Release Date: 2026-06-01T10:02:15Z Rating: important References: * bsc#1221010 * bsc#1243603 * bsc#1258248 * bsc#1258518 * bsc#1258718 * bsc#1258849 * bsc#1258850 * bsc#1258854 * bsc#1258855 * bsc#1258856 * bsc#1258857 * bsc#1259484 * bsc#1259485 * bsc#1259857 * bsc#1260010 * bsc#1260018 * bsc#1260522 * bsc#1260526 * bsc#1260983 * bsc#1261287 * bsc#1261295 * bsc#1261638 * bsc#1261710 * bsc#1261779 * bsc#1261781 * bsc#1261796 * bsc#1261797 * bsc#1262179 * bsc#1262181 * bsc#1262602 * bsc#1262734 * bsc#1262758 * bsc#1263065 * bsc#1263085 * bsc#1263095 * bsc#1263131 * bsc#1263141 * bsc#1263165 * bsc#1263170 * bsc#1263176 * bsc#1263582 * bsc#1263600 * bsc#1263668 * bsc#1263723 * bsc#1263882 * bsc#1263901 * bsc#1263931 * bsc#1263933 * bsc#1264059 * bsc#1264082 * bsc#1264450 * bsc#1264482 * bsc#1264634 * bsc#1264651 * bsc#1264848 * bsc#1265085 * bsc#1265090 * bsc#1265119 * bsc#1265126 * bsc#1265308 * bsc#1265456 * bsc#1265626 * bsc#1265960 Cross-References: * CVE-2021-47103 * CVE-2023-20585 * CVE-2026-23209 * CVE-2026-23239 * CVE-2026-23240 * CVE-2026-23268 * CVE-2026-23269 * CVE-2026-23271 * CVE-2026-23273 * CVE-2026-23351 * CVE-2026-23393 * CVE-2026-23403 * CVE-2026-23404 * CVE-2026-23405 * CVE-2026-23406 * CVE-2026-23407 * CVE-2026-23408 * CVE-2026-23409 * CVE-2026-23410 * CVE-2026-23411 * CVE-2026-23449 * CVE-2026-23458 * CVE-2026-23462 * CVE-2026-31402 * CVE-2026-31403 * CVE-2026-31408 * CVE-2026-31436 * CVE-2026-31504 * CVE-2026-31507 * CVE-2026-31512 * CVE-2026-31533 * CVE-2026-31570 * CVE-2026-31586 * CVE-2026-31588 * CVE-2026-31602 * CVE-2026-31607 * CVE-2026-31649 * CVE-2026-31656 * CVE-2026-31662 * CVE-2026-31669 * CVE-2026-31685 * CVE-2026-31694 * CVE-2026-31700 * CVE-2026-31738 * CVE-2026-31787 * CVE-2026-43025 * CVE-2026-43027 * CVE-2026-43050 * CVE-2026-43110 * CVE-2026-43126 * CVE-2026-43190 * CVE-2026-43214 * CVE-2026-43329 * CVE-2026-43334 * CVE-2026-43365 * CVE-2026-43437 * CVE-2026-43494 * CVE-2026-43500 * CVE-2026-43503 * CVE-2026-46333 CVSS scores: * CVE-2021-47103 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2021-47103 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47103 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-20585 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2023-20585 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2023-20585 ( NVD ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23209 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23209 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23239 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23239 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23240 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23268 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23269 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23269 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23269 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23271 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23271 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23273 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23351 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23393 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23403 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23403 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23404 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23406 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23406 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23407 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23407 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23407 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23408 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23409 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23409 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23410 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23410 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23411 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23458 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23458 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23458 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23462 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31402 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31402 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-31402 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31403 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31408 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31408 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31408 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31436 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31436 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31436 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31504 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31504 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31504 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31507 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31512 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31512 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-31512 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31533 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31533 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:N/SA:N * CVE-2026-31570 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31586 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31588 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-31602 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31602 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31602 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31607 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31607 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2026-31607 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31649 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31656 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31662 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31662 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31662 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31669 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31669 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31685 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31685 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31685 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31694 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31694 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31694 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31700 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31738 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-43027 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43027 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43050 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43110 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43110 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43110 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43126 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43190 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43190 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43190 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43214 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43214 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43214 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43329 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43329 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43329 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43334 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-43334 ( SUSE ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-43334 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43365 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43365 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43365 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43437 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43437 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43494 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43500 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43500 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43500 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43503 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43503 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43503 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves 60 vulnerabilities and has three security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2021-47103: inet: fully convert sk->sk_rx_dst to RCU rules (bsc#1221010). * CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1 (bsc#1243603). * CVE-2026-23239: espintcp: Fix race condition in espintcp_close() (bsc#1259485). * CVE-2026-23240: tls: Fix race condition in tls_sw_cancel_work_tx() (bsc#1259484). * CVE-2026-23271: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race (bsc#1260018). * CVE-2026-23351: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase (bsc#1260526). * CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260522). * CVE-2026-23449: net/sched: teql: Fix double-free in teql_master_xmit (bsc#1261779). * CVE-2026-23458: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() (bsc#1261781). * CVE-2026-23462: Bluetooth: HIDP: Fix possible UAF (bsc#1261710). * CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (bsc#1261638). * CVE-2026-31403: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd (bsc#1261796). * CVE-2026-31408: Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold (bsc#1261797). * CVE-2026-31436: dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() (bsc#1262602). * CVE-2026-31504: net: fix fanout UAF in packet_release() via NETDEV_UP race (bsc#1263085). * CVE-2026-31507: net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer (bsc#1263095). * CVE-2026-31512: Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv() (bsc#1262734). * CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (bsc#1262758). * CVE-2026-31570: can: gw: fix OOB heap access in cgw_csum_crc8_rel() (bsc#1263065). * CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (bsc#1263176). * CVE-2026-31588: KVM: x86: Use scratch field in MMIO fragment to hold small write values (bsc#1263165). * CVE-2026-31602: ALSA: ctxfi: Limit PTP to a single page (bsc#1263723). * CVE-2026-31607: usbip: validate number_of_packets in usbip_pack_ret_submit() (bsc#1263600). * CVE-2026-31649: net: stmmac: fix integer underflow in chain mode (bsc#1263582). * CVE-2026-31656: drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (bsc#1263170). * CVE-2026-31662: tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG (bsc#1263131). * CVE-2026-31669: mptcp: fix slab-use-after-free in __inet_lookup_established (bsc#1263141). * CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263668). * CVE-2026-31694: fuse: reject oversized dirents in page cache (bsc#1263901). * CVE-2026-31700: net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (bsc#1263882). * CVE-2026-31738: vxlan: validate ND option lengths in vxlan_na_create (bsc#1264059). * CVE-2026-31787: xen/privcmd: fix double free via VMA splitting (bsc#1262181). * CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new expectations (bsc#1263931). * CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect cleanup (bsc#1263933). * CVE-2026-43050: atm: lec: fix use-after-free in sock_def_readable() (bsc#1264082). * CVE-2026-43110: wifi: brcmfmac: validate bsscfg indices in IF events (bsc#1264482). * CVE-2026-43126: ALSA: mixer: oss: Add card disconnect checkpoints (bsc#1264634). * CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264848). * CVE-2026-43214: KVM: x86: Add SRCU protection for reading PDPTRs in __get_sregs2() (bsc#1264651). * CVE-2026-43329: netfilter: flowtable: strictly check for maximum number of actions (bsc#1265085). * CVE-2026-43334: Bluetooth: SMP: force responder MITM requirements before building the pairing response (bsc#1265090). * CVE-2026-43365: xfs: fix undersized l_iclog_roundoff values (bsc#1265119). * CVE-2026-43437: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (bsc#1265126). * CVE-2026-43494: net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * CVE-2026-43500: supported.conf: drop rxrpc and af_kfs (bsc#1264450). * CVE-2026-43503: net: skbuff: propagate shared-frag marker through frag- transfer helpers (bsc#1265960). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265308). The following non security issues were fixed: * check-for-config-changes: Exclude CC_MS_EXTENSIONS. * check-for-config-changes: Exclude HAVE_CFI_ICALL_NORMALIZE_INTEGERS{,_RUSTC}. * crypto: qat - fix ring to service map for QAT GEN4 (bsc#1258248). * crypto: qat - refactor fw config related functions (bsc#1258248). * crypto: qat - use masks for AE groups (bsc#1258248). * dm init: ensure device probing has finished in dm-mod.waitfor= (git-fixes). * mkspec: Add signature to source list only when it exists. * net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * net: gro: don't merge zcopy skbs (git-fixes). * nvmet-rdma: fix possible bad dereference when freeing rsps (bsc#1260983). * ocfs2: fix possible deadlock between unlink and dio_end_io_write (bsc#1258718). * ocfs2: split transactions in dio completion to avoid credit exhaustion (bsc#1258718). * xfrm: esp: avoid in-place decrypt on shared skb frags. ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2202=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2202=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2202=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2202=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2202=1 * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2026-2202=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2202=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2202=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2202=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2202=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-2202=1 ## Package List: * openSUSE Leap 15.4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.219.1 * openSUSE Leap 15.4 (noarch) * kernel-devel-5.14.21-150400.24.219.1 * kernel-source-vanilla-5.14.21-150400.24.219.1 * kernel-macros-5.14.21-150400.24.219.1 * kernel-docs-html-5.14.21-150400.24.219.1 * kernel-source-5.14.21-150400.24.219.1 * openSUSE Leap 15.4 (aarch64 ppc64le x86_64) * kernel-default-base-rebuild-5.14.21-150400.24.219.1.150400.24.110.2 * kernel-kvmsmall-debuginfo-5.14.21-150400.24.219.1 * kernel-kvmsmall-debugsource-5.14.21-150400.24.219.1 * kernel-default-base-5.14.21-150400.24.219.1.150400.24.110.2 * kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.219.1 * kernel-kvmsmall-devel-5.14.21-150400.24.219.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.219.1 * kernel-obs-qa-5.14.21-150400.24.219.1 * kernel-default-extra-5.14.21-150400.24.219.1 * kernel-obs-build-5.14.21-150400.24.219.1 * kernel-default-debuginfo-5.14.21-150400.24.219.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.219.1 * reiserfs-kmp-default-5.14.21-150400.24.219.1 * kernel-default-optional-debuginfo-5.14.21-150400.24.219.1 * kernel-syms-5.14.21-150400.24.219.1 * kselftests-kmp-default-5.14.21-150400.24.219.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.219.1 * ocfs2-kmp-default-5.14.21-150400.24.219.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.219.1 * gfs2-kmp-default-5.14.21-150400.24.219.1 * kernel-default-extra-debuginfo-5.14.21-150400.24.219.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.219.1 * kselftests-kmp-default-debuginfo-5.14.21-150400.24.219.1 * kernel-default-optional-5.14.21-150400.24.219.1 * kernel-default-devel-5.14.21-150400.24.219.1 * kernel-default-livepatch-5.14.21-150400.24.219.1 * cluster-md-kmp-default-5.14.21-150400.24.219.1 * kernel-obs-build-debugsource-5.14.21-150400.24.219.1 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.219.1 * dlm-kmp-default-5.14.21-150400.24.219.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.219.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.219.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-5.14.21-150400.24.219.1 * kernel-livepatch-5_14_21-150400_24_219-default-debuginfo-1-150400.9.5.1 * kernel-livepatch-SLE15-SP4_Update_54-debugsource-1-150400.9.5.1 * kernel-livepatch-5_14_21-150400_24_219-default-1-150400.9.5.1 * openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150400.24.219.1 * openSUSE Leap 15.4 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.219.1 * openSUSE Leap 15.4 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150400.24.219.1 * kernel-zfcpdump-debugsource-5.14.21-150400.24.219.1 * openSUSE Leap 15.4 (nosrc) * dtb-aarch64-5.14.21-150400.24.219.1 * openSUSE Leap 15.4 (aarch64) * dtb-broadcom-5.14.21-150400.24.219.1 * dtb-lg-5.14.21-150400.24.219.1 * dtb-altera-5.14.21-150400.24.219.1 * ocfs2-kmp-64kb-5.14.21-150400.24.219.1 * dtb-xilinx-5.14.21-150400.24.219.1 * reiserfs-kmp-64kb-5.14.21-150400.24.219.1 * dtb-hisilicon-5.14.21-150400.24.219.1 * dtb-exynos-5.14.21-150400.24.219.1 * dtb-cavium-5.14.21-150400.24.219.1 * dlm-kmp-64kb-5.14.21-150400.24.219.1 * kernel-64kb-devel-5.14.21-150400.24.219.1 * dtb-amlogic-5.14.21-150400.24.219.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.219.1 * kernel-64kb-optional-debuginfo-5.14.21-150400.24.219.1 * dtb-apm-5.14.21-150400.24.219.1 * dtb-sprd-5.14.21-150400.24.219.1 * dtb-qcom-5.14.21-150400.24.219.1 * dlm-kmp-64kb-debuginfo-5.14.21-150400.24.219.1 * dtb-freescale-5.14.21-150400.24.219.1 * ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.219.1 * dtb-marvell-5.14.21-150400.24.219.1 * dtb-nvidia-5.14.21-150400.24.219.1 * dtb-apple-5.14.21-150400.24.219.1 * dtb-allwinner-5.14.21-150400.24.219.1 * kselftests-kmp-64kb-5.14.21-150400.24.219.1 * dtb-amd-5.14.21-150400.24.219.1 * dtb-socionext-5.14.21-150400.24.219.1 * gfs2-kmp-64kb-5.14.21-150400.24.219.1 * kernel-64kb-optional-5.14.21-150400.24.219.1 * dtb-mediatek-5.14.21-150400.24.219.1 * dtb-rockchip-5.14.21-150400.24.219.1 * cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.219.1 * kernel-64kb-debugsource-5.14.21-150400.24.219.1 * kernel-64kb-debuginfo-5.14.21-150400.24.219.1 * kernel-64kb-extra-debuginfo-5.14.21-150400.24.219.1 * dtb-renesas-5.14.21-150400.24.219.1 * kernel-64kb-extra-5.14.21-150400.24.219.1 * dtb-amazon-5.14.21-150400.24.219.1 * kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.219.1 * cluster-md-kmp-64kb-5.14.21-150400.24.219.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.219.1 * dtb-arm-5.14.21-150400.24.219.1 * gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.219.1 * openSUSE Leap 15.4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.219.1.150400.24.110.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.219.1 * kernel-default-debuginfo-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * kernel-macros-5.14.21-150400.24.219.1 * kernel-source-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.219.1.150400.24.110.2 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.219.1 * kernel-default-debuginfo-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * kernel-macros-5.14.21-150400.24.219.1 * kernel-source-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.219.1.150400.24.110.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.219.1 * kernel-default-debuginfo-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * kernel-macros-5.14.21-150400.24.219.1 * kernel-source-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.219.1.150400.24.110.2 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.219.1 * kernel-default-debuginfo-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * kernel-macros-5.14.21-150400.24.219.1 * kernel-source-5.14.21-150400.24.219.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.219.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.219.1 * ocfs2-kmp-default-5.14.21-150400.24.219.1 * cluster-md-kmp-default-5.14.21-150400.24.219.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.219.1 * gfs2-kmp-default-5.14.21-150400.24.219.1 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.219.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.219.1 * kernel-default-debuginfo-5.14.21-150400.24.219.1 * dlm-kmp-default-5.14.21-150400.24.219.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc) * kernel-default-5.14.21-150400.24.219.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.219.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) * kernel-64kb-devel-debuginfo-5.14.21-150400.24.219.1 * kernel-64kb-devel-5.14.21-150400.24.219.1 * kernel-64kb-debugsource-5.14.21-150400.24.219.1 * kernel-64kb-debuginfo-5.14.21-150400.24.219.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.219.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kernel-default-debugsource-5.14.21-150400.24.219.1 * kernel-default-devel-5.14.21-150400.24.219.1 * kernel-obs-build-debugsource-5.14.21-150400.24.219.1 * kernel-default-base-5.14.21-150400.24.219.1.150400.24.110.2 * kernel-default-devel-debuginfo-5.14.21-150400.24.219.1 * kernel-default-debuginfo-5.14.21-150400.24.219.1 * reiserfs-kmp-default-5.14.21-150400.24.219.1 * kernel-obs-build-5.14.21-150400.24.219.1 * kernel-syms-5.14.21-150400.24.219.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.219.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * kernel-macros-5.14.21-150400.24.219.1 * kernel-devel-5.14.21-150400.24.219.1 * kernel-source-5.14.21-150400.24.219.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.219.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.219.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * kernel-64kb-devel-debuginfo-5.14.21-150400.24.219.1 * kernel-64kb-devel-5.14.21-150400.24.219.1 * kernel-64kb-debugsource-5.14.21-150400.24.219.1 * kernel-64kb-debuginfo-5.14.21-150400.24.219.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.219.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kernel-default-debugsource-5.14.21-150400.24.219.1 * kernel-default-devel-5.14.21-150400.24.219.1 * kernel-obs-build-debugsource-5.14.21-150400.24.219.1 * kernel-default-base-5.14.21-150400.24.219.1.150400.24.110.2 * kernel-default-devel-debuginfo-5.14.21-150400.24.219.1 * kernel-default-debuginfo-5.14.21-150400.24.219.1 * reiserfs-kmp-default-5.14.21-150400.24.219.1 * kernel-obs-build-5.14.21-150400.24.219.1 * kernel-syms-5.14.21-150400.24.219.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.219.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * kernel-macros-5.14.21-150400.24.219.1 * kernel-devel-5.14.21-150400.24.219.1 * kernel-source-5.14.21-150400.24.219.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64) * kernel-64kb-devel-debuginfo-5.14.21-150400.24.219.1 * kernel-64kb-devel-5.14.21-150400.24.219.1 * kernel-64kb-debugsource-5.14.21-150400.24.219.1 * kernel-64kb-debuginfo-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.219.1.150400.24.110.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.219.1 * kernel-default-devel-5.14.21-150400.24.219.1 * kernel-obs-build-debugsource-5.14.21-150400.24.219.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.219.1 * kernel-default-debuginfo-5.14.21-150400.24.219.1 * reiserfs-kmp-default-5.14.21-150400.24.219.1 * kernel-obs-build-5.14.21-150400.24.219.1 * kernel-syms-5.14.21-150400.24.219.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * kernel-macros-5.14.21-150400.24.219.1 * kernel-devel-5.14.21-150400.24.219.1 * kernel-source-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch nosrc) * kernel-docs-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150400.24.219.1 * kernel-zfcpdump-debugsource-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le x86_64) * kernel-default-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kernel-default-debugsource-5.14.21-150400.24.219.1 * kernel-default-devel-5.14.21-150400.24.219.1 * kernel-obs-build-debugsource-5.14.21-150400.24.219.1 * kernel-default-base-5.14.21-150400.24.219.1.150400.24.110.2 * kernel-default-devel-debuginfo-5.14.21-150400.24.219.1 * kernel-default-debuginfo-5.14.21-150400.24.219.1 * reiserfs-kmp-default-5.14.21-150400.24.219.1 * kernel-obs-build-5.14.21-150400.24.219.1 * kernel-syms-5.14.21-150400.24.219.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * kernel-macros-5.14.21-150400.24.219.1 * kernel-devel-5.14.21-150400.24.219.1 * kernel-source-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Live Patching 15-SP4 (nosrc) * kernel-default-5.14.21-150400.24.219.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-5.14.21-150400.24.219.1 * kernel-default-debugsource-5.14.21-150400.24.219.1 * kernel-default-livepatch-5.14.21-150400.24.219.1 * kernel-livepatch-5_14_21-150400_24_219-default-debuginfo-1-150400.9.5.1 * kernel-livepatch-SLE15-SP4_Update_54-debugsource-1-150400.9.5.1 * kernel-default-debuginfo-5.14.21-150400.24.219.1 * kernel-livepatch-5_14_21-150400_24_219-default-1-150400.9.5.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47103.html * https://www.suse.com/security/cve/CVE-2023-20585.html * https://www.suse.com/security/cve/CVE-2026-23209.html * https://www.suse.com/security/cve/CVE-2026-23239.html * https://www.suse.com/security/cve/CVE-2026-23240.html * https://www.suse.com/security/cve/CVE-2026-23268.html * https://www.suse.com/security/cve/CVE-2026-23269.html * https://www.suse.com/security/cve/CVE-2026-23271.html * https://www.suse.com/security/cve/CVE-2026-23273.html * https://www.suse.com/security/cve/CVE-2026-23351.html * https://www.suse.com/security/cve/CVE-2026-23393.html * https://www.suse.com/security/cve/CVE-2026-23403.html * https://www.suse.com/security/cve/CVE-2026-23404.html * https://www.suse.com/security/cve/CVE-2026-23405.html * https://www.suse.com/security/cve/CVE-2026-23406.html * https://www.suse.com/security/cve/CVE-2026-23407.html * https://www.suse.com/security/cve/CVE-2026-23408.html * https://www.suse.com/security/cve/CVE-2026-23409.html * https://www.suse.com/security/cve/CVE-2026-23410.html * https://www.suse.com/security/cve/CVE-2026-23411.html * https://www.suse.com/security/cve/CVE-2026-23449.html * https://www.suse.com/security/cve/CVE-2026-23458.html * https://www.suse.com/security/cve/CVE-2026-23462.html * https://www.suse.com/security/cve/CVE-2026-31402.html * https://www.suse.com/security/cve/CVE-2026-31403.html * https://www.suse.com/security/cve/CVE-2026-31408.html * https://www.suse.com/security/cve/CVE-2026-31436.html * https://www.suse.com/security/cve/CVE-2026-31504.html * https://www.suse.com/security/cve/CVE-2026-31507.html * https://www.suse.com/security/cve/CVE-2026-31512.html * https://www.suse.com/security/cve/CVE-2026-31533.html * https://www.suse.com/security/cve/CVE-2026-31570.html * https://www.suse.com/security/cve/CVE-2026-31586.html * https://www.suse.com/security/cve/CVE-2026-31588.html * https://www.suse.com/security/cve/CVE-2026-31602.html * https://www.suse.com/security/cve/CVE-2026-31607.html * https://www.suse.com/security/cve/CVE-2026-31649.html * https://www.suse.com/security/cve/CVE-2026-31656.html * https://www.suse.com/security/cve/CVE-2026-31662.html * https://www.suse.com/security/cve/CVE-2026-31669.html * https://www.suse.com/security/cve/CVE-2026-31685.html * https://www.suse.com/security/cve/CVE-2026-31694.html * https://www.suse.com/security/cve/CVE-2026-31700.html * https://www.suse.com/security/cve/CVE-2026-31738.html * https://www.suse.com/security/cve/CVE-2026-31787.html * https://www.suse.com/security/cve/CVE-2026-43025.html * https://www.suse.com/security/cve/CVE-2026-43027.html * https://www.suse.com/security/cve/CVE-2026-43050.html * https://www.suse.com/security/cve/CVE-2026-43110.html * https://www.suse.com/security/cve/CVE-2026-43126.html * https://www.suse.com/security/cve/CVE-2026-43190.html * https://www.suse.com/security/cve/CVE-2026-43214.html * https://www.suse.com/security/cve/CVE-2026-43329.html * https://www.suse.com/security/cve/CVE-2026-43334.html * https://www.suse.com/security/cve/CVE-2026-43365.html * https://www.suse.com/security/cve/CVE-2026-43437.html * https://www.suse.com/security/cve/CVE-2026-43494.html * https://www.suse.com/security/cve/CVE-2026-43500.html * https://www.suse.com/security/cve/CVE-2026-43503.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1221010 * https://bugzilla.suse.com/show_bug.cgi?id=1243603 * https://bugzilla.suse.com/show_bug.cgi?id=1258248 * https://bugzilla.suse.com/show_bug.cgi?id=1258518 * https://bugzilla.suse.com/show_bug.cgi?id=1258718 * https://bugzilla.suse.com/show_bug.cgi?id=1258849 * https://bugzilla.suse.com/show_bug.cgi?id=1258850 * https://bugzilla.suse.com/show_bug.cgi?id=1258854 * https://bugzilla.suse.com/show_bug.cgi?id=1258855 * https://bugzilla.suse.com/show_bug.cgi?id=1258856 * https://bugzilla.suse.com/show_bug.cgi?id=1258857 * https://bugzilla.suse.com/show_bug.cgi?id=1259484 * https://bugzilla.suse.com/show_bug.cgi?id=1259485 * https://bugzilla.suse.com/show_bug.cgi?id=1259857 * https://bugzilla.suse.com/show_bug.cgi?id=1260010 * https://bugzilla.suse.com/show_bug.cgi?id=1260018 * https://bugzilla.suse.com/show_bug.cgi?id=1260522 * https://bugzilla.suse.com/show_bug.cgi?id=1260526 * https://bugzilla.suse.com/show_bug.cgi?id=1260983 * https://bugzilla.suse.com/show_bug.cgi?id=1261287 * https://bugzilla.suse.com/show_bug.cgi?id=1261295 * https://bugzilla.suse.com/show_bug.cgi?id=1261638 * https://bugzilla.suse.com/show_bug.cgi?id=1261710 * https://bugzilla.suse.com/show_bug.cgi?id=1261779 * https://bugzilla.suse.com/show_bug.cgi?id=1261781 * https://bugzilla.suse.com/show_bug.cgi?id=1261796 * https://bugzilla.suse.com/show_bug.cgi?id=1261797 * https://bugzilla.suse.com/show_bug.cgi?id=1262179 * https://bugzilla.suse.com/show_bug.cgi?id=1262181 * https://bugzilla.suse.com/show_bug.cgi?id=1262602 * https://bugzilla.suse.com/show_bug.cgi?id=1262734 * https://bugzilla.suse.com/show_bug.cgi?id=1262758 * https://bugzilla.suse.com/show_bug.cgi?id=1263065 * https://bugzilla.suse.com/show_bug.cgi?id=1263085 * https://bugzilla.suse.com/show_bug.cgi?id=1263095 * https://bugzilla.suse.com/show_bug.cgi?id=1263131 * https://bugzilla.suse.com/show_bug.cgi?id=1263141 * https://bugzilla.suse.com/show_bug.cgi?id=1263165 * https://bugzilla.suse.com/show_bug.cgi?id=1263170 * https://bugzilla.suse.com/show_bug.cgi?id=1263176 * https://bugzilla.suse.com/show_bug.cgi?id=1263582 * https://bugzilla.suse.com/show_bug.cgi?id=1263600 * https://bugzilla.suse.com/show_bug.cgi?id=1263668 * https://bugzilla.suse.com/show_bug.cgi?id=1263723 * https://bugzilla.suse.com/show_bug.cgi?id=1263882 * https://bugzilla.suse.com/show_bug.cgi?id=1263901 * https://bugzilla.suse.com/show_bug.cgi?id=1263931 * https://bugzilla.suse.com/show_bug.cgi?id=1263933 * https://bugzilla.suse.com/show_bug.cgi?id=1264059 * https://bugzilla.suse.com/show_bug.cgi?id=1264082 * https://bugzilla.suse.com/show_bug.cgi?id=1264450 * https://bugzilla.suse.com/show_bug.cgi?id=1264482 * https://bugzilla.suse.com/show_bug.cgi?id=1264634 * https://bugzilla.suse.com/show_bug.cgi?id=1264651 * https://bugzilla.suse.com/show_bug.cgi?id=1264848 * https://bugzilla.suse.com/show_bug.cgi?id=1265085 * https://bugzilla.suse.com/show_bug.cgi?id=1265090 * https://bugzilla.suse.com/show_bug.cgi?id=1265119 * https://bugzilla.suse.com/show_bug.cgi?id=1265126 * https://bugzilla.suse.com/show_bug.cgi?id=1265308 * https://bugzilla.suse.com/show_bug.cgi?id=1265456 * https://bugzilla.suse.com/show_bug.cgi?id=1265626 * https://bugzilla.suse.com/show_bug.cgi?id=1265960 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 20:30:21 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 20:30:21 -0000 Subject: SUSE-SU-2026:21861-1: important: Security update for python-Pillow Message-ID: <178034582195.1034.9685254277615515599@cf67f1158b88> # Security update for python-Pillow Announcement ID: SUSE-SU-2026:21861-1 Release Date: 2026-05-28T16:02:39Z Rating: important References: * bsc#1265153 * bsc#1265154 * bsc#1265359 Cross-References: * CVE-2026-42308 * CVE-2026-42309 * CVE-2026-42310 CVSS scores: * CVE-2026-42308 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-42308 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42308 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-42308 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42309 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-42309 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-42309 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-42309 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42310 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42310 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-42310 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves three vulnerabilities can now be installed. ## Description: This update for python-Pillow fixes the following issues * CVE-2026-42308: integer overflow in font processing can lead to denial of service (bsc#1265359). * CVE-2026-42309: heap buffer overflow when processing nested list coordinates (bsc#1265153). * CVE-2026-42310: infinite loop and resource exhaustion when processing specially crafted PDFs (bsc#1265154). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-820=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-820=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * python-Pillow-debuginfo-11.3.0-160000.5.1 * python313-Pillow-tk-debuginfo-11.3.0-160000.5.1 * python313-Pillow-debuginfo-11.3.0-160000.5.1 * python313-Pillow-11.3.0-160000.5.1 * python-Pillow-debugsource-11.3.0-160000.5.1 * python313-Pillow-tk-11.3.0-160000.5.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * python-Pillow-debuginfo-11.3.0-160000.5.1 * python313-Pillow-tk-debuginfo-11.3.0-160000.5.1 * python313-Pillow-debuginfo-11.3.0-160000.5.1 * python313-Pillow-11.3.0-160000.5.1 * python-Pillow-debugsource-11.3.0-160000.5.1 * python313-Pillow-tk-11.3.0-160000.5.1 ## References: * https://www.suse.com/security/cve/CVE-2026-42308.html * https://www.suse.com/security/cve/CVE-2026-42309.html * https://www.suse.com/security/cve/CVE-2026-42310.html * https://bugzilla.suse.com/show_bug.cgi?id=1265153 * https://bugzilla.suse.com/show_bug.cgi?id=1265154 * https://bugzilla.suse.com/show_bug.cgi?id=1265359 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 20:36:27 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 20:36:27 -0000 Subject: SUSE-SU-2026:21860-1: important: Security update for the Linux Kernel Message-ID: <178034618718.1034.2183079805708548623@cf67f1158b88> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:21860-1 Release Date: 2026-05-28T12:58:58Z Rating: important References: * bsc#1215199 * bsc#1234634 * bsc#1241259 * bsc#1243603 * bsc#1248754 * bsc#1249104 * bsc#1250951 * bsc#1253471 * bsc#1254518 * bsc#1255160 * bsc#1255360 * bsc#1255459 * bsc#1255752 * bsc#1256288 * bsc#1256865 * bsc#1256867 * bsc#1258518 * bsc#1258718 * bsc#1258826 * bsc#1258849 * bsc#1258850 * bsc#1258854 * bsc#1258855 * bsc#1258856 * bsc#1258857 * bsc#1258933 * bsc#1258961 * bsc#1259186 * bsc#1259199 * bsc#1259222 * bsc#1259420 * bsc#1259461 * bsc#1259535 * bsc#1259672 * bsc#1259799 * bsc#1259806 * bsc#1259857 * bsc#1259865 * bsc#1259868 * bsc#1259869 * bsc#1259871 * bsc#1259873 * bsc#1259878 * bsc#1259889 * bsc#1259994 * bsc#1260010 * bsc#1260012 * bsc#1260018 * bsc#1260428 * bsc#1260468 * bsc#1260483 * bsc#1260484 * bsc#1260485 * bsc#1260489 * bsc#1260504 * bsc#1260505 * bsc#1260507 * bsc#1260514 * bsc#1260523 * bsc#1260526 * bsc#1260528 * bsc#1260529 * bsc#1260530 * bsc#1260531 * bsc#1260532 * bsc#1260533 * bsc#1260536 * bsc#1260537 * bsc#1260538 * bsc#1260541 * bsc#1260546 * bsc#1260549 * bsc#1260551 * bsc#1260552 * bsc#1260555 * bsc#1260561 * bsc#1260562 * bsc#1260566 * bsc#1260571 * bsc#1260572 * bsc#1260573 * bsc#1260576 * bsc#1260580 * bsc#1260581 * bsc#1260593 * bsc#1260613 * bsc#1260728 * bsc#1260729 * bsc#1260731 * bsc#1260798 * bsc#1260800 * bsc#1260801 * bsc#1260807 * bsc#1260811 * bsc#1260996 * bsc#1261020 * bsc#1261149 * bsc#1261287 * bsc#1261288 * bsc#1261295 * bsc#1261348 * bsc#1261410 * bsc#1261503 * bsc#1261504 * bsc#1261505 * bsc#1261550 * bsc#1261555 * bsc#1261581 * bsc#1261582 * bsc#1261584 * bsc#1261585 * bsc#1261592 * bsc#1261601 * bsc#1261602 * bsc#1261617 * bsc#1261618 * bsc#1261629 * bsc#1261632 * bsc#1261635 * bsc#1261636 * bsc#1261637 * bsc#1261638 * bsc#1261641 * bsc#1261644 * bsc#1261645 * bsc#1261648 * bsc#1261679 * bsc#1261685 * bsc#1261686 * bsc#1261687 * bsc#1261692 * bsc#1261694 * bsc#1261700 * bsc#1261702 * bsc#1261703 * bsc#1261707 * bsc#1261710 * bsc#1261713 * bsc#1261714 * bsc#1261719 * bsc#1261738 * bsc#1261750 * bsc#1261751 * bsc#1261752 * bsc#1261768 * bsc#1261778 * bsc#1261779 * bsc#1261780 * bsc#1261781 * bsc#1261786 * bsc#1261788 * bsc#1261789 * bsc#1261796 * bsc#1261797 * bsc#1261896 * bsc#1262019 * bsc#1262053 * bsc#1262054 * bsc#1262055 * bsc#1262061 * bsc#1262063 * bsc#1262074 * bsc#1262078 * bsc#1262086 * bsc#1262087 * bsc#1262099 * bsc#1262100 * bsc#1262101 * bsc#1262179 * bsc#1262181 * bsc#1262245 * bsc#1262250 * bsc#1262480 * bsc#1262601 * bsc#1262616 * bsc#1262617 * bsc#1262627 * bsc#1262662 * bsc#1262665 * bsc#1262671 * bsc#1262673 * bsc#1262709 * bsc#1262725 * bsc#1262731 * bsc#1262750 * bsc#1262752 * bsc#1262758 * bsc#1263001 * bsc#1263012 * bsc#1263018 * bsc#1263044 * bsc#1263048 * bsc#1263052 * bsc#1263064 * bsc#1263074 * bsc#1263077 * bsc#1263085 * bsc#1263093 * bsc#1263095 * bsc#1263104 * bsc#1263107 * bsc#1263131 * bsc#1263135 * bsc#1263138 * bsc#1263140 * bsc#1263141 * bsc#1263165 * bsc#1263176 * bsc#1263255 * bsc#1263556 * bsc#1263562 * bsc#1263582 * bsc#1263592 * bsc#1263593 * bsc#1263595 * bsc#1263596 * bsc#1263604 * bsc#1263668 * bsc#1263815 * bsc#1263882 * bsc#1263901 * bsc#1263931 * bsc#1263933 * bsc#1263942 * bsc#1263995 * bsc#1264014 * bsc#1264059 * bsc#1264082 * bsc#1264097 * bsc#1264183 * bsc#1264233 * bsc#1264427 * bsc#1264469 * bsc#1264586 * bsc#1264674 * bsc#1264837 * bsc#1264848 * bsc#1265085 * bsc#1265116 * bsc#1265119 * bsc#1265144 * bsc#1265308 * bsc#1265421 * bsc#1265449 * bsc#1265456 * bsc#1265626 * bsc#1265846 * bsc#1265960 * jsc#PED-13771 * jsc#PED-14156 * jsc#PED-14238 * jsc#PED-16113 * jsc#PED-7912 Cross-References: * CVE-2023-2058 * CVE-2024-14027 * CVE-2025-40181 * CVE-2025-40219 * CVE-2025-68265 * CVE-2025-68310 * CVE-2025-71238 * CVE-2025-71268 * CVE-2025-71269 * CVE-2025-71302 * CVE-2026-23168 * CVE-2026-23209 * CVE-2026-23236 * CVE-2026-23237 * CVE-2026-23245 * CVE-2026-23246 * CVE-2026-23253 * CVE-2026-23260 * CVE-2026-23261 * CVE-2026-23264 * CVE-2026-23266 * CVE-2026-23268 * CVE-2026-23269 * CVE-2026-23271 * CVE-2026-23273 * CVE-2026-23276 * CVE-2026-23279 * CVE-2026-23290 * CVE-2026-23291 * CVE-2026-23298 * CVE-2026-23300 * CVE-2026-23307 * CVE-2026-23312 * CVE-2026-23313 * CVE-2026-23315 * CVE-2026-23316 * CVE-2026-23317 * CVE-2026-23318 * CVE-2026-23321 * CVE-2026-23324 * CVE-2026-23325 * CVE-2026-23334 * CVE-2026-23336 * CVE-2026-23339 * CVE-2026-23340 * CVE-2026-23346 * CVE-2026-23347 * CVE-2026-23351 * CVE-2026-23354 * CVE-2026-23357 * CVE-2026-23360 * CVE-2026-23362 * CVE-2026-23363 * CVE-2026-23365 * CVE-2026-23367 * CVE-2026-23368 * CVE-2026-23369 * CVE-2026-23370 * CVE-2026-23372 * CVE-2026-23373 * CVE-2026-23374 * CVE-2026-23375 * CVE-2026-23378 * CVE-2026-23382 * CVE-2026-23387 * CVE-2026-23391 * CVE-2026-23392 * CVE-2026-23395 * CVE-2026-23396 * CVE-2026-23397 * CVE-2026-23399 * CVE-2026-23401 * CVE-2026-23403 * CVE-2026-23404 * CVE-2026-23405 * CVE-2026-23406 * CVE-2026-23407 * CVE-2026-23408 * CVE-2026-23409 * CVE-2026-23410 * CVE-2026-23411 * CVE-2026-23417 * CVE-2026-23418 * CVE-2026-23420 * CVE-2026-23426 * CVE-2026-23434 * CVE-2026-23436 * CVE-2026-23437 * CVE-2026-23440 * CVE-2026-23441 * CVE-2026-23442 * CVE-2026-23443 * CVE-2026-23445 * CVE-2026-23446 * CVE-2026-23447 * CVE-2026-23448 * CVE-2026-23449 * CVE-2026-23450 * CVE-2026-23452 * CVE-2026-23454 * CVE-2026-23455 * CVE-2026-23456 * CVE-2026-23457 * CVE-2026-23458 * CVE-2026-23460 * CVE-2026-23461 * CVE-2026-23462 * CVE-2026-23463 * CVE-2026-23464 * CVE-2026-23465 * CVE-2026-23466 * CVE-2026-23468 * CVE-2026-23470 * CVE-2026-23472 * CVE-2026-23473 * CVE-2026-23474 * CVE-2026-23475 * CVE-2026-31389 * CVE-2026-31392 * CVE-2026-31393 * CVE-2026-31394 * CVE-2026-31395 * CVE-2026-31400 * CVE-2026-31402 * CVE-2026-31403 * CVE-2026-31405 * CVE-2026-31406 * CVE-2026-31407 * CVE-2026-31408 * CVE-2026-31411 * CVE-2026-31412 * CVE-2026-31415 * CVE-2026-31416 * CVE-2026-31417 * CVE-2026-31420 * CVE-2026-31421 * CVE-2026-31422 * CVE-2026-31423 * CVE-2026-31424 * CVE-2026-31425 * CVE-2026-31426 * CVE-2026-31427 * CVE-2026-31428 * CVE-2026-31435 * CVE-2026-31449 * CVE-2026-31453 * CVE-2026-31456 * CVE-2026-31470 * CVE-2026-31494 * CVE-2026-31496 * CVE-2026-31503 * CVE-2026-31504 * CVE-2026-31505 * CVE-2026-31507 * CVE-2026-31515 * CVE-2026-31519 * CVE-2026-31525 * CVE-2026-31526 * CVE-2026-31528 * CVE-2026-31533 * CVE-2026-31547 * CVE-2026-31550 * CVE-2026-31554 * CVE-2026-31565 * CVE-2026-31579 * CVE-2026-31586 * CVE-2026-31588 * CVE-2026-31644 * CVE-2026-31649 * CVE-2026-31658 * CVE-2026-31662 * CVE-2026-31666 * CVE-2026-31668 * CVE-2026-31669 * CVE-2026-31675 * CVE-2026-31678 * CVE-2026-31679 * CVE-2026-31681 * CVE-2026-31682 * CVE-2026-31684 * CVE-2026-31685 * CVE-2026-31691 * CVE-2026-31694 * CVE-2026-31700 * CVE-2026-31738 * CVE-2026-31787 * CVE-2026-43009 * CVE-2026-43025 * CVE-2026-43027 * CVE-2026-43037 * CVE-2026-43038 * CVE-2026-43045 * CVE-2026-43050 * CVE-2026-43060 * CVE-2026-43082 * CVE-2026-43088 * CVE-2026-43153 * CVE-2026-43190 * CVE-2026-43265 * CVE-2026-43329 * CVE-2026-43365 * CVE-2026-43366 * CVE-2026-43441 * CVE-2026-43494 * CVE-2026-43503 * CVE-2026-46333 CVSS scores: * CVE-2023-2058 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2023-2058 ( NVD ): 2.4 CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N * CVE-2024-14027 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-14027 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40181 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40181 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40219 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40219 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-68265 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68265 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-68310 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68310 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-71238 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-71238 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-71238 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71268 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-71268 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71268 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71269 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-71269 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71269 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-71302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23168 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23168 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23168 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23209 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23209 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23236 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23236 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23236 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23236 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2026-23237 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23237 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23245 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23245 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23245 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23246 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23253 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23253 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23260 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23260 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23260 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23261 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23261 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23264 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23264 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23266 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23266 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23266 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23268 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23268 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23269 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23269 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23269 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23271 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23271 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23273 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23276 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23276 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23279 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23279 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23279 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23290 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23290 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23290 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23291 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23291 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23298 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23298 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23298 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23300 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23300 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23300 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23307 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23312 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23312 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23312 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23313 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23315 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23315 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23316 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23316 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23318 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23318 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23321 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23321 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23321 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23324 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23324 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23324 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23325 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23325 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23334 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23334 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23336 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23336 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23339 ( SUSE ): 2.3 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23339 ( SUSE ): 3.1 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23339 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23340 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23340 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23340 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23346 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23346 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23346 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23347 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23347 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23354 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23354 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-23354 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23357 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23357 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23357 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23360 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23360 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23360 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23362 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23363 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23365 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23365 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23365 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23367 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-23367 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-23367 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23368 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23368 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23368 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23369 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23369 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23369 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23370 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23370 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23372 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23372 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23373 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23373 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23374 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23374 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23374 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23375 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23375 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23378 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23378 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23378 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23378 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23382 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23382 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23382 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23387 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23387 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23387 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23391 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23391 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23392 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23395 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23395 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23395 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23395 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23396 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23396 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23396 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23397 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23397 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23397 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23399 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23399 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23399 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23401 ( SUSE ): 8.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2026-23401 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2026-23401 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23403 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23403 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23404 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23406 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23406 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23407 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23407 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23407 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23408 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23409 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23409 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23410 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23410 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23411 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23417 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23417 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23417 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23418 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23418 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23418 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23420 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23426 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23426 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23426 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23434 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23434 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23434 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23434 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23436 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23436 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23436 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23440 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23440 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23440 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23440 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23441 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23441 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23442 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23442 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23442 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23443 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23443 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23443 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23445 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23445 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23445 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23445 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23446 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23446 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23446 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23447 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23447 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23448 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23448 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23448 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23450 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23452 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23452 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23452 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23454 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23454 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23454 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23455 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23455 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23455 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23456 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23456 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-23456 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23457 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23457 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23457 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23458 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23458 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23458 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23460 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23460 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23460 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23461 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23461 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23461 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23462 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23463 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23463 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2026-23463 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23464 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23464 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23464 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23465 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2026-23465 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2026-23465 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23466 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23466 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23466 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23468 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23470 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23470 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23472 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23472 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23472 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23473 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23473 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23474 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23474 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23474 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23475 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23475 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23475 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31389 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31389 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31389 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31392 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31392 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L * CVE-2026-31392 ( NVD ): 8.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L * CVE-2026-31393 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31393 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31393 ( NVD ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31394 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31394 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31394 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31395 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31395 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31395 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31400 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31400 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31400 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31402 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31402 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-31402 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31403 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31405 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31405 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31407 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31407 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31407 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31408 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31408 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31408 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31411 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31411 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31411 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31412 ( SUSE ): 7.0 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31412 ( SUSE ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31412 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31415 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31415 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31415 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31416 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31416 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-31416 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31417 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31417 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31417 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31420 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31421 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31421 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31421 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31422 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31422 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31422 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31423 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31423 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31423 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31424 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31424 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31424 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31425 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31425 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31426 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31426 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-31426 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31427 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-31427 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2026-31427 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31428 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31428 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31428 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31435 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31435 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31435 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-31449 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-31453 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31453 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31453 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31456 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31456 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31456 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31470 ( SUSE ): 6.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31470 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31470 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31494 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-31494 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2026-31494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31496 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31496 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31496 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31503 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31503 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-31503 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31504 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31504 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31504 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31505 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31507 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31515 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31515 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31515 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31519 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31519 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31525 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31525 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31525 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31526 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31526 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31526 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31528 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31528 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31528 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31533 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31547 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31547 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31547 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31550 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31550 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31550 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31554 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31554 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31554 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31565 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31565 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31565 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31579 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31579 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31579 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31586 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31586 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31588 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-31644 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31644 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31644 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31649 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31658 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31658 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31658 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31662 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31662 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31662 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31666 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-31666 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2026-31666 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31668 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-31668 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2026-31668 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31669 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31675 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31675 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2026-31675 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31678 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31678 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31678 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31679 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31679 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31679 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31681 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31681 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31681 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31682 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31682 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31682 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31684 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31684 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-31684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31685 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31685 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31685 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31691 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31691 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31691 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31694 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31694 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31694 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31700 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31738 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43009 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-43027 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43027 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43038 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43038 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43045 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43045 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43050 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43050 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43060 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43060 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43082 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43082 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43088 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-43088 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-43153 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43153 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43153 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43190 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43190 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43190 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43265 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43265 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43265 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43329 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43329 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43329 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43365 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43365 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43365 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43366 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43366 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43366 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43441 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43441 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43494 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43494 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43503 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43503 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43503 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves 206 vulnerabilities, contains five features and has 42 fixes can now be installed. ## Description: The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2023-2058: x86/CPU: Fix FPDSS on Zen1 (bsc#1243603). * CVE-2024-14027: xattr: switch to CLASS(fd) (bsc#1259420). * CVE-2025-40181: x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP (bsc#1253471). * CVE-2025-68265: nvme: fix admin request_queue lifetime (bsc#1255360). * CVE-2025-68310: s390/pci: Avoid deadlock between PCI error recovery and mlx5 crdump (bsc#1255160). * CVE-2025-71302: drm/panthor: fix for dma-fence safe access rules (bsc#1264837). * CVE-2026-23168: flex_proportions: make fprop_new_period() hardirq safe (bsc#1258826). * CVE-2026-23245: net/sched: act_gate: snapshot parameters with RCU on replace (bsc#1259799). * CVE-2026-23271: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race (bsc#1260018). * CVE-2026-23276: net: add xmit recursion limit to tunnel xmit functions (bsc#1260012). * CVE-2026-23300: net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop (bsc#1260538). * CVE-2026-23313: i40e: Fix preempt count leak in napi poll tracepoint (bsc#1260555). * CVE-2026-23316: net: ipv4: fix ARM64 alignment fault in multipath hash seed (bsc#1260573). * CVE-2026-23321: mptcp: pm: in-kernel: always mark signal+subflow endp as used (bsc#1260505). * CVE-2026-23340: net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs (bsc#1260523). * CVE-2026-23346: arm64: io: Rename ioremap_prot() to __ioremap_prot() (bsc#1260529). * CVE-2026-23351: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase (bsc#1260526). * CVE-2026-23354: x86/fred: Correct speculative safety in fred_extint() (bsc#1260801). * CVE-2026-23368: net: phy: register phy led_triggers during probe to avoid AB-BA deadlock (bsc#1260530). * CVE-2026-23374: blktrace: fix __this_cpu_read/write in preemptible context (bsc#1260811). * CVE-2026-23375: mm: thp: deny THP for files on anonymous inodes (bsc#1260576). * CVE-2026-23378: net/sched: act_ife: Fix metalist update behavior (bsc#1260546). * CVE-2026-23391: netfilter: xt_CT: drop pending enqueued packets on template removal (bsc#1260566). * CVE-2026-23392: netfilter: nf_tables: release flowtable after rcu grace period on error (bsc#1260531). * CVE-2026-23397: nfnetlink_osf: validate individual option lengths in fingerprints (bsc#1260728). * CVE-2026-23399: nf_tables: nft_dynset: fix possible stateful expression memleak in error path (bsc#1261020). * CVE-2026-23417: bpf: Fix constant blinding for PROBE_MEM32 stores (bsc#1261410). * CVE-2026-23436: net: add helpers for lookup and walking netdevs under netdev_lock() (bsc#1261617). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261635). * CVE-2026-23440: net/mlx5e: Fix race condition during IPSec ESN update (bsc#1261641). * CVE-2026-23441: net/mlx5e: Prevent concurrent access to IPSec ASO context (bsc#1261768). * CVE-2026-23442: ipv6: add NULL checks for idev in SRv6 paths (bsc#1261581). * CVE-2026-23445: igc: fix page fault in XDP TX timestamps handling (bsc#1261702). * CVE-2026-23449: net/sched: teql: Fix double-free in teql_master_xmit (bsc#1261779). * CVE-2026-23450: net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock() (bsc#1261584). * CVE-2026-23455: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() (bsc#1261687). * CVE-2026-23456: netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case (bsc#1261703). * CVE-2026-23457: netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp() (bsc#1261686). * CVE-2026-23458: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() (bsc#1261781). * CVE-2026-23468: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion (bsc#1261692). * CVE-2026-23472: serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN (bsc#1261636). * CVE-2026-23473: io_uring/poll: fix multishot recv missing EOF on wakeup race (bsc#1261694). * CVE-2026-31392: smb: client: fix krb5 mount with username option (bsc#1261788). * CVE-2026-31395: bnxt_en: fix OOB access in DBG_BUF_PRODUCER async event handler (bsc#1261786). * CVE-2026-31400: sunrpc: fix cache_request leak in cache_release (bsc#1261645). * CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (bsc#1261638). * CVE-2026-31403: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd (bsc#1261796). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261629). * CVE-2026-31407: netfilter: conntrack: add missing netlink policy validations (bsc#1261632). * CVE-2026-31411: net: atm: fix crash due to unvalidated vcc pointer in sigd_send() (bsc#1261752). * CVE-2026-31415: ipv6: avoid overflows in ip6_datagram_send_ctl() (bsc#1262099). * CVE-2026-31416: netfilter: nfnetlink_log: account for netlink header size (bsc#1262100). * CVE-2026-31420: bridge: mrp: reject zero test interval to avoid OOM panic (bsc#1262055). * CVE-2026-31421: net/sched: cls_fw: fix NULL pointer dereference on shared blocks (bsc#1262061). * CVE-2026-31422: net/sched: cls_flow: fix NULL pointer dereference on shared blocks (bsc#1262054). * CVE-2026-31423: net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() (bsc#1262063). * CVE-2026-31424: netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP (bsc#1262053). * CVE-2026-31425: rds: ib: reject FRMR registration before IB connection is established (bsc#1262074). * CVE-2026-31427: netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp (bsc#1262086). * CVE-2026-31428: netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD (bsc#1262087). * CVE-2026-31435: netfs: Fix read abandonment during retry (bsc#1262601). * CVE-2026-31449: ext4: validate p_idx bounds in ext4_ext_correct_indexes (bsc#1262616). * CVE-2026-31453: xfs: avoid dereferencing log items after push callbacks (bsc#1262617). * CVE-2026-31456: mm/pagewalk: fix race between concurrent split and refault (bsc#1262627). * CVE-2026-31494: net: cadence: macb: Synchronize stats calculations (bsc#1262671). * CVE-2026-31496: netfilter: nf_conntrack_expect: skip expectations in other netns via proc (bsc#1262673). * CVE-2026-31503: udp: Fix wildcard bind conflict check when using hash2 (bsc#1263077). * CVE-2026-31504: net: fix fanout UAF in packet_release() via NETDEV_UP race (bsc#1263085). * CVE-2026-31505: iavf: fix out-of-bounds writes in iavf_get_ethtool_stats() (bsc#1263093). * CVE-2026-31507: net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer (bsc#1263095). * CVE-2026-31515: af_key: validate families in pfkey_send_migrate() (bsc#1262752). * CVE-2026-31519: btrfs: set BTRFS_ROOT_ORPHAN_CLEANUP during subvol create (bsc#1263012). * CVE-2026-31525: bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN (bsc#1262725). * CVE-2026-31526: bpf: Fix exception exit lock checking for subprogs (bsc#1262662). * CVE-2026-31528: perf: Make sure to use pmu_ctx->pmu for groups (bsc#1263001). * CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (bsc#1262758). * CVE-2026-31547: drm/xe: Fix missing runtime PM reference in ccs_mode_store (bsc#1263018). * CVE-2026-31550: pmdomain: bcm: bcm2835-power: Increase ASB control timeout (bsc#1263104). * CVE-2026-31554: futex: Require sys_futex_requeue() to have identical flags (bsc#1263107). * CVE-2026-31565: RDMA/irdma: Fix deadlock during netdev reset with active connections (bsc#1263064). * CVE-2026-31579: wireguard: device: use exit_rtnl callback instead of manual rtnl_lock in pre_exit (bsc#1263074). * CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (bsc#1263176). * CVE-2026-31588: KVM: x86: Use scratch field in MMIO fragment to hold small write values (bsc#1263165). * CVE-2026-31644: net: lan966x: fix use-after-free and leak in lan966x_fdma_reload() (bsc#1263048). * CVE-2026-31649: net: stmmac: fix integer underflow in chain mode (bsc#1263582). * CVE-2026-31658: net: altera-tse: fix skb leak on DMA mapping error in tse_start_xmit() (bsc#1263052). * CVE-2026-31662: tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG (bsc#1263131). * CVE-2026-31666: btrfs: fix incorrect return value after changing leaf in lookup_extent_data_ref() (bsc#1263138). * CVE-2026-31668: seg6: separate dst_cache for input and output paths in seg6 lwtunnel (bsc#1263140). * CVE-2026-31669: mptcp: fix slab-use-after-free in __inet_lookup_established (bsc#1263141). * CVE-2026-31675: net/sched: sch_netem: fix out-of-bounds access in packet corruption (bsc#1263556). * CVE-2026-31678: openvswitch: defer tunnel netdev_put to RCU release (bsc#1263562). * CVE-2026-31679: openvswitch: validate MPLS set/set_masked payload length (bsc#1263592). * CVE-2026-31681: netfilter: xt_multiport: validate range encoding in checkentry (bsc#1263593). * CVE-2026-31682: bridge: br_nd_send: linearize skb before parsing ND options (bsc#1263595). * CVE-2026-31684: net: sched: act_csum: validate nested VLAN headers (bsc#1263596). * CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263668). * CVE-2026-31691: igb: remove napi_synchronize() in igb_down() (bsc#1263604). * CVE-2026-31694: fuse: reject oversized dirents in page cache (bsc#1263901). * CVE-2026-31700: net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (bsc#1263882). * CVE-2026-31738: vxlan: validate ND option lengths in vxlan_na_create (bsc#1264059). * CVE-2026-31787: xen/privcmd: fix double free via VMA splitting (bsc#1262181). * CVE-2026-43009: bpf: Fix incorrect pruning due to atomic fetch precision tracking (bsc#1264014). * CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new expectations (bsc#1263931). * CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect cleanup (bsc#1263933). * CVE-2026-43037: ip6_tunnel: clear skb2->cb in ip4ip6_err() (bsc#1263995). * CVE-2026-43038: ipv6: icmp: clear skb2->cb in ip6_err_gen_icmpv6_unreach() (bsc#1264097). * CVE-2026-43045: mshv: Refactor and rename memory region handling functions (bsc#1263942). * CVE-2026-43050: atm: lec: fix use-after-free in sock_def_readable() (bsc#1264082). * CVE-2026-43060: netfilter: nft_ct: drop pending enqueued packets on removal (bsc#1264183). * CVE-2026-43082: net: txgbe: leave space for null terminators on property_entry (bsc#1264233). * CVE-2026-43088: net: af_key: zero aligned sockaddr tail in PF_KEY exports (bsc#1264469). * CVE-2026-43153: xfs: remove xfs_attr_leaf_hasname (bsc#1264586). * CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264848). * CVE-2026-43265: KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block() (bsc#1264427). * CVE-2026-43329: netfilter: flowtable: strictly check for maximum number of actions (bsc#1265085). * CVE-2026-43365: xfs: fix undersized l_iclog_roundoff values (bsc#1265119). * CVE-2026-43366: io_uring/kbuf: check if target buffer list is still legacy on recycle (bsc#1265116). * CVE-2026-43441: net: bonding: Fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1264674). * CVE-2026-43494: net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * CVE-2026-43503: net: skbuff: propagate shared-frag marker through frag- transfer helpers (bsc#1265960). The following non security issues were fixed: * accel/qaic: Add overflow check to remap_pfn_range during mmap (git-fixes). * ACPI: AGDI: fix missing newline in error message (git-fixes). * ACPI: CPPC: Fix related_cpus inconsistency during CPU hotplug (git-fixes). * ACPI: scan: Use acpi_dev_put() in object add error paths (git-fixes). * ACPI: video: Add backlight=native quirk for Dell OptiPlex 7770 AIO (git- fixes). * ACPI: video: force native backlight on HP OMEN 16 (8A44) (stable-fixes). * ACPI: video: Move Lenovo Legion S7 15ACH6 quirk to the right section (git- fixes). * ALSA: 6fire: Fix input volume change detection (git-fixes). * ALSA: 6fire: fix use-after-free on disconnect (git-fixes). * ALSA: aoa: i2sbus: clear stale prepared state (git-fixes). * ALSA: aoa: i2sbus: fix OF node lifetime handling (git-fixes). * ALSA: aoa: Skip devices with no codecs in i2sbus_resume() (git-fixes). * ALSA: aoa: Use guard() for mutex locks (stable-fixes). * ALSA: asihpi: avoid write overflow check warning (stable-fixes). * ALSA: caiaq: Don't abort when no input device is available (git-fixes). * ALSA: caiaq: Fix control_put() result and cache rollback (git-fixes). * ALSA: caiaq: Fix potentially leftover ep1_in_urb at error path (git-fixes). * ALSA: caiaq: fix usb_dev refcount leak on probe failure (git-fixes). * ALSA: caiaq: Handle probe errors properly (git-fixes). * ALSA: caiaq: take a reference on the USB device in create_card() (git- fixes). * ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names() (git-fixes). * ALSA: core: Fix potential data race at fasync handling (git-fixes). * ALSA: core: Serialize deferred fasync state checks (git-fixes). * ALSA: core: Validate compress device numbers without dynamic minors (git- fixes). * ALSA: ctxfi: Add fallback to default RSR for S/PDIF (git-fixes). * ALSA: ctxfi: Fix missing SPDIFI1 index handling (stable-fixes). * ALSA: ctxfi: Limit PTP to a single page (git-fixes). * ALSA: firewire-tascam: Do not drop unread control events (git-fixes). * ALSA: fireworks: bound device-supplied status before string array lookup (git-fixes). * ALSA: hda/hdmi: Add quirk for TUXEDO IBS14G6 (stable-fixes). * ALSA: hda/realtek - fixed speaker no sound update (git-fixes). * ALSA: hda/realtek: Add HP ENVY Laptop 13-ba0xxx quirk (stable-fixes). * ALSA: hda/realtek: Add mute LED quirk for HP Pavilion 15-eg0xxx (stable- fixes). * ALSA: hda/realtek: Add quirk for ASUS ROG Flow Z13-KJP GZ302EAC (stable- fixes). * ALSA: hda/realtek: add quirk for Framework F111:000F (stable-fixes). * ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14IAH10 (stable-fixes). * ALSA: hda/realtek: fix code style (ERROR: else should follow close brace '}') (git-fixes). * ALSA: hda: cs35l41: Put ACPI device on missing physical node (git-fixes). * ALSA: hda: cs35l56: Propagate ASP TX source control errors (git-fixes). * ALSA: hda: cs35l56: Put ACPI device after setting companion (git-fixes). * ALSA: hda: Fix NULL pointer dereference in snd_hda_ctl_add() (git-fixes). * ALSA: misc: Use guard() for spin locks (stable-fixes). * ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger (stable- fixes). * ALSA: pcmtest: fix reference leak on failed device registration (git-fixes). * ALSA: pcmtest: Fix resource leaks in module init error paths (git-fixes). * ALSA: pcmtest: Return -EFAULT on pattern read copy failure (git-fixes). * ALSA: sc6000: Keep the programmed board state in card-private data (git- fixes). * ALSA: scarlett2: Add missing error check when initialise Autogain Status (git-fixes). * ALSA: scarlett2: Add missing sentinel initializer field (git-fixes). * ALSA: seq: Notify client and port info changes (stable-fixes). * ALSA: seq_oss: return full count for successful SEQ_FULLSIZE writes (stable- fixes). * ALSA: usb-audio: apply quirk for MOONDROP JU Jiu (stable-fixes). * ALSA: usb-audio: Avoid false E-MU sample-rate notifications (git-fixes). * ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3() (git- fixes). * ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans (git-fixes). * ALSA: usb-audio: Bound MIDI endpoint descriptor scans (git-fixes). * ALSA: usb-audio: Evaluate packsize caps at the right place (git-fixes). * ALSA: usb-audio: Fix Audio Advantage Micro II SPDIF switch (git-fixes). * ALSA: usb-audio: Fix potential leak of pd at parsing UAC3 streams (git- fixes). * ALSA: usb-audio: Fix quirk flags for NeuralDSP Quad Cortex (stable-fixes). * ALSA: usb-audio: Fix UAC3 cluster descriptor size check (git-fixes). * ALSA: usb-audio: midi2: Restart output URBs on resume (git-fixes). * ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES (git-fixes). * ALSA: virtio: drop an extaneous kernel-doc comment (git-fixes). * amdgpu/jpeg: fix deepsleep register for jpeg 5_0_0 and 5_0_2 (stable-fixes). * ASoC: amd: acp: Add DMI quirk for Valve Steam Deck OLED (git-fixes). * ASoC: amd: yc: Add DMI entry for HP Laptop 15-fc0xxx (stable-fixes). * ASoC: amd: yc: Add DMI quirk for ASUS EXPERTBOOK BM1403CDA (stable-fixes). * ASoC: amd: yc: Add DMI quirk for Thin A15 B7VF (stable-fixes). * ASoC: amd: yc: Add HP OMEN Gaming Laptop 16-ap0xxx product line in quirk table (stable-fixes). * ASoC: codecs: ab8500: Fix casting of private data (git-fixes). * ASoC: cs35l56: Destroy workqueue in probe error path (git-fixes). * ASoC: cs35l56: Don't use devres to unregister component (git-fixes). * ASoC: cs35l56: Fix hibernate write in runtime resume error path (git-fixes). * ASoC: fsl_easrc: Change the type for iec958 channel status controls (git- fixes). * ASoC: fsl_easrc: Check the variable range in fsl_easrc_iec958_put_bits() (git-fixes). * ASoC: fsl_easrc: fix comment typo (git-fixes). * ASoC: fsl_easrc: Fix value type in fsl_easrc_iec958_get_bits() (git-fixes). * ASoC: fsl_micfil: Add access property for "VAD Detected" (git-fixes). * ASoC: fsl_micfil: Fix event generation in hwvad_put_enable() (git-fixes). * ASoC: fsl_micfil: Fix event generation in hwvad_put_init_mode() (git-fixes). * ASoC: fsl_micfil: Fix event generation in micfil_put_dc_remover_state() (git-fixes). * ASoC: fsl_micfil: Fix event generation in micfil_quality_set() (git-fixes). * ASoC: fsl_xcvr: Fix event generation for cached controls (git-fixes). * ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_arc_mode_put() (git-fixes). * ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_mode_put() (git-fixes). * ASoC: Intel: bytcr_wm5102: Fix MCLK leak on platform_clock_control error (git-fixes). * ASoC: qcom: q6apm-dai: reset queue ptr on trigger stop (git-fixes). * ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens (git-fixes). * ASoC: qcom: q6apm: move component registration to unmanaged version (git- fixes). * ASoC: qcom: q6apm: remove child devices when apm is removed (git-fixes). * ASoC: qcom: qdsp6: topology: check widget type before accessing data (git- fixes). * ASoC: soc-core: call missing INIT_LIST_HEAD() for card_aux_list (stable- fixes). * ASoC: SOF: compress: return the configured codec from get_params (git- fixes). * ASoC: SOF: Don't allow pointer operations on unconfigured streams (git- fixes). * ASoC: SOF: Intel: hda: Place check before dereference (git-fixes). * ASoC: SOF: topology: reject invalid vendor array size in token parser (stable-fixes). * ASoC: sti: Return errors from regmap_field_alloc() (git-fixes). * ASoC: sti: use managed regmap_field allocations (git-fixes). * ASoC: stm32_sai: fix incorrect BCLK polarity for DSP_A/B, LEFT_J (stable- fixes). * ata: ahci: force 32-bit DMA for JMicron JMB582/JMB585 (stable-fixes). * backlight: sky81452-backlight: Check return value of devm_gpiod_get_optional() in sky81452_bl_parse_dt() (git-fixes). * batman-adv: bla: only purge non-released claims (git-fixes). * batman-adv: bla: prevent use-after-free when deleting claims (git-fixes). * batman-adv: bla: put backbone reference on failed claim hash insert (git- fixes). * batman-adv: fix integer overflow on buff_pos (git-fixes). * batman-adv: hold claim backbone gateways by reference (git-fixes). * batman-adv: reject new tp_meter sessions during teardown (git-fixes). * batman-adv: reject oversized global TT response buffers (git-fixes). * batman-adv: stop caching unowned originator pointers in BAT IV (git-fixes). * bitfield: Add FIELD_MODIFY() helper (jsc#PED-14238). * Bluetooth: bnep: fix incorrect length parsing in bnep_rx_frame() extension handling (git-fixes). * Bluetooth: btmtk: validate WMT event SKB length before struct access (git- fixes). * Bluetooth: btusb: Check for unexpected bytes when defragmenting HCI frames (bsc#1260996). * Bluetooth: fix locking in hci_conn_request_evt() with HCI_PROTO_DEFER (git- fixes). * Bluetooth: hci_event: fix memset typo (git-fixes). * Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt (git-fixes). * Bluetooth: hci_event: fix potential UAF in SSP passkey handlers (git-fixes). * Bluetooth: hci_ldisc: Clear HCI_UART_PROTO_INIT on error (git-fixes). * Bluetooth: HIDP: serialise l2cap_unregister_user via hidp_session_sem (git- fixes). * Bluetooth: ISO: Fix data-race on dst in iso_sock_connect() (git-fixes). * Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp (git- fixes). * Bluetooth: l2cap: fix MPS check in l2cap_ecred_reconf_req (git-fixes). * Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb() (git- fixes). * Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_state_change_cb() (git- fixes). * Bluetooth: L2CAP: Fix printing wrong information if SDU length exceeds MTU (git-fixes). * Bluetooth: RFCOMM: pull credit byte with skb_pull_data() (git-fixes). * Bluetooth: SCO: check for codecs->num_codecs == 1 before assigning to sco_pi(sk)->codec (git-fixes). * Bluetooth: SCO: fix sleeping under spinlock in sco_conn_ready (git-fixes). * Bluetooth: SCO: hold sk properly in sco_conn_ready (git-fixes). * Bluetooth: virtio_bt: clamp rx length before skb_put (git-fixes). * Bluetooth: virtio_bt: validate rx pkt_type header length (git-fixes). * bpf: Add third round of bounds deduction (git-fixes). * bpf: Fix u32/s32 bounds when ranges cross min/max boundary (git-fixes). * bpf: Improve bounds when s64 crosses sign boundary (git-fixes). * bpf: Switch CONFIG_CFI_CLANG to CONFIG_CFI (git-fixes). * btrfs: qgroup: update all parent qgroups when doing quick inherit (bsc#1258933). * btrfs: reject root items with drop_progress and zero drop_level (git-fixes). * btrfs: replace BUG() with error handling in __btrfs_balance() (git-fixes). * bus: mhi: host: pci_generic: Switch to async power up to avoid boot delays (git-fixes). * bus: rifsc: fix RIF configuration check for peripherals (git-fixes). * can: mcp251x: add error handling for power enable in open and resume (stable-fixes). * can: raw: fix ro->uniq use-after-free in raw_rcv() (git-fixes). * can: ucan: fix devres lifetime (git-fixes). * cdc-acm: new quirk for EPSON HMD (stable-fixes). * check-for-config-changes: Exclude CC_MS_EXTENSIONS. * check-for-config-changes: Exclude HAVE_CFI_ICALL_NORMALIZE_INTEGERS{,_RUSTC}. * comedi: dt2815: add hardware detection to prevent crash (stable-fixes). * cpufreq: intel_pstate: Drop Arrow Lake from "scaling factor" list (bsc#1249104). * crypto: af_alg - limit RX SG extraction by receive buffer budget (git- fixes). * crypto: algif_aead - Fix minimum RX size check for decryption (git-fixes). * crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup (git- fixes). * crypto: atmel-ecc - Release client on allocation failure (git-fixes). * crypto: atmel-sha204a - Fix error codes in OTP reads (git-fixes). * crypto: atmel-sha204a - Fix OTP sysfs read and error handling (git-fixes). * crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path (git-fixes). * crypto: atmel-sha204a - Fix uninitialized data access on OTP read error (git-fixes). * crypto: atmel-tdes - fix DMA sync direction (git-fixes). * crypto: ccp - copy IV using skcipher ivsize (git-fixes). * crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed (git-fixes). * crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed (git-fixes). * crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed (git-fixes). * crypto: ccree - fix a memory leak in cc_mac_digest() (git-fixes). * crypto: drivers - Switch back to struct platform_driver::remove() (jsc#PED-14238). * crypto: drivers - Use str_enable_disable-like helpers (jsc#PED-14238). * crypto: hisilicon - Fix dma_unmap_single() direction (git-fixes). * crypto: iaa - Adjust workqueue allocation type (jsc#PED-14238). * crypto: iaa - fix per-node CPU counter reset in rebalance_wq_table() (git- fixes). * crypto: iaa - Move compression CRC into request object (jsc#PED-14238). * crypto: iaa - Optimize rebalance_wq_table() (jsc#PED-14238). * crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-14238). * crypto: iaa - Remove unreachable pr_debug from iaa_crypto_cleanup_module (jsc#PED-14238). * crypto: iaa - Remove unused disable_async argument from iaa_decompress (jsc#PED-14238). * crypto: iaa - Replace sprintf with sysfs_emit in sysfs show functions (jsc#PED-14238). * crypto: iaa - Simplify init_iaa_device() (jsc#PED-14238). * crypto: jitterentropy - replace long-held spinlock with mutex (git-fixes). * crypto: nx - Fix packed layout in struct nx842_crypto_header (git-fixes). * crypto: pcrypt - Fix handling of MAY_BACKLOG requests (git-fixes). * crypto: qat - #undef field_get() before local definition (jsc#PED-14238). * crypto: qat - add adf_rl_get_num_svc_aes() in rate limiting (jsc#PED-14238). * crypto: qat - add bank state save and restore for qat_420xx (jsc#PED-14238). * crypto: qat - add command queue telemetry counters for GEN6 (jsc#PED-14238). * crypto: qat - add compression slice count for rate limiting (jsc#PED-14238). * crypto: qat - add decompression service for rate limiting (jsc#PED-14238). * crypto: qat - add decompression service to telemetry (jsc#PED-14238). * crypto: qat - add firmware headers for GEN6 devices (jsc#PED-14238). * crypto: qat - add GEN6 firmware loader (jsc#PED-14238). * crypto: qat - add get_svc_slice_cnt() in device data structure (jsc#PED-14238). * crypto: qat - add live migration enablers for GEN6 devices (jsc#PED-14238). * crypto: qat - add macro to write 64-bit values to registers (jsc#PED-14238). * crypto: qat - add missing header inclusion (jsc#PED-14238). * crypto: qat - add qat_6xxx driver (jsc#PED-14238). * crypto: qat - add ring buffer idle telemetry counter for GEN6 (jsc#PED-14238). * crypto: qat - add support for decompression service to GEN6 devices (jsc#PED-14238). * crypto: qat - consolidate service enums (jsc#PED-14238). * crypto: qat - Constify struct pm_status_row (jsc#PED-14238). * crypto: qat - disable 4xxx AE cluster when lead engine is fused off (git- fixes). * crypto: qat - disable 420xx AE cluster when lead engine is fused off (git- fixes). * crypto: qat - do not export adf_cfg_services (jsc#PED-14238). * crypto: qat - enable power management debugfs for GEN6 devices (jsc#PED-14238). * crypto: qat - enable RAS support for GEN6 devices (jsc#PED-14238). * crypto: qat - enable rate limiting feature for GEN6 devices (jsc#PED-14238). * crypto: qat - enable reporting of error counters for GEN6 devices (jsc#PED-14238). * crypto: qat - enable telemetry for GEN6 devices (jsc#PED-14238). * crypto: qat - export adf_get_service_mask() (jsc#PED-14238). * crypto: qat - export adf_init_admin_pm() (jsc#PED-14238). * crypto: qat - expose configuration functions (jsc#PED-14238). * crypto: qat - fix compression instance leak (git-fixes). * crypto: qat - fix IRQ cleanup on 6xxx probe failure (git-fixes). * crypto: qat - fix object goals in Makefiles (jsc#PED-14238. * crypto: qat - fix type mismatch in RAS sysfs show functions (git-fixes). * crypto: qat - Fix typo "accelaration" (jsc#PED-14238). * crypto: qat - fix virtual channel configuration for GEN6 devices (jsc#PED-14238). * crypto: qat - include qat_common in top Makefile (jsc#PED-14238). * crypto: qat - introduce fuse array (jsc#PED-14238). * crypto: qat - make adf_dev_autoreset() static (jsc#PED-14238). * crypto: qat - optimize allocations for fw authentication (jsc#PED-14238). * crypto: qat - refactor compression template logic (jsc#PED-14238). * crypto: qat - refactor FW signing algorithm (jsc#PED-14238). * crypto: qat - refactor ring-related debug functions (jsc#PED-14238). * crypto: qat - refactor service parsing logic (jsc#PED-14238). * crypto: qat - relocate and rename bank state structure definition (jsc#PED-14238). * crypto: qat - relocate bank state helper functions (jsc#PED-14238). * crypto: qat - relocate power management debugfs helper APIs (jsc#PED-14238). * crypto: qat - relocate service related functions (jsc#PED-14238). * crypto: qat - remove BITS_IN_DWORD() (jsc#PED-14238). * crypto: qat - Remove dst_null support (jsc#PED-14238). * crypto: qat - remove duplicate masking for GEN6 devices (jsc#PED-14238). * crypto: qat - remove initialization in device class (jsc#PED-14238). * crypto: qat - remove redundant FW image size check (jsc#PED-14238). * crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-14238). * crypto: qat - remove unused members in suof structure (jsc#PED-14238). * crypto: qat - rename and relocate timer logic (jsc#PED-14238). * crypto: qat - reorder objects in qat_common Makefile (jsc#PED-14238). * crypto: qat - replace CHECK_STAT macro with static inline function (jsc#PED-14238). * crypto: qat - Replace kzalloc() + copy_from_user() with memdup_user() (jsc#PED-14238). * crypto: qat - restore ASYM service support for GEN6 devices (jsc#PED-14238). * crypto: qat - Return pointer directly in adf_ctl_alloc_resources (jsc#PED-14238). * crypto: qat - set command ids as reserved (jsc#PED-14238). * crypto: qat - switch to standard pattern for PCI IDs (jsc#PED-14238). * crypto: qat - update firmware api (jsc#PED-14238). * crypto: qat - use pr_fmt() in adf_gen4_hw_data.c (jsc#PED-14238). * crypto: qat - use pr_fmt() in qat uclo.c (jsc#PED-14238). * crypto: qat - use simple_strtoull to improve qat_uclo_parse_num (jsc#PED-14238). * crypto: qat - use swab32 macro (git-fixes). * crypto: qat - validate service in rate limiting sysfs api (jsc#PED-14238). * crypto: qat/qat_6xxx - Fix NULL vs IS_ERR() check in adf_probe() (jsc#PED-14238). * crypto: sa2ul - Fix AEAD fallback algorithm names (git-fixes). * crypto: simd - reject compat registrations without __ prefixes (git-fixes). * crypto: talitos - fix SEC1 32k ahash request limitation (git-fixes). * crypto: tegra - Disable softirqs before finalizing request (git-fixes). * devres: fix missing node debug info in devm_krealloc() (git-fixes). * dmaengine: dw-axi-dmac: fix Alignment should match open parenthesis (git- fixes). * dmaengine: dw-axi-dmac: Remove unnecessary return statement from void function (git-fixes). * dmaengine: mxs-dma: Fix missing return value from of_dma_controller_register() (git-fixes). * dpll: zl3073x: Add support to adjust phase (bsc#1255752). * dpll: zl3073x: Fix output pin phase adjustment sign (bsc#1255752). * dpll: zl3073x: fix REF_PHASE_OFFSET_COMP register width for some chip IDs (bsc#1255752). * dpll: zl3073x: Specify phase adjustment granularity for pins (bsc#1255752). * drivers/base/memory: fix memory block reference leak in poison accounting (git-fixes). * drm/amd/display: Add NULL check for integrated_info in clk_mgr_construct (git-fixes). * drm/amd/display: Allow DCE link encoder without AUX registers (git-fixes). * drm/amd/display: Avoid NULL dereference in dc_dmub_srv error paths (git- fixes). * drm/amd/display: Change dither policy for 10 bpc output back to dithering (git-fixes). * drm/amd/display: Correct logic check error for fastboot (git-fixes). * drm/amd/display: Disable 10-bit truncation and dithering on DCE 6.x (git- fixes). * drm/amd/display: Disable fastboot on DCE 6 too (stable-fixes). * drm/amd/display: Read EDID from VBIOS embedded panel info (git-fixes). * drm/amd/pm/ci: Clear EnabledForActivity field for memory levels (git-fixes). * drm/amd/pm/ci: Disable MCLK DPM on problematic CI ASICs (git-fixes). * drm/amd/pm/ci: Fill DW8 fields from SMC (git-fixes). * drm/amd/pm/ci: Fix powertune defaults for Hawaii 0x67B0 (git-fixes). * drm/amd/pm/ci: Use highest MCLK on CI when MCLK DPM is disabled (git-fixes). * drm/amd/pm/smu7: Add SCLK cap for quirky Hawaii board (git-fixes). * drm/amd/pm/smu7: Fix SMU7 voltage dependency on display clock (git-fixes). * drm/amd/pm: fix incorrect FeatureCtrlMask setting on smu v14.0.x (git- fixes). * drm/amdgpu/gfx6: Support harvested SI chips with disabled TCCs (v2) (git- fixes). * drm/amdgpu/gfx9: drop unnecessary 64-bit fence flag check in KIQ (stable- fixes). * drm/amdgpu/gfx10: look at the right prop for gfx queue priority (git-fixes). * drm/amdgpu/gfx11: look at the right prop for gfx queue priority (git-fixes). * drm/amdgpu/gmc: Fix AMDGPU_GART_PLACEMENT_LOW to not overlap with VRAM (git- fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v2.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v2.5 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v3.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.3 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.5 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v5.0.0 ring (git-fixes). * drm/amdgpu/pm: add missing revision check for CI (git-fixes). * drm/amdgpu/pm: align Hawaii mclk workaround with radeon (git-fixes). * drm/amdgpu/pm: drop SMU driver if version not matched messages (stable- fixes). * drm/amdgpu/sdma4: replace BUG_ON with WARN_ON in fence emission (git-fixes). * drm/amdgpu/vce: Prevent partial address patches (stable-fixes). * drm/amdgpu/vcn3: Avoid overflow on msg bound check (git-fixes). * drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg (stable-fixes). * drm/amdgpu/vcn4: Avoid overflow on msg bound check (git-fixes). * drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg (stable-fixes). * drm/amdgpu/vcn4: Prevent OOB reads when parsing IB (stable-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v2.0 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v2.5 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v3.0 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0.3 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0.5 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v5.0.0 enc ring (git-fixes). * drm/amdgpu: Add bounds checking to ib_{get,set}_value (stable-fixes). * drm/amdgpu: Add default case in DVI mode validation (git-fixes). * drm/amdgpu: fix AMDGPU_INFO_READ_MMR_REG (git-fixes). * drm/amdgpu: fix zero-size GDS range init on RDNA4 (stable-fixes). * drm/amdgpu: gate VM CPU HDP flush on reset lock (stable-fixes). * drm/amdgpu: replace PASID IDR with XArray (git-fixes). * drm/amdgpu: Use SMUIO 15.0.0 offsets for TSC upper and lower count (stable- fixes). * drm/amdgpu: zero-initialize GART table on allocation (stable-fixes). * drm/amdkfd: Add upper bound check for num_of_nodes (stable-fixes). * drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure (stable- fixes). * drm/amdkfd: Make all TLB-flushes heavy-weight (stable-fixes). * drm/amdkfd: validate SVM ioctl nattr against buffer size (stable-fixes). * drm/arcpgu: fix device node leak (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Add mode_valid hook to drm_bridge_funcs (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Handle HDCP state in bridge atomic check (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Set the mhdp connector earlier in atomic_enable() (git-fixes). * drm/bridge: stm_lvds: Do not fail atomic_check on disabled connector (git- fixes). * drm/etnaviv: Fix armed job not being pushed to the DRM scheduler (git- fixes). * drm/exynos: remove bridge when component_add fails (git-fixes). * drm/fb-helper: Fix clipping when damage area spans a single scanline (git- fixes). * drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() (git-fixes). * drm/gma500/oaktrail_hdmi: fix i2c adapter leak on setup (git-fixes). * drm/gma500/oaktrail_lvds: fix hang on init failure (git-fixes). * drm/gma500/oaktrail_lvds: fix i2c adapter leaks on init (git-fixes). * drm/i915/dp: Fix VSC dynamic range signaling for RGB formats (git-fixes). * drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (git- fixes). * drm/i915/wm: Verify the correct plane DDB entry (git-fixes). * drm/i915: skip __i915_request_skip() for already signaled requests (git- fixes). * drm/imagination: Switch reset_reason fields from enum to u32 (git-fixes). * drm/komeda: fix integer overflow in AFBC framebuffer size check (git-fixes). * drm/loongson: Use managed KMS polling (git-fixes). * drm/msm/a6xx: Fix dumping A650+ debugbus blocks (git-fixes). * drm/msm/a6xx: Fix HLSQ register dumping (git-fixes). * drm/msm/a6xx: Use barriers while updating HFI Q headers (git-fixes). * drm/msm/dpu: fix mismatch between power and frequency (git-fixes). * drm/msm/dsi: add the missing parameter description (git-fixes). * drm/msm/dsi: fix bits_per_pclk (git-fixes). * drm/msm/dsi: fix hdisplay calculation for CMD mode panel (git-fixes). * drm/msm/dsi: rename MSM8998 DSI version from V2_2_0 to V2_0_0 (git-fixes). * drm/msm/gem: fix error handling in msm_ioctl_gem_info_get_metadata() (git- fixes). * drm/msm/shrinker: Fix can_block() logic (git-fixes). * drm/nouveau: fix nvkm_device leak on aperture removal failure (git-fixes). * drm/nouveau: fix u32 overflow in pushbuf reloc bounds check (git-fixes). * drm/panel: boe-tv101wum-nl6: restore MODE_LPM after sending disable cmds (git-fixes). * drm/panel: himax-hx83102: restore MODE_LPM after sending disable cmds (git- fixes). * drm/panel: sharp-ls043t1le01: make use of prepare_prev_first (git-fixes). * drm/panel: simple: Correct G190EAN01 prepare timing (git-fixes). * drm/panfrost: Fix wait_bo ioctl leaking positive return from dma_resv_wait_timeout() (git-fixes). * drm/panthor: Fix outdated function documentation (git-fixes). * drm/radeon: add missing revision check for CI (git-fixes). * drm/sun4i: backend: fix error pointer dereference (git-fixes). * drm/sun4i: Fix resource leaks (git-fixes). * drm/v3d: Handle error from drm_sched_entity_init() (git-fixes). * drm/vc4: Fix a memory leak in hang state error path (git-fixes). * drm/vc4: Fix memory leak of BO array in hang state (git-fixes). * drm/vc4: platform_get_irq_byname() returns an int (stable-fixes). * drm/vc4: Protect madv read in vc4_gem_object_mmap() with madv_lock (git- fixes). * drm/vc4: Release runtime PM reference after binding V3D (git-fixes). * drm/vram: remove DRM_VRAM_MM_FILE_OPERATIONS from docs (git-fixes). * drm/xe/bo: Fix bo leak on GGTT flag validation in xe_bo_init_locked() (git- fixes). * drm/xe/bo: Fix bo leak on unaligned size validation in xe_bo_init_locked() (git-fixes). * drm/xe/debugfs: Correct printing of register whitelist ranges (git-fixes). * drm/xe/dma-buf: handle empty bo and UAF races (git-fixes). * drm/xe/gsc: Fix BO leak on error in query_compatibility_version() (git- fixes). * drm/xe/uapi: update used tracking kernel-doc (git-fixes). * drm/xe: Fix dma-buf attachment leak in xe_gem_prime_import() (git-fixes). * drm/xe: Fix error cleanup in xe_exec_queue_create_ioctl() (git-fixes). * dt-bindings: net: Fix Tegra234 MGBE PTP clock (git-fixes). * efi/capsule-loader: fix incorrect sizeof in phys array reallocation (git- fixes). * efi: pstore: Drop efivar lock when efi_pstore_open() returns with an error (git-fixes). * erofs: add GFP_NOIO in the bio completion if needed (git-fixes). * ext4: fix fsync(2) for nojournal mode (git-fixes). * ext4: make recently_deleted() properly work with lazy itable initialization (git-fixes). * ext4: reject mount if bigalloc with s_first_data_block != 0 (git-fixes). * extcon: Fixed sysfs duplicate filename issue (git-fixes). * extcon: ptn5150: handle pending IRQ events during system resume (git-fixes). * fbdev: matroxfb: Mark variable with __maybe_unused to avoid W=1 build break (git-fixes). * fbdev: offb: fix PCI device reference leak on probe failure (git-fixes). * fbdev: tdfxfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (stable-fixes). * fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (git-fixes). * firmware: arm_ffa: Use the correct buffer size during RXTX_MAP (git-fixes). * firmware: dmi: Correct an indexing error in dmi.h (git-fixes). * firmware: google: framebuffer: Do not mark framebuffer as busy (git-fixes). * firmware: google: framebuffer: Do not unregister platform device (git- fixes). * gpio: of: clear OF_POPULATED on hog nodes in remove path (git-fixes). * gpio: tegra: fix irq_release_resources calling enable instead of disable (git-fixes). * gtp: disable BH before calling udp_tunnel_xmit_skb() (git-fixes). * HID: alps: fix NULL pointer dereference in alps_raw_event() (git-fixes). * HID: amd_sfh: don't log error when device discovery fails with -EOPNOTSUPP (git-fixes). * HID: apple: ensure the keyboard backlight is off if suspending (git-fixes). * HID: asus: do not abort probe when not necessary (git-fixes). * HID: asus: make asus_resume adhere to linux kernel coding standards (git- fixes). * HID: core: clamp report_size in s32ton() to avoid undefined shift (stable- fixes). * HID: logitech-hidpp: Enable MX Master 4 over bluetooth (stable-fixes). * HID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure (stable-fixes). * HID: multitouch: Check to ensure report responses match the request (stable- fixes). * HID: quirks: add HID_QUIRK_ALWAYS_POLL for 8BitDo Pro 3 (stable-fixes). * HID: roccat: fix use-after-free in roccat_report_event (stable-fixes). * HID: usbhid: fix deadlock in hid_post_reset() (git-fixes). * HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq (stable-fixes). * hisi_acc_vfio_pci: add eq and aeq interruption restore (git-fixes). * hisi_acc_vfio_pci: bugfix cache write-back issue (git-fixes). * hisi_acc_vfio_pci: bugfix the problem of uninstalling driver (git-fixes). * hv_sock: fix ARM64 support (git-fixes). * hv_sock: update outdated comment for renamed vsock_stream_recvmsg() (git- fixes). * hwmon: (ads7871) Fix endianness bug in 16-bit register reads (git-fixes). * hwmon: (corsair-psu) Close HID device on probe errors (git-fixes). * hwmon: (lm63) Add locking to avoid TOCTOU (git-fixes). * hwmon: (ltc2992) Clamp threshold writes to hardware range (git-fixes). * hwmon: (ltc2992) Fix u32 overflow in power read path (git-fixes). * hwmon: (ltc4286) Add missing MODULE_IMPORT_NS("PMBUS") (git-fixes). * hwmon: (powerz) Fix missing usb_kill_urb() on signal interrupt (git-fixes). * hwmon: (powerz) Fix use-after-free on USB disconnect (git-fixes). * hwmon: (pt5161l) Fix bugs in pt5161l_read_block_data() (git-fixes). * i2c: s3c24xx: check the size of the SMBUS message before using it (stable- fixes). * i2c: smbus: reject oversized block transfers in the common path (git-fixes). * i2c: stm32f7: reinit_completion() per transfer not per msg (git-fixes). * i2c: stub: Reject I2C block transfers with invalid length (git-fixes). * i2c: tegra: Add HS mode support (bsc#1261550). * i2c: tegra: Add Tegra256 support (bsc#1261550). * i2c: tegra: Do not configure DMA if not supported (bsc#1261550). * i2c: tegra: Don't mark devices with pins as IRQ safe (stable-fixes). * i2c: tegra: Update Tegra256 timing parameters (bsc#1261550). * i2c: tegra: Use separate variables for fast and fastplus (bsc#1261550). * i3c: dw: Fix memory leak in dw_i3c_master_i3c_xfers() (git-fixes). * i3c: master: Fix error codes at send_ccc_cmd (git-fixes). * i3c: mipi-i3c-hci: fix IBI payload length calculation for final status (git- fixes). * ibmveth: Disable GSO for packets with small MSS (bsc#1265144). * iio: adc: ad7192: Revert "properly check spi_get_device_match_data()" (stable-fixes). * iio: adc: ad7768-1: fix one-shot mode data acquisition (git-fixes). * iio: adc: ti-ads7950: use iio_push_to_buffers_with_ts_unaligned() (git- fixes). * iio: frequency: admv1013: add dev variable (stable-fixes). * iio: frequency: admv1013: fix NULL pointer dereference on str (git-fixes). * Input: bcm5974 - recover from failed mode switch (stable-fixes). * Input: i8042 - add TUXEDO InfinityBook Max 16 Gen10 AMD to i8042 quirk table (stable-fixes). * Input: uinput - fix circular locking dependency with ff-core (git-fixes). * Input: uinput - take event lock when submitting FF request "event" (stable- fixes). * Input: xpad - add support for BETOP BTP-KP50B/C controller's wireless mode (stable-fixes). * Input: xpad - add support for Razer Wolverine V3 Pro (stable-fixes). * interconnect: debugfs: fix devm_kstrdup and kfree mismatch (git-fixes). * io_uring/timeout: check unused sqe fields (git-fixes). * iommu/amd: move wait_on_sem() out of spinlock (git-fixes bsc#1260593). * iommu/amd: serialize sequence allocation under concurrent TLB invalidations (git-fixes bsc#1260593). * iommu/vt-d: Remove LPIG from page group response descriptor (jsc#PED-16113). * ipmi: Add limits to event and receive message requests (git-fixes). * ipmi: Check event message buffer response for bad data (git-fixes). * ipmi: ssif_bmc: change log level to dbg in irq callback (git-fixes). * ipmi: ssif_bmc: fix message desynchronization after truncated response (git- fixes). * ipmi: ssif_bmc: fix missing check for copy_to_user() partial failure (git- fixes). * ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (git-fixes). * KVM: arm64: Allow cacheable stage 2 mapping using VMA flags (git-fixes). * KVM: arm64: Assume non-PFNMAP/MIXEDMAP VMAs can be mapped cacheable (git- fixes). * KVM: arm64: Block cacheable PFNMAP mapping (git-fixes). * KVM: arm64: Consolidate idreg callbacks (git-fixes). * KVM: arm64: Discard PC update state on vcpu reset (git-fixes). * KVM: arm64: Finalize ID registers only once per VM (git-fixes). * KVM: arm64: Fix MTE flag initialization for protected VMs (git-fixes). * KVM: arm64: Fix page leak in user_mem_abort() (git-fixes). * KVM: arm64: Fix Trace Buffer trap polarity for protected VMs (git-fixes). * KVM: arm64: Fix Trace Buffer trapping for protected VMs (git-fixes). * KVM: arm64: Fix vma_shift staleness on nested hwpoison path (git-fixes). * KVM: arm64: Hide S1POE from guests when not supported by the host (git- fixes). * KVM: arm64: Limit clearing of ID_{AA64PFR0,PFR1}_EL1.GIC to userspace irqchip (git-fixes). * KVM: arm64: Make all 32bit ID registers fully writable (git-fixes). * KVM: arm64: nv: Add trap config for DBGWCR<15>_EL1 (git-fixes). * KVM: arm64: nv: Return correct RES0 bits for FGT registers (git-fixes). * KVM: arm64: pkvm: Fallback to level-3 mapping on host stage-2 fault (git- fixes). * KVM: arm64: Read PMUVer as unsigned (git-fixes). * KVM: arm64: Rename the device variable to s2_force_noncacheable (git-fixes). * KVM: arm64: Return early from trace helpers when KVM isn't available (git- fixes). * KVM: arm64: Set ID_{AA64PFR0,PFR1}_EL1.GIC when GICv3 is configured (git- fixes). * KVM: arm64: vgic-v3: Release reserved slot outside of lpi_xa's lock (git- fixes). * KVM: arm64: vgic: Fix IIDR revision field extracted from wrong value (git- fixes). * KVM: nSVM: Use vcpu->arch.cr2 when updating vmcb12 on nested #VMEXIT (git- fixes). * KVM: nVMX: Add consistency check for TSC_MULTIPLIER=0 (git-fixes). * KVM: Reject wrapped offset in kvm_reset_dirty_gfn() (git-fixes). * KVM: SEV: Disallow LAUNCH_FINISH if vCPUs are actively being created (git- fixes). * KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION (git- fixes). * KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish (git- fixes). * KVM: SEV: Protect _all_ of sev_mem_enc_register_region() with kvm->lock (git-fixes). * KVM: SEV: Reject attempts to sync VMSA of an already-launched/encrypted vCPU (git-fixes). * KVM: SVM: Disallow EFER.LMSLE when not supported by hardware (git-fixes). * KVM: SVM: Fix a missing kunmap_local() in sev_gmem_post_populate() (git- fixes). * KVM: SVM: Initialize AVIC VMCB fields if AVIC is enabled with in-kernel APIC (git-fixes). * KVM: SVM: Mark VMCB_NPT as dirty on nested VMRUN (git-fixes). * KVM: SVM: Mark VMCB_PERM_MAP as dirty on nested VMRUN (git-fixes). * KVM: SVM: Properly check RAX in the emulator for SVM instructions (git- fixes). * KVM: SVM: Set/clear CR8 write interception when AVIC is (de)activated (git- fixes). * KVM: TDX: Explicitly set user-return MSRs that _may_ be clobbered by the TDX-Module (git-fixes). * KVM: x86/mmu: Fix UBSAN warning when reading nx_huge_pages parameter (git- fixes). * KVM: x86/xen: Fix cleanup logic in emulation of Xen schedop poll hypercalls (git-fixes). * KVM: x86: Add SRCU protection for reading PDPTRs in __get_sregs2() (git- fixes). * KVM: x86: Advertise EferLmsleUnsupported to userspace (git-fixes). * KVM: x86: check for nEPT/nNPT in slow flush hypercalls (git-fixes). * KVM: X86: Fix array_index_nospec protection in __pv_send_ipi (git-fixes). * KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (git- fixes). * KVM: x86: hyper-v: Validate all GVAs during PV TLB flush (git-fixes). * KVM: x86: Ignore cpuid faulting in SMM (git-fixes). * leds: lgm-sso: Remove duplicate assignments for priv->mmap (git-fixes). * leds: qcom-lpg: Check for array overflow when selecting the high resolution (stable-fixes). * lib/hexdump: print_hex_dump_bytes() calls print_hex_dump_debug() (git- fixes). * md/raid1: fix the comparing region of interval tree (bsc#1261555). * md/raid1: serialize overlap io for writemostly disk (bsc#1261555). * media: amphion: Fix race between m2m job_abort and device_run (git-fixes). * media: as102: fix to not free memory after the device is registered in as102_usb_probe() (git-fixes). * media: chips-media: wave5: add missing spinlock protection for handle_dynamic_resolution_change() (git-fixes). * media: chips-media: wave5: add missing spinlock protection for send_eos_event() (git-fixes). * media: chips-media: wave5: fix a potential memory leak in wave5_vdi_init() (git-fixes). * media: dib8000: avoid division by 0 in dib8000_set_dds() (git-fixes). * media: em28xx: fix use-after-free in em28xx_v4l2_open() (git-fixes). * media: hackrf: fix to not free memory after the device is registered in hackrf_probe() (git-fixes). * media: i2c: imx219: Check return value of devm_gpiod_get_optional() in imx219_probe() (git-fixes). * media: i2c: imx283: Enter full standby when stopping streaming (git-fixes). * media: i2c: imx283: Fix hang when going from large to small resolution (git- fixes). * media: i2c: imx412: Assert reset GPIO during probe (git-fixes). * media: i2c: ov08d10: fix image vertical start setting (git-fixes). * media: i2c: ov8856: free control handler on error in ov8856_init_controls() (git-fixes). * media: intel/ipu6: fix error pointer dereference (git-fixes). * media: mtk-jpeg: fix use-after-free in release path due to uncancelled work (git-fixes). * media: nxp: imx8-isi: Reduce minimum queued buffers from 2 to 0 (git-fixes). * media: omap3isp: drop the use count of v4l2 pipeline (git-fixes). * media: pci: zoran: fix potential memory leak in zoran_probe() (git-fixes). * media: rc: streamzap: Error handling in probe (git-fixes). * media: rc: xbox_remote: heed DMA restrictions (git-fixes). * media: saa7164: add ioremap return checks and cleanups (git-fixes). * media: staging: imx: configure src_mux in csi_start (git-fixes). * media: staging: imx: request mbus_config in csi_start (git-fixes). * media: uvcvideo: Enable VB2_DMABUF for metadata stream (git-fixes). * media: videobuf2: Set vma_flags in vb2_dma_sg_mmap (git-fixes). * media: vidtv: fix nfeeds state corruption on start_streaming failure (git- fixes). * media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections (git-fixes). * media: vidtv: fix pass-by-value structs causing MSAN warnings (git-fixes). * memory: tegra30-emc: Fix dll_change check (git-fixes). * memory: tegra124-emc: Fix dll_change check (git-fixes). * mfd: core: Preserve OF node when ACPI handle is present (git-fixes). * mfd: mc13xxx-core: Fix memory leak in mc13xxx_add_subdevice_pdata() (git- fixes). * mfd: stpmic1: Attempt system shutdown twice in case PMIC is confused (git- fixes). * mkspec: Add signature to source list only when it exists. * mmc: sdhci-of-dwcmshc: Disable clock before DLL configuration (git-fixes). * mmc: vub300: fix NULL-deref on disconnect (git-fixes). * modpost: Amend ppc64 save/restfpr symnames for -Os build (bsc#1215199). * mtd: docg3: fix use-after-free in docg3_release() (git-fixes). * mtd: parsers: ofpart: call of_node_get() for dedicated subpartitions (git- fixes). * mtd: parsers: ofpart: call of_node_put() only in ofpart_fail path (git- fixes). * mtd: physmap_of_gemini: Fix disabled pinctrl state check (git-fixes). * mtd: rawnand: sunxi: fix sunxi_nfc_hw_ecc_read_extra_oob (git-fixes). * mtd: spi-nor: core: correct the op.dummy.nbytes when check read operations (git-fixes). * mtd: spi-nor: debugfs: fix out-of-bounds read in spi_nor_params_show() (git- fixes). * mtd: spi-nor: sst: Fix write enable before AAI sequence (git-fixes). * mtd: spi-nor: swp: check SR_TB flag when getting tb_mask (git-fixes). * net-shapers: don't free reply skb after genlmsg_reply() (git-fixes). * net/mlx5: Fix HCA caps leak on notifier init failure (git-fixes). * net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * net/sched: cls_fw: fix NULL dereference of "old" filters before change() (git-fixes). * net/sched: fix pedit partial COW leading to page cache corruption (bsc#1265421). * net: gro: don't merge zcopy skbs (git-fixes). * net: hamradio: 6pack: fix uninit-value in sixpack_receive_buf (git-fixes). * net: mana: Add MAC address to vPort logs and clarify error messages (git- fixes). * net: mana: check xdp_rxq registration before unreg in mana_destroy_rxq() (git-fixes). * net: mana: Don't overwrite port probe error with add_adev result (git- fixes). * net: mana: Fix crash from unvalidated SHM offset read from BAR0 during FLR (bsc#1265846). * net: mana: Fix EQ leak in mana_remove on NULL port (git-fixes). * net: mana: Fix RX skb truesize accounting (bsc#1248754). * net: mana: Guard mana_remove against double invocation (git-fixes). * net: mana: hardening: Validate adapter_mtu from MANA_QUERY_DEV_CONFIG (git- fixes). * net: mana: hardening: Validate doorbell ID from GDMA_REGISTER_DEVICE response (git-fixes). * net: mana: Init gf_stats_work before potential error paths in probe (git- fixes). * net: mana: Init link_change_work before potential error paths in probe (git- fixes). * net: mana: Move current_speed debugfs file to mana_init_port() (git-fixes). * net: mana: remove double CQ cleanup in mana_create_rxq error path (git- fixes). * net: mana: Set default number of queues to 16 (bsc#1261648). * net: mana: Skip WQ object destruction for uninitialized RXQ (git-fixes). * net: mana: Use at least SZ_4K in doorbell ID range check (git-fixes). * net: mana: Use pci_name() for debugfs directory naming (git-fixes). * net: phy: broadcom: Save PHY counters during suspend (git-fixes). * net: phy: DP83TC811: add reading of abilities (git-fixes). * net: phy: dp83869: fix setting CLK_O_SEL field (git-fixes). * net: phy: fix a return path in get_phy_c45_ids() (git-fixes). * net: phy: qcom: at803x: Use the correct bit to disable extended next page (git-fixes). * net: stmmac: Fix PTP ref clock for Tegra234 (git-fixes). * net: usb: asix: ax88772: re-add usbnet_link_change() in phylink callbacks (git-fixes). * net: usb: cdc-phonet: fix skb frags[] overflow in rx_complete() (git-fixes). * net: usb: rtl8150: fix use-after-free in rtl8150_start_xmit() (git-fixes). * net: usb: rtl8150: free skb on usb_submit_urb() failure in xmit (git-fixes). * net: wan: fsl_ucc_hdlc: fix ucc_hdlc_remove (git-fixes). * net: wan: fsl_ucc_hdlc: fix uhdlc_memclean (git-fixes). * net: wan: fsl_ucc_hdlc: free tx_skbuff in uhdlc_memclean (git-fixes). * net: wwan: t7xx: validate port_count against message length in t7xx_port_enum_msg_handler (git-fixes). * NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (git- fixes). * nfc: llcp: add missing return after LLCP_CLOSED checks (git-fixes). * nfc: pn533: allocate rx skb before consuming bytes (git-fixes). * nfc: s3fwrn5: allocate rx skb before consuming bytes (git-fixes). * NFC: trf7970a: Ignore antenna noise when checking for RF field (git-fixes). * nvme-apple: drop invalid put of admin queue reference count (git-fixes). * nvme-auth: Include SC_C in RVAL controller hash (bsc#1260428). * nvme-loop: do not cancel I/O and admin tagset during ctrl reset/shutdown (bsc#1262709). * nvme-pci: add NVME_QUIRK_DISABLE_WRITE_ZEROES for Kingston OM3SGP4 (git- fixes). * nvme: Allow reauth from sysfs (bsc#1259672). * nvme: Expose the tls_configured sysfs for secure concat connections (bsc#1259672). * nvme: expose TLS mode (bsc#1259672). * nvme: fix admin queue leak on controller reset (git-fixes). * nvme: fix PCIe subsystem reset controller state transition (bsc#1261738). * nvmet-tcp: propagate nvmet_tcp_build_pdu_iovec() errors to its callers (git- fixes). * ocfs2: fix possible deadlock between unlink and dio_end_io_write (bsc#1258718). * ocfs2: split transactions in dio completion to avoid credit exhaustion (bsc#1258718). * openvswitch: vport: fix self-deadlock on release of tunnel ports (git- fixes). * panic/printk: replace other_cpu_in_panic() with panic_on_other_cpu() (bsc#1261149). * panic/printk: replace this_cpu_in_panic() with panic_on_this_cpu() (bsc#1261149). * panic: introduce helper functions for panic state (bsc#1261149). * panic: use angle-bracket include for panic.h (bsc#1261149). * PCI/AER: Clear only error bits in PCIe Device Status (git-fixes). * PCI/AER: Stop ruling out unbound devices as error source (git-fixes). * PCI/ASPM: Fix pci_clear_and_set_config_dword() usage (git-fixes). * PCI/NPEM: Set LED_HW_PLUGGABLE for hotplug-capable ports (git-fixes). * PCI/TPH: Allow TPH enable for RCiEPs (git-fixes). * PCI: dwc: Apply ECRC workaround to DesignWare 5.00a as well (git-fixes). * PCI: dwc: rcar-gen4: Change EPC BAR alignment to 4K as per the documentation (git-fixes). * PCI: Enable AtomicOps only if Root Port supports them (git-fixes). * PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown (git-fixes). * PCI: endpoint: pci-epf-vntb: Stop cmd_handler work in epf_ntb_epc_cleanup (git-fixes). * PCI: epf-mhi: Return 0, not remaining timeout, when eDMA ops complete (git- fixes). * PCI: hv: Set default NUMA node to 0 for devices without affinity info (bsc#1261648). * PCI: mediatek-gen3: Prevent leaking IRQ domains when IRQ not found (git- fixes). * PCI: qcom: Advertise Hotplug Slot Capability with no Command Completion support (git-fixes). * PCI: tegra194: Allow system suspend when the Endpoint link is not up (git- fixes). * PCI: tegra194: Disable direct speed change for Endpoint mode (git-fixes). * PCI: tegra194: Disable LTSSM after transition to Detect on surprise link down (git-fixes). * PCI: tegra194: Disable PERST# IRQ only in Endpoint mode (git-fixes). * PCI: tegra194: Fix CBB timeout caused by DBI access before core power-on (git-fixes). * PCI: tegra194: Fix polling delay for L2 state (git-fixes). * PCI: tegra194: Free up Endpoint resources during remove() (git-fixes). * PCI: tegra194: Increase LTSSM poll time on surprise link down (git-fixes). * PCI: tegra194: Set LTR message request before PCIe link up in Endpoint mode (git-fixes). * PCI: tegra194: Use devm_gpiod_get_optional() to parse "nvidia,refclk-select" (git-fixes). * PCI: tegra194: Use DWC IP core version (git-fixes). * pinctrl: abx500: Fix type of 'argument' variable (git-fixes). * pinctrl: Fix spelling problem (git-fixes). * pinctrl: intel: Fix the revision for new features (1kOhm PD, HW debouncer) (stable-fixes). * pinctrl: pic32: change all cases of bare 'unsigned' to 'unsigned int' (git- fixes). * pinctrl: pic32: use consistent spacing around '+' (git-fixes). * pinctrl: pinctrl-pic32: Fix resource leak (git-fixes). * pinctrl: realtek: Fix function signature for config argument (git-fixes). * pinctrl: renesas: rzg2l: Fix save/restore of {IOLH,IEN,PUPD,SMT} registers (git-fixes). * platform/chrome: chromeos_tbmc: Drop wakeup source on remove (git-fixes). * platform/surface: surfacepro3_button: Drop wakeup source on remove (git- fixes). * platform/x86/amd: pmc: Add Thinkpad L14 Gen3 to quirk_s2idle_bug (stable- fixes). * platform/x86/intel-uncore-freq: Handle autonomous UFS status bit (git- fixes). * platform/x86: asus-wmi: adjust screenpad power/brightness handling (git- fixes). * platform/x86: asus-wmi: fix screenpad brightness range (git-fixes). * platform/x86: dell-wmi-sysman: bound enumeration string aggregation (git- fixes). * platform/x86: dell_rbu: avoid uninit value usage in packet_size_write() (git-fixes). * platform/x86: hp-wmi: Ignore backlight and FnLock events (stable-fixes). * platform/x86: panasonic-laptop: Fix OPTD notifier registration and cleanup (git-fixes). * power: supply: axp288_charger: Do not cancel work before initializing it (git-fixes). * power: supply: max17042: avoid overflow when determining health (git-fixes). * powerpc/crash: fix backup region offset update to elfcorehdr (bsc#1259535). * powerpc/crash: Update backup region offset in elfcorehdr on memory hotplug (bsc#1259535). * printk/nbcon/panic: Allow printk kthread to sleep when the system is in panic (bsc#1261149). * printk/nbcon: Block printk kthreads when any CPU is in an emergency context (bsc#1261149). * printk/nbcon: Release nbcon consoles ownership in atomic flush after each emitted record (bsc#1261149). * printk/nbcon: Restore IRQ in atomic flush after each emitted record (bsc#1261149). * printk/nbcon: use panic_on_this_cpu() helper (bsc#1261149). * printk: Allow printk_trigger_flush() to flush all types (bsc#1262750). * printk: Allow to use the printk kthread immediately even for 1st nbcon (jsc#PED-7912). * printk: Avoid irq_work for printk_deferred() on suspend (bsc#1262750). * printk: Avoid scheduling irq_work on suspend (bsc#1262750). * printk: console_flush_one_record() code cleanup (bsc#1261149). * printk: Introduce console_flush_one_record (bsc#1261149). * printk: Use console_flush_one_record for legacy printer kthread (bsc#1261149). * pwm: imx-tpm: Count the number of enabled channels in probe (git-fixes). * qat: don't mess with ->d_name (jsc#PED-14238). * r8152: fix incorrect register write to USB_UPHY_XTAL (git-fixes). * RDMA/irdma: Fix double free related to rereg_user_mr (git-fixes). * RDMA/mana: Fix error unwind in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Fix mana_destroy_wq_obj() cleanup in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Validate rx_hash_key_len (git-fixes). * RDMA/mana_ib: cleanup the usage of mana_gd_send_request() (git-fixes). * RDMA/mana_ib: Disable RX steering on RSS QP destroy (git-fixes). * RDMA/mana_ib: Support memory windows (git-fixes). * regulator: act8945a: fix OF node reference imbalance (git-fixes). * regulator: bd9571mwv: fix OF node reference imbalance (git-fixes). * regulator: max77650: fix OF node reference imbalance (git-fixes). * regulator: mt6357: fix OF node reference imbalance (git-fixes). * regulator: rk808: fix OF node reference imbalance (git-fixes). * remoteproc: xlnx: Fix sram property parsing (git-fixes). * remoteproc: xlnx: Only access buffer information if IPI is buffered (git- fixes). * Revert "ALSA: usb: Increase volume range that triggers a warning" (git- fixes). * Revert "serial: 8250: Revert "drop lockdep annotation from serial8250_clear_IER()"" (bsc#1262480). * Revert "serial: 8250: Switch to nbcon console" (bsc#1262480). * rtc: abx80x: Disable alarm feature if no interrupt attached (git-fixes). * rtc: ntxec: fix OF node reference imbalance (git-fixes). * s390/dasd: Copy detected format information to secondary device (bsc#1259994). * s390/dasd: Fix gendisk parent after copy pair swap (bsc#1259994). * s390/dasd: Move quiesce state with pprc swap (bsc#1259994). * sched/fair: Change likelyhood of nohz.nr_cpus (bsc#1234634 bsc#1258961). * sched/fair: Move checking for nohz cpus after time check (bsc#1234634 bsc#1258961). * sched/fair: Remove nohz.nr_cpus and use weight of cpumask instead (bsc#1234634 bsc#1258961). * scsi: lpfc: Add clean up of aborted NVMe commands during PCI fcn reset (bsc#1262019). * scsi: lpfc: Add log messages to fabric login error labels (bsc#1262019). * scsi: lpfc: Add PCI ID support for LPe42100 series adapters (bsc#1262019). * scsi: lpfc: Add REG_VFI mailbox cmd error handling (bsc#1262019). * scsi: lpfc: Break out of IRQ affinity assignment when mask reaches nr_cpu_ids (bsc#1262019). * scsi: lpfc: Check ASIC_ID register to aid diagnostics during failed fw updates (bsc#1262019). * scsi: lpfc: Cleanup error exit paths in lpfc_fdmi_cmd() and associated messages (bsc#1262019). * scsi: lpfc: ELIMINATE kernel-doc warnings in lpfc.h (bsc#1262019). * scsi: lpfc: Fix incorrect txcmplq_cnt during cleanup in lpfc_sli_abort_ring() (bsc#1262019). * scsi: lpfc: Introduce 128G link speed selection and support (bsc#1262019). * scsi: lpfc: Log discarded and insufficient RQE buffer events (bsc#1262019). * scsi: lpfc: Log MCQE contents for mbox commands with no context (bsc#1262019). * scsi: lpfc: Properly set WC for DPP mapping (bsc#1262019). * scsi: lpfc: Reduce pointer chasing when accessing vmid_flag (bsc#1262019). * scsi: lpfc: Remove deprecated PBDE feature (bsc#1262019). * scsi: lpfc: Remove unnecessary ndlp kref get in lpfc_check_nlp_post_devloss (bsc#1262019). * scsi: lpfc: Restrict first burst to non-FCoE and SLI4 adapters only (bsc#1262019). * scsi: lpfc: Select mailbox rq_create cmd version based on SLI4 if_type (bsc#1262019). * scsi: lpfc: Update class of service bit field to 3 bits for WQE submissions (bsc#1262019). * scsi: lpfc: Update construction of SGL when XPSGL is enabled (bsc#1262019). * scsi: lpfc: Update copyright year string for 2026 (bsc#1262019). * scsi: lpfc: Update log message when ndlp kref get is unsuccessful (bsc#1262019). * scsi: lpfc: Update lpfc version to 14.4.0.14 (bsc#1262019). * scsi: lpfc: Update lpfc version to 15.0.0.0 (bsc#1262019). * scsi: lpfc: Update outdated comment for renamed lpfc_freenode() (bsc#1262019). * scsi: lpfc: Use min_t() instead of min() in lpfc_sli4_driver_resource_setup (bsc#1262019). * scsi: lpfc: Use the crc32c() function (bsc#1262019). * scsi: mpi3mr: Add NULL checks when resetting request and reply queues (git- fixes). * scsi: ses: Fix devices attaching to different hosts (git-fixes). * scsi: storvsc: Handle PERSISTENT_RESERVE_IN truncation for Hyper-V vFC (git- fixes). * scsi: target: iscsi: validate CHAP_R length before base64 decode (bsc#1265449). * scsi: ufs: ufs-pci: Add support for Intel Wildcat Lake (jsc#PED-13771). * selftests/bpf: Test cross-sign 64bits range refinement (git-fixes). * selftests/bpf: Test invariants on JSLT crossing sign (git-fixes). * selftests/bpf: test refining u32/s32 bounds when ranges cross min/max boundary (git-fixes). * selftests: net: build net/lib dependency in all target (bsc#1262245). * selinux: don't reserve xattr slot when we won't fill it (stable-fixes). * selinux: prune /sys/fs/selinux/disable (stable-fixes). * selinux: shrink critical section in sel_write_load() (stable-fixes). * serial: 8250: Add serial8250_handle_irq_locked() (bsc#1262480). * serial: 8250: Protect LCR write in shutdown (bsc#1262480). * serial: 8250_dw: Avoid unnecessary LCR writes (bsc#1262480). * serial: 8250_dw: Ensure BUSY is deasserted (bsc#1262480). * serial: 8250_dw: Rework dw8250_handle_irq() locking and IIR handling (bsc#1262480). * serial: 8250_dw: Rework IIR_NO_INT handling to stop interrupt storm (bsc#1262480). * Set CONFIG_INTEL_TSX_MODE to follow upstream AUTO default (bsc#1263044). * soc/tegra: cbb: Set ERD on resume for err interrupt (git-fixes). * soc: qcom: aoss: compare against normalized cooling state (git-fixes). * soc: qcom: llcc: fix v1 SB syndrome register offset (git-fixes). * soc: qcom: ocmem: make the core clock optional (git-fixes). * soc: qcom: ocmem: register reasons for probe deferrals (git-fixes). * soc: qcom: ocmem: return -EPROBE_DEFER is ocmem is not available (git- fixes). * sound: ua101: fix division by zero at probe (git-fixes). * soundwire: bus: demote UNATTACHED state warnings to dev_dbg() (git-fixes). * soundwire: cadence: Clear message complete before signaling waiting thread (git-fixes). * soundwire: debugfs: initialize firmware_file to empty string (git-fixes). * spi: aspeed-smc: fix controller deregistration (git-fixes). * spi: at91-usart: fix controller deregistration (git-fixes). * spi: atmel: fix controller deregistration (git-fixes). * spi: bcm63xx: fix controller deregistration (git-fixes). * spi: bcmbca-hsspi: fix controller deregistration (git-fixes). * spi: cadence: fix controller deregistration (git-fixes). * spi: cadence: fix unclocked access on unbind (git-fixes). * spi: ch341: fix memory leaks on probe failures (git-fixes). * spi: coldfire-qspi: fix controller deregistration (git-fixes). * spi: dln2: fix controller deregistration (git-fixes). * spi: fix controller cleanup() documentation (git-fixes). * spi: fix misleading controller deregistration kernel-doc (git-fixes). * spi: fix misleading controller registration kernel-doc (git-fixes). * spi: fsl-espi: fix controller deregistration (git-fixes). * spi: fsl-qspi: Use reinit_completion() for repeated operations (git-fixes). * spi: fsl: fix controller deregistration (git-fixes). * spi: hisi-kunpeng: prevent infinite while() loop in hisi_spi_flush_fifo (git-fixes). * spi: img-spfi: fix controller deregistration (git-fixes). * spi: imx: fix runtime pm leak on probe deferral (git-fixes). * spi: imx: fix use-after-free on unbind (git-fixes). * spi: lantiq-ssc: fix controller deregistration (git-fixes). * spi: meson-spicc: fix controller deregistration (git-fixes). * spi: microchip-core-qspi: fix controller deregistration (git-fixes). * spi: mpc52xx: fix controller deregistration (git-fixes). * spi: mpc52xx: fix use-after-free on registration failure (git-fixes). * spi: mpc52xx: fix use-after-free on unbind (git-fixes). * spi: mtk-nor: fix controller deregistration (git-fixes). * spi: mtk-snfi: fix memory leak in probe (git-fixes). * spi: mtk-snfi: unregister ECC engine on probe failure and remove() callback (git-fixes). * spi: mxic: fix controller deregistration (git-fixes). * spi: mxs: fix controller deregistration (git-fixes). * spi: npcm-pspi: fix controller deregistration (git-fixes). * spi: omap2-mcspi: fix controller deregistration (git-fixes). * spi: orion: fix clock imbalance on registration failure (git-fixes). * spi: orion: fix controller deregistration (git-fixes). * spi: orion: fix runtime pm leak on unbind (git-fixes). * spi: pic32-sqi: fix controller deregistration (git-fixes). * spi: pic32: fix controller deregistration (git-fixes). * spi: pl022: fix controller deregistration (git-fixes). * spi: qup: fix controller deregistration (git-fixes). * spi: rockchip: fix controller deregistration (git-fixes). * spi: rockchip: Read ISR, not IMR, to detect cs-inactive IRQ (git-fixes). * spi: rspi: fix controller deregistration (git-fixes). * spi: s3c64xx: fix controller deregistration (git-fixes). * spi: s3c64xx: fix NULL-deref on driver unbind (git-fixes). * spi: sh-hspi: fix controller deregistration (git-fixes). * spi: sprd: fix controller deregistration (git-fixes). * spi: st-ssc4: fix controller deregistration (git-fixes). * spi: sun4i: fix controller deregistration (git-fixes). * spi: sun6i: fix controller deregistration (git-fixes). * spi: syncuacer: fix controller deregistration (git-fixes). * spi: ti-qspi: fix controller deregistration (git-fixes). * spi: topcliff-pch: fix controller deregistration (git-fixes). * spi: topcliff-pch: fix use-after-free on unbind (git-fixes). * spi: uniphier: fix controller deregistration (git-fixes). * spi: uniphier: Simplify clock handling with devm_clk_get_enabled() (stable- fixes). * spi: zynq-qspi: fix controller deregistration (git-fixes). * spi: zynq-qspi: Simplify clock handling with devm_clk_get_enabled() (stable- fixes). * spi: zynqmp-gqspi: fix controller deregistration (git-fixes). * staging: media: atomisp: Disallow all private IOCTLs (git-fixes). * staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify() (git-fixes). * staging: sm750fb: fix division by zero in ps_to_hz() (git-fixes). * staging: vme_user: fix root device leak on init failure (git-fixes). * tg3: replace placeholder MAC address with device property (git-fixes). * thermal/drivers/spear: Fix error condition for reading st,thermal-flags (git-fixes). * thermal/drivers/sprd: Fix raw temperature clamping in sprd_thm_rawdata_to_temp (git-fixes). * thermal/drivers/sprd: Fix temperature clamping in sprd_thm_temp_to_rawdata (git-fixes). * tools/power/turbostat: Fix microcode patch level output for AMD/Hygon (git- fixes). * tools: hv: Fix cross-compilation (git-fixes). * tpm2-sessions: Fix missing tpm_buf_destroy() in tpm2_read_public() (git- fixes). * tpm: avoid -Wunused-but-set-variable (git-fixes). * tpm: Fix auth session leak in tpm2_get_random() error path (git-fixes). * tpm: tpm_tis: add error logging for data transfer (git-fixes). * tpm: tpm_tis: stop transmit if retries are exhausted (git-fixes). * tpm: Use kfree_sensitive() to free auth session in tpm_dev_release() (git- fixes). * tty: serial: ip22zilog: Fix section mispatch warning (git-fixes). * udp: Force compute_score to always inline (bsc#1241259). * unshare: fix unshare_fs() handling (git-fixes). * USB: cdc-acm: Add quirks for Yoga Book 9 14IAH10 INGENIC touchscreen (git- fixes). * usb: chipidea: core: allow ci_irq_handler() handle both ID and VBUS change (git-fixes). * usb: chipidea: otg: not wait vbus drop if use role_switch (git-fixes). * USB: core: add NO_LPM quirk for Razer Kiyo Pro webcam (stable-fixes). * usb: gadget: dummy_hcd: fix premature URB completion when ZLP follows partial transfer (stable-fixes). * usb: gadget: f_hid: Add missing error code (git-fixes). * usb: gadget: f_hid: don't call cdev_init while cdev in use (git-fixes). * usb: gadget: f_hid: move list and spinlock inits from bind to alloc (stable- fixes). * usb: gadget: f_ncm: validate minimum block_len in ncm_unwrap_ntb() (git- fixes). * usb: gadget: f_phonet: fix skb frags[] overflow in pn_rx_complete() (git- fixes). * usb: gadget: f_uac1_legacy: validate control request size (stable-fixes). * usb: gadget: renesas_usb3: validate endpoint index in standard request handlers (git-fixes). * usb: gadget: u_ether: Fix NULL pointer deref in eth_get_drvinfo (git-fixes). * USB: omap_udc: DMA: Don't enable burst 4 mode (git-fixes). * usb: port: add delay after usb_hub_set_port_power() (git-fixes). * usb: quirks: add DELAY_INIT quirk for another Silicon Motion flash drive (stable-fixes). * USB: serial: io_edgeport: add support for Blackbox IC135A (stable-fixes). * USB: serial: option: add MeiG Smart SRM825WN (stable-fixes). * USB: serial: option: add support for Rolling Wireless RW135R-GL (stable- fixes). * USB: serial: option: add Telit Cinterion FN990A MBIM composition (git- fixes). * USB: serial: option: add Telit Cinterion LE910Cx compositions (stable- fixes). * usb: storage: Expand range of matched versions for VL817 quirks entry (git- fixes). * usb: typec: tcpm: reset internal port states on soft reset AMS (git-fixes). * usb: ulpi: fix memory leak on ulpi_register() error paths (git-fixes). * usb: usblp: fix heap leak in IEEE 1284 device ID via short response (stable- fixes). * usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl (stable- fixes). * usb: xhci: Make usb_host_endpoint.hcpriv survive endpoint_disable() (git- fixes). * usbip: validate number_of_packets in usbip_pack_ret_submit() (git-fixes). * vfio/pci: Lock upstream bridge for vfio_pci_core_disable() (git-fixes). * vfio/pds: Fix memory leak in pds_vfio_dirty_enable() (git-fixes). * vfio/pds: Fix missing detach_ioas op (git-fixes). * vfio/pds: replace bitmap_free with vfree (git-fixes). * vfio/type1: Fix error unwind in migration dirty bitmap allocation (git- fixes). * vfio: Fix unbalanced vfio_df_close call in no-iommu mode (git-fixes). * vfio: Prevent open_count decrement to negative (git-fixes). * virt: arm-cca-guest: fix error check for RSI_INCOMPLETE (git-fixes). * virt: sev-guest: Do not use host-controlled page order in cleanup path (git- fixes). * virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (git- fixes). * virt: tdx-guest: Return error for GetQuote failures (git-fixes). * wifi: ath5k: do not access array OOB (git-fixes). * wifi: ath9k: Fix typo (git-fixes). * wifi: ath10k: fix station lookup failure during disconnect (git-fixes). * wifi: ath11k: fix memory leaks in beacon template setup (git-fixes). * wifi: ath12k: fix leak in some ath12k_wmi_xxx() functions (git-fixes). * wifi: ath12k: use lockdep_assert_in_rcu_read_lock() for RCU assertions (git- fixes). * wifi: b43: enforce bounds check on firmware key index in b43_rx() (git- fixes). * wifi: b43legacy: enforce bounds check on firmware key index in RX path (git- fixes). * wifi: brcmfmac: Fix error pointer dereference (git-fixes). * wifi: brcmfmac: Fix potential use-after-free issue when stopping watchdog task (git-fixes). * wifi: brcmfmac: validate bsscfg indices in IF events (stable-fixes). * wifi: brcmsmac: Fix dma_free_coherent() size (git-fixes). * wifi: cw1200: Revert "Fix locking in error paths" (git-fixes). * wifi: libertas: notify firmware load wait on disconnect (git-fixes). * wifi: mac80211: check ieee80211_rx_data_set_link return in pubsta MLO path (git-fixes). * wifi: mac80211: check tdls flag in ieee80211_tdls_oper (stable-fixes). * wifi: mac80211: drop stray 'static' from fast-RX rx_result (git-fixes). * wifi: mac80211: handle VHT EXT NSS in ieee80211_determine_our_sta_mode() (git-fixes). * wifi: mac80211: remove station if connection prep fails (git-fixes). * wifi: mac80211: use safe list iteration in radar detect work (git-fixes). * wifi: mt76: Fix memory leak after mt76_connac_mcu_alloc_sta_req() (git- fixes). * wifi: mt76: mt792x: describe USB WFSYS reset with a descriptor (stable- fixes). * wifi: mt76: mt792x: fix mt7925u USB WFSYS reset handling (git-fixes). * wifi: mt76: mt7615: fix use_cts_prot support (git-fixes). * wifi: mt76: mt7915: fix use-after-free bugs in mt7915_mac_dump_work() (git- fixes). * wifi: mt76: mt7915: fix use_cts_prot support (git-fixes). * wifi: mt76: mt7921: fix 6GHz regulatory update on connection (git-fixes). * wifi: mt76: mt7921: fix a potential clc buffer length underflow (git-fixes). * wifi: mt76: mt7921: fix ROC abort flow interruption in mt7921_roc_work (git- fixes). * wifi: mt76: mt7921: Place upper limit on station AID (git-fixes). * wifi: mt76: mt7921: Reset ampdu_state state in case of failure in mt76_connac2_tx_check_aggr() (git-fixes). * wifi: mt76: mt7925: fix AMPDU state handling in mt7925_tx_check_aggr (git- fixes). * wifi: mt76: mt7925: fix incorrect length field in txpower command (git- fixes). * wifi: mt76: mt7925: Fix incorrect MLO mode in firmware control (git-fixes). * wifi: mt76: mt7925: fix incorrect TLV length in CLC command (git-fixes). * wifi: mt76: mt7925: prevent NULL pointer dereference in mt7925_tx_check_aggr() (git-fixes). * wifi: mt76: mt7925: prevent NULL vif dereference in mt7925_mac_write_txwi (git-fixes). * wifi: mt76: mt7996: fix FCS error flag check in RX descriptor (git-fixes). * wifi: mt76: mt7996: fix struct mt7996_mcu_uni_event (git-fixes). * wifi: mt76: mt7996: fix use-after-free bugs in mt7996_mac_dump_work() (git- fixes). * wifi: mwifiex: Fix memory leak in mwifiex_11n_aggregate_pkt() (git-fixes). * wifi: nl80211: fix NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST usage (git- fixes). * wifi: nl80211: require admin perm on SET_PMK / DEL_PMK (git-fixes). * wifi: rsi: fix kthread lifetime race between self-exit and external-stop (git-fixes). * wifi: rt2x00usb: fix devres lifetime (git-fixes). * wifi: rtl8xxxu: fix potential use of uninitialized value (git-fixes). * wifi: rtlwifi: pci: fix possible use-after-free caused by unfinished irq_prepare_bcn_tasklet (git-fixes). * wifi: rtw88: Add additional USB IDs for RTL8812BU (bsc#1263135). * wifi: rtw88: Add BUFFALO WI-U3-866DHP to the USB ID list (bsc#1263135). * wifi: rtw88: Add support for Mercusys MA30N and D-Link DWA-T185 rev. A1 (bsc#1263135). * wifi: rtw88: check for PCI upstream bridge existence (git-fixes). * wifi: rtw88: fix device leak on probe failure (git-fixes). * wifi: rtw88: rtw8822bu VID/PID for BUFFALO WI-U2-866DM (bsc#1263135). * wifi: rtw89: phy: fix uninitialized variable access in rtw89_phy_cfo_set_crystal_cap() (git-fixes). * wifi: wl1251: validate packet IDs before indexing tx_frames (stable-fixes). * x86/acpi/boot: Correct acpi_is_processor_usable() check again (git-fixes). * x86/boot/sev: Avoid shared GHCB page for early memory acceptance (git- fixes). * x86/boot/sev: Support memory acceptance in the EFI stub under SVSM (git- fixes). * x86/boot: Fix page table access in 5-level to 4-level paging transition (git-fixes). * x86/CPU/AMD: Add X86_FEATURE_ZEN6 (bsc#1263255). * x86/cpufeatures: Free up unused feature bits (bsc#1263255). * x86/fred: Fix early boot failures on SEV-ES/SNP guests (git-fixes). * x86/mtrr: Check if fixed-range MTRRs exist in mtrr_save_fixed_ranges() (git- fixes). * x86/sev: Add missing RIP_REL_REF() invocations during sme_enable() (git- fixes). * x86/sev: Do not touch VMSA pages during SNP guest memory kdump (git-fixes). * x86/sev: Ensure SVSM reserved fields in a page validation entry are initialized to zero (git-fixes). * x86/sev: Fix operator precedence in GHCB_MSR_VMPL_REQ_LEVEL macro (git- fixes). * x86/sev: Improve handling of writes to intercepted TSC MSRs (git-fixes). * x86/sev: Make sure pages are not skipped during kdump (git-fixes). * x86/tsx: Get the tsx= command line parameter with early_param() (bsc#1250951 bsc#1263044). * x86/tsx: Make tsx_ctrl_state static (bsc#1250951 bsc#1263044). * x86/vmware: Parse MP tables for SEV-SNP enabled guests under VMware hypervisors (git-fixes). * X.509: Fix out-of-bounds access when parsing extensions (git-fixes). * Xarray: do not return sibling entries from xas_find_marked() (bsc#1263815). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-814=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-814=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le x86_64) * kernel-kvmsmall-debuginfo-6.12.0-160000.33.1 * kernel-default-base-6.12.0-160000.33.1.160000.2.14 * kernel-kvmsmall-debugsource-6.12.0-160000.33.1 * kernel-kvmsmall-devel-6.12.0-160000.33.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-6.12.0-160000.33.1 * kernel-default-extra-6.12.0-160000.33.1 * kernel-obs-qa-6.12.0-160000.33.1 * kernel-default-debuginfo-6.12.0-160000.33.1 * kernel-default-debugsource-6.12.0-160000.33.1 * kernel-default-extra-debuginfo-6.12.0-160000.33.1 * kernel-syms-6.12.0-160000.33.1 * SUSE Linux Enterprise Server 16.0 (noarch) * kernel-docs-html-6.12.0-160000.33.1 * kernel-macros-6.12.0-160000.33.1 * kernel-source-vanilla-6.12.0-160000.33.1 * kernel-source-6.12.0-160000.33.1 * kernel-devel-6.12.0-160000.33.1 * SUSE Linux Enterprise Server 16.0 (aarch64 nosrc x86_64) * kernel-azure-6.12.0-160000.33.1 * SUSE Linux Enterprise Server 16.0 (aarch64 x86_64) * kernel-azure-devel-6.12.0-160000.33.1 * kernel-azure-extra-6.12.0-160000.33.1 * kernel-azure-debuginfo-6.12.0-160000.33.1 * kernel-azure-debugsource-6.12.0-160000.33.1 * kernel-azure-extra-debuginfo-6.12.0-160000.33.1 * SUSE Linux Enterprise Server 16.0 (aarch64 nosrc) * kernel-64kb-6.12.0-160000.33.1 * SUSE Linux Enterprise Server 16.0 (aarch64) * kernel-64kb-debugsource-6.12.0-160000.33.1 * kernel-64kb-devel-6.12.0-160000.33.1 * kernel-64kb-extra-debuginfo-6.12.0-160000.33.1 * kernel-64kb-debuginfo-6.12.0-160000.33.1 * kernel-64kb-extra-6.12.0-160000.33.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.12.0-160000.33.1 * SUSE Linux Enterprise Server 16.0 (noarch nosrc) * kernel-docs-6.12.0-160000.33.1 * SUSE Linux Enterprise Server 16.0 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-6.12.0-160000.33.1 * SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-default-livepatch-6.12.0-160000.33.1 * SUSE Linux Enterprise Server 16.0 (nosrc s390x) * kernel-zfcpdump-6.12.0-160000.33.1 * SUSE Linux Enterprise Server 16.0 (s390x) * kernel-zfcpdump-debuginfo-6.12.0-160000.33.1 * kernel-zfcpdump-debugsource-6.12.0-160000.33.1 * SUSE Linux Enterprise Server 16.0 (x86_64) * kernel-kvmsmall-vdso-debuginfo-6.12.0-160000.33.1 * kernel-kvmsmall-devel-debuginfo-6.12.0-160000.33.1 * kernel-azure-vdso-6.12.0-160000.33.1 * kernel-kvmsmall-vdso-6.12.0-160000.33.1 * kernel-default-devel-debuginfo-6.12.0-160000.33.1 * kernel-default-vdso-6.12.0-160000.33.1 * kernel-azure-devel-debuginfo-6.12.0-160000.33.1 * kernel-azure-vdso-debuginfo-6.12.0-160000.33.1 * kernel-default-vdso-debuginfo-6.12.0-160000.33.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * cluster-md-kmp-default-debuginfo-6.12.0-160000.33.1 * cluster-md-kmp-default-6.12.0-160000.33.1 * kernel-kvmsmall-devel-6.12.0-160000.33.1 * kernel-kvmsmall-debuginfo-6.12.0-160000.33.1 * kernel-default-extra-6.12.0-160000.33.1 * kernel-kvmsmall-debugsource-6.12.0-160000.33.1 * kernel-obs-qa-6.12.0-160000.33.1 * kernel-syms-6.12.0-160000.33.1 * gfs2-kmp-default-6.12.0-160000.33.1 * gfs2-kmp-default-debuginfo-6.12.0-160000.33.1 * kernel-default-debuginfo-6.12.0-160000.33.1 * kernel-default-livepatch-6.12.0-160000.33.1 * kernel-default-debugsource-6.12.0-160000.33.1 * kernel-default-extra-debuginfo-6.12.0-160000.33.1 * kernel-default-devel-6.12.0-160000.33.1 * kernel-default-base-6.12.0-160000.33.1.160000.2.14 * dlm-kmp-default-debuginfo-6.12.0-160000.33.1 * dlm-kmp-default-6.12.0-160000.33.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * kernel-docs-html-6.12.0-160000.33.1 * kernel-macros-6.12.0-160000.33.1 * kernel-source-vanilla-6.12.0-160000.33.1 * kernel-source-6.12.0-160000.33.1 * kernel-devel-6.12.0-160000.33.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (nosrc ppc64le x86_64) * kernel-default-6.12.0-160000.33.1 * kernel-kvmsmall-6.12.0-160000.33.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch nosrc) * kernel-docs-6.12.0-160000.33.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (nosrc x86_64) * kernel-azure-6.12.0-160000.33.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (x86_64) * kernel-azure-devel-6.12.0-160000.33.1 * kernel-kvmsmall-vdso-debuginfo-6.12.0-160000.33.1 * kernel-kvmsmall-devel-debuginfo-6.12.0-160000.33.1 * kernel-azure-extra-6.12.0-160000.33.1 * kernel-azure-vdso-6.12.0-160000.33.1 * kernel-kvmsmall-vdso-6.12.0-160000.33.1 * kernel-default-devel-debuginfo-6.12.0-160000.33.1 * kernel-azure-debuginfo-6.12.0-160000.33.1 * kernel-default-vdso-6.12.0-160000.33.1 * kernel-azure-devel-debuginfo-6.12.0-160000.33.1 * kernel-azure-debugsource-6.12.0-160000.33.1 * kernel-azure-vdso-debuginfo-6.12.0-160000.33.1 * kernel-azure-extra-debuginfo-6.12.0-160000.33.1 * kernel-default-vdso-debuginfo-6.12.0-160000.33.1 ## References: * https://www.suse.com/security/cve/CVE-2023-2058.html * https://www.suse.com/security/cve/CVE-2024-14027.html * https://www.suse.com/security/cve/CVE-2025-40181.html * https://www.suse.com/security/cve/CVE-2025-40219.html * https://www.suse.com/security/cve/CVE-2025-68265.html * https://www.suse.com/security/cve/CVE-2025-68310.html * https://www.suse.com/security/cve/CVE-2025-71238.html * https://www.suse.com/security/cve/CVE-2025-71268.html * https://www.suse.com/security/cve/CVE-2025-71269.html * https://www.suse.com/security/cve/CVE-2025-71302.html * https://www.suse.com/security/cve/CVE-2026-23168.html * https://www.suse.com/security/cve/CVE-2026-23209.html * https://www.suse.com/security/cve/CVE-2026-23236.html * https://www.suse.com/security/cve/CVE-2026-23237.html * https://www.suse.com/security/cve/CVE-2026-23245.html * https://www.suse.com/security/cve/CVE-2026-23246.html * https://www.suse.com/security/cve/CVE-2026-23253.html * https://www.suse.com/security/cve/CVE-2026-23260.html * https://www.suse.com/security/cve/CVE-2026-23261.html * https://www.suse.com/security/cve/CVE-2026-23264.html * https://www.suse.com/security/cve/CVE-2026-23266.html * https://www.suse.com/security/cve/CVE-2026-23268.html * https://www.suse.com/security/cve/CVE-2026-23269.html * https://www.suse.com/security/cve/CVE-2026-23271.html * https://www.suse.com/security/cve/CVE-2026-23273.html * https://www.suse.com/security/cve/CVE-2026-23276.html * https://www.suse.com/security/cve/CVE-2026-23279.html * https://www.suse.com/security/cve/CVE-2026-23290.html * https://www.suse.com/security/cve/CVE-2026-23291.html * https://www.suse.com/security/cve/CVE-2026-23298.html * https://www.suse.com/security/cve/CVE-2026-23300.html * https://www.suse.com/security/cve/CVE-2026-23307.html * https://www.suse.com/security/cve/CVE-2026-23312.html * https://www.suse.com/security/cve/CVE-2026-23313.html * https://www.suse.com/security/cve/CVE-2026-23315.html * https://www.suse.com/security/cve/CVE-2026-23316.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-23318.html * https://www.suse.com/security/cve/CVE-2026-23321.html * https://www.suse.com/security/cve/CVE-2026-23324.html * https://www.suse.com/security/cve/CVE-2026-23325.html * https://www.suse.com/security/cve/CVE-2026-23334.html * https://www.suse.com/security/cve/CVE-2026-23336.html * https://www.suse.com/security/cve/CVE-2026-23339.html * https://www.suse.com/security/cve/CVE-2026-23340.html * https://www.suse.com/security/cve/CVE-2026-23346.html * https://www.suse.com/security/cve/CVE-2026-23347.html * https://www.suse.com/security/cve/CVE-2026-23351.html * https://www.suse.com/security/cve/CVE-2026-23354.html * https://www.suse.com/security/cve/CVE-2026-23357.html * https://www.suse.com/security/cve/CVE-2026-23360.html * https://www.suse.com/security/cve/CVE-2026-23362.html * https://www.suse.com/security/cve/CVE-2026-23363.html * https://www.suse.com/security/cve/CVE-2026-23365.html * https://www.suse.com/security/cve/CVE-2026-23367.html * https://www.suse.com/security/cve/CVE-2026-23368.html * https://www.suse.com/security/cve/CVE-2026-23369.html * https://www.suse.com/security/cve/CVE-2026-23370.html * https://www.suse.com/security/cve/CVE-2026-23372.html * https://www.suse.com/security/cve/CVE-2026-23373.html * https://www.suse.com/security/cve/CVE-2026-23374.html * https://www.suse.com/security/cve/CVE-2026-23375.html * https://www.suse.com/security/cve/CVE-2026-23378.html * https://www.suse.com/security/cve/CVE-2026-23382.html * https://www.suse.com/security/cve/CVE-2026-23387.html * https://www.suse.com/security/cve/CVE-2026-23391.html * https://www.suse.com/security/cve/CVE-2026-23392.html * https://www.suse.com/security/cve/CVE-2026-23395.html * https://www.suse.com/security/cve/CVE-2026-23396.html * https://www.suse.com/security/cve/CVE-2026-23397.html * https://www.suse.com/security/cve/CVE-2026-23399.html * https://www.suse.com/security/cve/CVE-2026-23401.html * https://www.suse.com/security/cve/CVE-2026-23403.html * https://www.suse.com/security/cve/CVE-2026-23404.html * https://www.suse.com/security/cve/CVE-2026-23405.html * https://www.suse.com/security/cve/CVE-2026-23406.html * https://www.suse.com/security/cve/CVE-2026-23407.html * https://www.suse.com/security/cve/CVE-2026-23408.html * https://www.suse.com/security/cve/CVE-2026-23409.html * https://www.suse.com/security/cve/CVE-2026-23410.html * https://www.suse.com/security/cve/CVE-2026-23411.html * https://www.suse.com/security/cve/CVE-2026-23417.html * https://www.suse.com/security/cve/CVE-2026-23418.html * https://www.suse.com/security/cve/CVE-2026-23420.html * https://www.suse.com/security/cve/CVE-2026-23426.html * https://www.suse.com/security/cve/CVE-2026-23434.html * https://www.suse.com/security/cve/CVE-2026-23436.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-23440.html * https://www.suse.com/security/cve/CVE-2026-23441.html * https://www.suse.com/security/cve/CVE-2026-23442.html * https://www.suse.com/security/cve/CVE-2026-23443.html * https://www.suse.com/security/cve/CVE-2026-23445.html * https://www.suse.com/security/cve/CVE-2026-23446.html * https://www.suse.com/security/cve/CVE-2026-23447.html * https://www.suse.com/security/cve/CVE-2026-23448.html * https://www.suse.com/security/cve/CVE-2026-23449.html * https://www.suse.com/security/cve/CVE-2026-23450.html * https://www.suse.com/security/cve/CVE-2026-23452.html * https://www.suse.com/security/cve/CVE-2026-23454.html * https://www.suse.com/security/cve/CVE-2026-23455.html * https://www.suse.com/security/cve/CVE-2026-23456.html * https://www.suse.com/security/cve/CVE-2026-23457.html * https://www.suse.com/security/cve/CVE-2026-23458.html * https://www.suse.com/security/cve/CVE-2026-23460.html * https://www.suse.com/security/cve/CVE-2026-23461.html * https://www.suse.com/security/cve/CVE-2026-23462.html * https://www.suse.com/security/cve/CVE-2026-23463.html * https://www.suse.com/security/cve/CVE-2026-23464.html * https://www.suse.com/security/cve/CVE-2026-23465.html * https://www.suse.com/security/cve/CVE-2026-23466.html * https://www.suse.com/security/cve/CVE-2026-23468.html * https://www.suse.com/security/cve/CVE-2026-23470.html * https://www.suse.com/security/cve/CVE-2026-23472.html * https://www.suse.com/security/cve/CVE-2026-23473.html * https://www.suse.com/security/cve/CVE-2026-23474.html * https://www.suse.com/security/cve/CVE-2026-23475.html * https://www.suse.com/security/cve/CVE-2026-31389.html * https://www.suse.com/security/cve/CVE-2026-31392.html * https://www.suse.com/security/cve/CVE-2026-31393.html * https://www.suse.com/security/cve/CVE-2026-31394.html * https://www.suse.com/security/cve/CVE-2026-31395.html * https://www.suse.com/security/cve/CVE-2026-31400.html * https://www.suse.com/security/cve/CVE-2026-31402.html * https://www.suse.com/security/cve/CVE-2026-31403.html * https://www.suse.com/security/cve/CVE-2026-31405.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-31407.html * https://www.suse.com/security/cve/CVE-2026-31408.html * https://www.suse.com/security/cve/CVE-2026-31411.html * https://www.suse.com/security/cve/CVE-2026-31412.html * https://www.suse.com/security/cve/CVE-2026-31415.html * https://www.suse.com/security/cve/CVE-2026-31416.html * https://www.suse.com/security/cve/CVE-2026-31417.html * https://www.suse.com/security/cve/CVE-2026-31420.html * https://www.suse.com/security/cve/CVE-2026-31421.html * https://www.suse.com/security/cve/CVE-2026-31422.html * https://www.suse.com/security/cve/CVE-2026-31423.html * https://www.suse.com/security/cve/CVE-2026-31424.html * https://www.suse.com/security/cve/CVE-2026-31425.html * https://www.suse.com/security/cve/CVE-2026-31426.html * https://www.suse.com/security/cve/CVE-2026-31427.html * https://www.suse.com/security/cve/CVE-2026-31428.html * https://www.suse.com/security/cve/CVE-2026-31435.html * https://www.suse.com/security/cve/CVE-2026-31449.html * https://www.suse.com/security/cve/CVE-2026-31453.html * https://www.suse.com/security/cve/CVE-2026-31456.html * https://www.suse.com/security/cve/CVE-2026-31470.html * https://www.suse.com/security/cve/CVE-2026-31494.html * https://www.suse.com/security/cve/CVE-2026-31496.html * https://www.suse.com/security/cve/CVE-2026-31503.html * https://www.suse.com/security/cve/CVE-2026-31504.html * https://www.suse.com/security/cve/CVE-2026-31505.html * https://www.suse.com/security/cve/CVE-2026-31507.html * https://www.suse.com/security/cve/CVE-2026-31515.html * https://www.suse.com/security/cve/CVE-2026-31519.html * https://www.suse.com/security/cve/CVE-2026-31525.html * https://www.suse.com/security/cve/CVE-2026-31526.html * https://www.suse.com/security/cve/CVE-2026-31528.html * https://www.suse.com/security/cve/CVE-2026-31533.html * https://www.suse.com/security/cve/CVE-2026-31547.html * https://www.suse.com/security/cve/CVE-2026-31550.html * https://www.suse.com/security/cve/CVE-2026-31554.html * https://www.suse.com/security/cve/CVE-2026-31565.html * https://www.suse.com/security/cve/CVE-2026-31579.html * https://www.suse.com/security/cve/CVE-2026-31586.html * https://www.suse.com/security/cve/CVE-2026-31588.html * https://www.suse.com/security/cve/CVE-2026-31644.html * https://www.suse.com/security/cve/CVE-2026-31649.html * https://www.suse.com/security/cve/CVE-2026-31658.html * https://www.suse.com/security/cve/CVE-2026-31662.html * https://www.suse.com/security/cve/CVE-2026-31666.html * https://www.suse.com/security/cve/CVE-2026-31668.html * https://www.suse.com/security/cve/CVE-2026-31669.html * https://www.suse.com/security/cve/CVE-2026-31675.html * https://www.suse.com/security/cve/CVE-2026-31678.html * https://www.suse.com/security/cve/CVE-2026-31679.html * https://www.suse.com/security/cve/CVE-2026-31681.html * https://www.suse.com/security/cve/CVE-2026-31682.html * https://www.suse.com/security/cve/CVE-2026-31684.html * https://www.suse.com/security/cve/CVE-2026-31685.html * https://www.suse.com/security/cve/CVE-2026-31691.html * https://www.suse.com/security/cve/CVE-2026-31694.html * https://www.suse.com/security/cve/CVE-2026-31700.html * https://www.suse.com/security/cve/CVE-2026-31738.html * https://www.suse.com/security/cve/CVE-2026-31787.html * https://www.suse.com/security/cve/CVE-2026-43009.html * https://www.suse.com/security/cve/CVE-2026-43025.html * https://www.suse.com/security/cve/CVE-2026-43027.html * https://www.suse.com/security/cve/CVE-2026-43037.html * https://www.suse.com/security/cve/CVE-2026-43038.html * https://www.suse.com/security/cve/CVE-2026-43045.html * https://www.suse.com/security/cve/CVE-2026-43050.html * https://www.suse.com/security/cve/CVE-2026-43060.html * https://www.suse.com/security/cve/CVE-2026-43082.html * https://www.suse.com/security/cve/CVE-2026-43088.html * https://www.suse.com/security/cve/CVE-2026-43153.html * https://www.suse.com/security/cve/CVE-2026-43190.html * https://www.suse.com/security/cve/CVE-2026-43265.html * https://www.suse.com/security/cve/CVE-2026-43329.html * https://www.suse.com/security/cve/CVE-2026-43365.html * https://www.suse.com/security/cve/CVE-2026-43366.html * https://www.suse.com/security/cve/CVE-2026-43441.html * https://www.suse.com/security/cve/CVE-2026-43494.html * https://www.suse.com/security/cve/CVE-2026-43503.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1234634 * https://bugzilla.suse.com/show_bug.cgi?id=1241259 * https://bugzilla.suse.com/show_bug.cgi?id=1243603 * https://bugzilla.suse.com/show_bug.cgi?id=1248754 * https://bugzilla.suse.com/show_bug.cgi?id=1249104 * https://bugzilla.suse.com/show_bug.cgi?id=1250951 * https://bugzilla.suse.com/show_bug.cgi?id=1253471 * https://bugzilla.suse.com/show_bug.cgi?id=1254518 * https://bugzilla.suse.com/show_bug.cgi?id=1255160 * https://bugzilla.suse.com/show_bug.cgi?id=1255360 * https://bugzilla.suse.com/show_bug.cgi?id=1255459 * https://bugzilla.suse.com/show_bug.cgi?id=1255752 * https://bugzilla.suse.com/show_bug.cgi?id=1256288 * https://bugzilla.suse.com/show_bug.cgi?id=1256865 * https://bugzilla.suse.com/show_bug.cgi?id=1256867 * https://bugzilla.suse.com/show_bug.cgi?id=1258518 * https://bugzilla.suse.com/show_bug.cgi?id=1258718 * https://bugzilla.suse.com/show_bug.cgi?id=1258826 * https://bugzilla.suse.com/show_bug.cgi?id=1258849 * https://bugzilla.suse.com/show_bug.cgi?id=1258850 * https://bugzilla.suse.com/show_bug.cgi?id=1258854 * https://bugzilla.suse.com/show_bug.cgi?id=1258855 * https://bugzilla.suse.com/show_bug.cgi?id=1258856 * https://bugzilla.suse.com/show_bug.cgi?id=1258857 * https://bugzilla.suse.com/show_bug.cgi?id=1258933 * https://bugzilla.suse.com/show_bug.cgi?id=1258961 * https://bugzilla.suse.com/show_bug.cgi?id=1259186 * https://bugzilla.suse.com/show_bug.cgi?id=1259199 * https://bugzilla.suse.com/show_bug.cgi?id=1259222 * https://bugzilla.suse.com/show_bug.cgi?id=1259420 * https://bugzilla.suse.com/show_bug.cgi?id=1259461 * https://bugzilla.suse.com/show_bug.cgi?id=1259535 * https://bugzilla.suse.com/show_bug.cgi?id=1259672 * https://bugzilla.suse.com/show_bug.cgi?id=1259799 * https://bugzilla.suse.com/show_bug.cgi?id=1259806 * https://bugzilla.suse.com/show_bug.cgi?id=1259857 * https://bugzilla.suse.com/show_bug.cgi?id=1259865 * https://bugzilla.suse.com/show_bug.cgi?id=1259868 * https://bugzilla.suse.com/show_bug.cgi?id=1259869 * https://bugzilla.suse.com/show_bug.cgi?id=1259871 * https://bugzilla.suse.com/show_bug.cgi?id=1259873 * https://bugzilla.suse.com/show_bug.cgi?id=1259878 * https://bugzilla.suse.com/show_bug.cgi?id=1259889 * https://bugzilla.suse.com/show_bug.cgi?id=1259994 * https://bugzilla.suse.com/show_bug.cgi?id=1260010 * https://bugzilla.suse.com/show_bug.cgi?id=1260012 * https://bugzilla.suse.com/show_bug.cgi?id=1260018 * https://bugzilla.suse.com/show_bug.cgi?id=1260428 * https://bugzilla.suse.com/show_bug.cgi?id=1260468 * https://bugzilla.suse.com/show_bug.cgi?id=1260483 * https://bugzilla.suse.com/show_bug.cgi?id=1260484 * https://bugzilla.suse.com/show_bug.cgi?id=1260485 * https://bugzilla.suse.com/show_bug.cgi?id=1260489 * https://bugzilla.suse.com/show_bug.cgi?id=1260504 * https://bugzilla.suse.com/show_bug.cgi?id=1260505 * https://bugzilla.suse.com/show_bug.cgi?id=1260507 * https://bugzilla.suse.com/show_bug.cgi?id=1260514 * https://bugzilla.suse.com/show_bug.cgi?id=1260523 * https://bugzilla.suse.com/show_bug.cgi?id=1260526 * https://bugzilla.suse.com/show_bug.cgi?id=1260528 * https://bugzilla.suse.com/show_bug.cgi?id=1260529 * https://bugzilla.suse.com/show_bug.cgi?id=1260530 * https://bugzilla.suse.com/show_bug.cgi?id=1260531 * https://bugzilla.suse.com/show_bug.cgi?id=1260532 * https://bugzilla.suse.com/show_bug.cgi?id=1260533 * https://bugzilla.suse.com/show_bug.cgi?id=1260536 * https://bugzilla.suse.com/show_bug.cgi?id=1260537 * https://bugzilla.suse.com/show_bug.cgi?id=1260538 * https://bugzilla.suse.com/show_bug.cgi?id=1260541 * https://bugzilla.suse.com/show_bug.cgi?id=1260546 * https://bugzilla.suse.com/show_bug.cgi?id=1260549 * https://bugzilla.suse.com/show_bug.cgi?id=1260551 * https://bugzilla.suse.com/show_bug.cgi?id=1260552 * https://bugzilla.suse.com/show_bug.cgi?id=1260555 * https://bugzilla.suse.com/show_bug.cgi?id=1260561 * https://bugzilla.suse.com/show_bug.cgi?id=1260562 * https://bugzilla.suse.com/show_bug.cgi?id=1260566 * https://bugzilla.suse.com/show_bug.cgi?id=1260571 * https://bugzilla.suse.com/show_bug.cgi?id=1260572 * https://bugzilla.suse.com/show_bug.cgi?id=1260573 * https://bugzilla.suse.com/show_bug.cgi?id=1260576 * https://bugzilla.suse.com/show_bug.cgi?id=1260580 * https://bugzilla.suse.com/show_bug.cgi?id=1260581 * https://bugzilla.suse.com/show_bug.cgi?id=1260593 * https://bugzilla.suse.com/show_bug.cgi?id=1260613 * https://bugzilla.suse.com/show_bug.cgi?id=1260728 * https://bugzilla.suse.com/show_bug.cgi?id=1260729 * https://bugzilla.suse.com/show_bug.cgi?id=1260731 * https://bugzilla.suse.com/show_bug.cgi?id=1260798 * https://bugzilla.suse.com/show_bug.cgi?id=1260800 * https://bugzilla.suse.com/show_bug.cgi?id=1260801 * https://bugzilla.suse.com/show_bug.cgi?id=1260807 * https://bugzilla.suse.com/show_bug.cgi?id=1260811 * https://bugzilla.suse.com/show_bug.cgi?id=1260996 * https://bugzilla.suse.com/show_bug.cgi?id=1261020 * https://bugzilla.suse.com/show_bug.cgi?id=1261149 * https://bugzilla.suse.com/show_bug.cgi?id=1261287 * https://bugzilla.suse.com/show_bug.cgi?id=1261288 * https://bugzilla.suse.com/show_bug.cgi?id=1261295 * https://bugzilla.suse.com/show_bug.cgi?id=1261348 * https://bugzilla.suse.com/show_bug.cgi?id=1261410 * https://bugzilla.suse.com/show_bug.cgi?id=1261503 * https://bugzilla.suse.com/show_bug.cgi?id=1261504 * https://bugzilla.suse.com/show_bug.cgi?id=1261505 * https://bugzilla.suse.com/show_bug.cgi?id=1261550 * https://bugzilla.suse.com/show_bug.cgi?id=1261555 * https://bugzilla.suse.com/show_bug.cgi?id=1261581 * https://bugzilla.suse.com/show_bug.cgi?id=1261582 * https://bugzilla.suse.com/show_bug.cgi?id=1261584 * https://bugzilla.suse.com/show_bug.cgi?id=1261585 * https://bugzilla.suse.com/show_bug.cgi?id=1261592 * https://bugzilla.suse.com/show_bug.cgi?id=1261601 * https://bugzilla.suse.com/show_bug.cgi?id=1261602 * https://bugzilla.suse.com/show_bug.cgi?id=1261617 * https://bugzilla.suse.com/show_bug.cgi?id=1261618 * https://bugzilla.suse.com/show_bug.cgi?id=1261629 * https://bugzilla.suse.com/show_bug.cgi?id=1261632 * https://bugzilla.suse.com/show_bug.cgi?id=1261635 * https://bugzilla.suse.com/show_bug.cgi?id=1261636 * https://bugzilla.suse.com/show_bug.cgi?id=1261637 * https://bugzilla.suse.com/show_bug.cgi?id=1261638 * https://bugzilla.suse.com/show_bug.cgi?id=1261641 * https://bugzilla.suse.com/show_bug.cgi?id=1261644 * https://bugzilla.suse.com/show_bug.cgi?id=1261645 * https://bugzilla.suse.com/show_bug.cgi?id=1261648 * https://bugzilla.suse.com/show_bug.cgi?id=1261679 * https://bugzilla.suse.com/show_bug.cgi?id=1261685 * https://bugzilla.suse.com/show_bug.cgi?id=1261686 * https://bugzilla.suse.com/show_bug.cgi?id=1261687 * https://bugzilla.suse.com/show_bug.cgi?id=1261692 * https://bugzilla.suse.com/show_bug.cgi?id=1261694 * https://bugzilla.suse.com/show_bug.cgi?id=1261700 * https://bugzilla.suse.com/show_bug.cgi?id=1261702 * https://bugzilla.suse.com/show_bug.cgi?id=1261703 * https://bugzilla.suse.com/show_bug.cgi?id=1261707 * https://bugzilla.suse.com/show_bug.cgi?id=1261710 * https://bugzilla.suse.com/show_bug.cgi?id=1261713 * https://bugzilla.suse.com/show_bug.cgi?id=1261714 * https://bugzilla.suse.com/show_bug.cgi?id=1261719 * https://bugzilla.suse.com/show_bug.cgi?id=1261738 * https://bugzilla.suse.com/show_bug.cgi?id=1261750 * https://bugzilla.suse.com/show_bug.cgi?id=1261751 * https://bugzilla.suse.com/show_bug.cgi?id=1261752 * https://bugzilla.suse.com/show_bug.cgi?id=1261768 * https://bugzilla.suse.com/show_bug.cgi?id=1261778 * https://bugzilla.suse.com/show_bug.cgi?id=1261779 * https://bugzilla.suse.com/show_bug.cgi?id=1261780 * https://bugzilla.suse.com/show_bug.cgi?id=1261781 * https://bugzilla.suse.com/show_bug.cgi?id=1261786 * https://bugzilla.suse.com/show_bug.cgi?id=1261788 * https://bugzilla.suse.com/show_bug.cgi?id=1261789 * https://bugzilla.suse.com/show_bug.cgi?id=1261796 * https://bugzilla.suse.com/show_bug.cgi?id=1261797 * https://bugzilla.suse.com/show_bug.cgi?id=1261896 * https://bugzilla.suse.com/show_bug.cgi?id=1262019 * https://bugzilla.suse.com/show_bug.cgi?id=1262053 * https://bugzilla.suse.com/show_bug.cgi?id=1262054 * https://bugzilla.suse.com/show_bug.cgi?id=1262055 * https://bugzilla.suse.com/show_bug.cgi?id=1262061 * https://bugzilla.suse.com/show_bug.cgi?id=1262063 * https://bugzilla.suse.com/show_bug.cgi?id=1262074 * https://bugzilla.suse.com/show_bug.cgi?id=1262078 * https://bugzilla.suse.com/show_bug.cgi?id=1262086 * https://bugzilla.suse.com/show_bug.cgi?id=1262087 * https://bugzilla.suse.com/show_bug.cgi?id=1262099 * https://bugzilla.suse.com/show_bug.cgi?id=1262100 * https://bugzilla.suse.com/show_bug.cgi?id=1262101 * https://bugzilla.suse.com/show_bug.cgi?id=1262179 * https://bugzilla.suse.com/show_bug.cgi?id=1262181 * https://bugzilla.suse.com/show_bug.cgi?id=1262245 * https://bugzilla.suse.com/show_bug.cgi?id=1262250 * https://bugzilla.suse.com/show_bug.cgi?id=1262480 * https://bugzilla.suse.com/show_bug.cgi?id=1262601 * https://bugzilla.suse.com/show_bug.cgi?id=1262616 * https://bugzilla.suse.com/show_bug.cgi?id=1262617 * https://bugzilla.suse.com/show_bug.cgi?id=1262627 * https://bugzilla.suse.com/show_bug.cgi?id=1262662 * https://bugzilla.suse.com/show_bug.cgi?id=1262665 * https://bugzilla.suse.com/show_bug.cgi?id=1262671 * https://bugzilla.suse.com/show_bug.cgi?id=1262673 * https://bugzilla.suse.com/show_bug.cgi?id=1262709 * https://bugzilla.suse.com/show_bug.cgi?id=1262725 * https://bugzilla.suse.com/show_bug.cgi?id=1262731 * https://bugzilla.suse.com/show_bug.cgi?id=1262750 * https://bugzilla.suse.com/show_bug.cgi?id=1262752 * https://bugzilla.suse.com/show_bug.cgi?id=1262758 * https://bugzilla.suse.com/show_bug.cgi?id=1263001 * https://bugzilla.suse.com/show_bug.cgi?id=1263012 * https://bugzilla.suse.com/show_bug.cgi?id=1263018 * https://bugzilla.suse.com/show_bug.cgi?id=1263044 * https://bugzilla.suse.com/show_bug.cgi?id=1263048 * https://bugzilla.suse.com/show_bug.cgi?id=1263052 * https://bugzilla.suse.com/show_bug.cgi?id=1263064 * https://bugzilla.suse.com/show_bug.cgi?id=1263074 * https://bugzilla.suse.com/show_bug.cgi?id=1263077 * https://bugzilla.suse.com/show_bug.cgi?id=1263085 * https://bugzilla.suse.com/show_bug.cgi?id=1263093 * https://bugzilla.suse.com/show_bug.cgi?id=1263095 * https://bugzilla.suse.com/show_bug.cgi?id=1263104 * https://bugzilla.suse.com/show_bug.cgi?id=1263107 * https://bugzilla.suse.com/show_bug.cgi?id=1263131 * https://bugzilla.suse.com/show_bug.cgi?id=1263135 * https://bugzilla.suse.com/show_bug.cgi?id=1263138 * https://bugzilla.suse.com/show_bug.cgi?id=1263140 * https://bugzilla.suse.com/show_bug.cgi?id=1263141 * https://bugzilla.suse.com/show_bug.cgi?id=1263165 * https://bugzilla.suse.com/show_bug.cgi?id=1263176 * https://bugzilla.suse.com/show_bug.cgi?id=1263255 * https://bugzilla.suse.com/show_bug.cgi?id=1263556 * https://bugzilla.suse.com/show_bug.cgi?id=1263562 * https://bugzilla.suse.com/show_bug.cgi?id=1263582 * https://bugzilla.suse.com/show_bug.cgi?id=1263592 * https://bugzilla.suse.com/show_bug.cgi?id=1263593 * https://bugzilla.suse.com/show_bug.cgi?id=1263595 * https://bugzilla.suse.com/show_bug.cgi?id=1263596 * https://bugzilla.suse.com/show_bug.cgi?id=1263604 * https://bugzilla.suse.com/show_bug.cgi?id=1263668 * https://bugzilla.suse.com/show_bug.cgi?id=1263815 * https://bugzilla.suse.com/show_bug.cgi?id=1263882 * https://bugzilla.suse.com/show_bug.cgi?id=1263901 * https://bugzilla.suse.com/show_bug.cgi?id=1263931 * https://bugzilla.suse.com/show_bug.cgi?id=1263933 * https://bugzilla.suse.com/show_bug.cgi?id=1263942 * https://bugzilla.suse.com/show_bug.cgi?id=1263995 * https://bugzilla.suse.com/show_bug.cgi?id=1264014 * https://bugzilla.suse.com/show_bug.cgi?id=1264059 * https://bugzilla.suse.com/show_bug.cgi?id=1264082 * https://bugzilla.suse.com/show_bug.cgi?id=1264097 * https://bugzilla.suse.com/show_bug.cgi?id=1264183 * https://bugzilla.suse.com/show_bug.cgi?id=1264233 * https://bugzilla.suse.com/show_bug.cgi?id=1264427 * https://bugzilla.suse.com/show_bug.cgi?id=1264469 * https://bugzilla.suse.com/show_bug.cgi?id=1264586 * https://bugzilla.suse.com/show_bug.cgi?id=1264674 * https://bugzilla.suse.com/show_bug.cgi?id=1264837 * https://bugzilla.suse.com/show_bug.cgi?id=1264848 * https://bugzilla.suse.com/show_bug.cgi?id=1265085 * https://bugzilla.suse.com/show_bug.cgi?id=1265116 * https://bugzilla.suse.com/show_bug.cgi?id=1265119 * https://bugzilla.suse.com/show_bug.cgi?id=1265144 * https://bugzilla.suse.com/show_bug.cgi?id=1265308 * https://bugzilla.suse.com/show_bug.cgi?id=1265421 * https://bugzilla.suse.com/show_bug.cgi?id=1265449 * https://bugzilla.suse.com/show_bug.cgi?id=1265456 * https://bugzilla.suse.com/show_bug.cgi?id=1265626 * https://bugzilla.suse.com/show_bug.cgi?id=1265846 * https://bugzilla.suse.com/show_bug.cgi?id=1265960 * https://jira.suse.com/browse/PED-13771 * https://jira.suse.com/browse/PED-14156 * https://jira.suse.com/browse/PED-14238 * https://jira.suse.com/browse/PED-16113 * https://jira.suse.com/browse/PED-7912 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 20:36:38 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 20:36:38 -0000 Subject: SUSE-SU-2026:21859-1: important: Security update for vim Message-ID: <178034619896.1034.6382008947557722464@cf67f1158b88> # Security update for vim Announcement ID: SUSE-SU-2026:21859-1 Release Date: 2026-05-28T12:13:40Z Rating: important References: * bsc#1261833 * bsc#1262395 * bsc#1264706 * bsc#1264707 * bsc#1264708 * bsc#1265349 * bsc#1265360 Cross-References: * CVE-2026-39881 * CVE-2026-42307 * CVE-2026-43961 * CVE-2026-44656 * CVE-2026-45130 * CVE-2026-46483 CVSS scores: * CVE-2026-39881 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39881 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N * CVE-2026-39881 ( NVD ): 5.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:N * CVE-2026-39881 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-42307 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-43961 ( SUSE ): 5.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43961 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2026-44656 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-44656 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-44656 ( NVD ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-44656 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-45130 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2026-45130 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-45130 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2026-46483 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46483 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-46483 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-46483 ( NVD ): 3.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves six vulnerabilities and has one fix can now be installed. ## Description: This update for vim fixes the following issues * CVE-2026-39881: command injection in NetBeans interface can lead to arbitrary file reads and writes (bsc#1261833). * CVE-2026-42307: Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim (bsc#1264706). * CVE-2026-43961: Vimscript Code Injection in netrw NetrwMarkFile() via crafted filename (bsc#1265349). * CVE-2026-44656: Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's: find command-line completion (bsc#1264707). * CVE-2026-45130: Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 encoding active (bsc#1264708). * CVE-2026-46483: command injection via `tar#Vimuntar()` in `runtime/autoload/tar.vim` when decompressing `.tgz` archives on Unix-like systems (bsc#1265360). Changes for vim: * Update to v9.2.0530. * Fix for incorrectly detecting scientific parameter files as bitbake recipies. (bsc#1262395) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-817=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-817=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * vim-debuginfo-9.2.0530-160000.1.1 * xxd-debuginfo-9.2.0530-160000.1.1 * vim-small-debuginfo-9.2.0530-160000.1.1 * gvim-debuginfo-9.2.0530-160000.1.1 * vim-debugsource-9.2.0530-160000.1.1 * vim-small-9.2.0530-160000.1.1 * gvim-9.2.0530-160000.1.1 * vim-9.2.0530-160000.1.1 * xxd-9.2.0530-160000.1.1 * SUSE Linux Enterprise Server 16.0 (noarch) * vim-data-common-9.2.0530-160000.1.1 * vim-data-9.2.0530-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * vim-debuginfo-9.2.0530-160000.1.1 * xxd-debuginfo-9.2.0530-160000.1.1 * vim-small-debuginfo-9.2.0530-160000.1.1 * gvim-debuginfo-9.2.0530-160000.1.1 * vim-debugsource-9.2.0530-160000.1.1 * vim-small-9.2.0530-160000.1.1 * gvim-9.2.0530-160000.1.1 * vim-9.2.0530-160000.1.1 * xxd-9.2.0530-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * vim-data-common-9.2.0530-160000.1.1 * vim-data-9.2.0530-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-39881.html * https://www.suse.com/security/cve/CVE-2026-42307.html * https://www.suse.com/security/cve/CVE-2026-43961.html * https://www.suse.com/security/cve/CVE-2026-44656.html * https://www.suse.com/security/cve/CVE-2026-45130.html * https://www.suse.com/security/cve/CVE-2026-46483.html * https://bugzilla.suse.com/show_bug.cgi?id=1261833 * https://bugzilla.suse.com/show_bug.cgi?id=1262395 * https://bugzilla.suse.com/show_bug.cgi?id=1264706 * https://bugzilla.suse.com/show_bug.cgi?id=1264707 * https://bugzilla.suse.com/show_bug.cgi?id=1264708 * https://bugzilla.suse.com/show_bug.cgi?id=1265349 * https://bugzilla.suse.com/show_bug.cgi?id=1265360 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 20:36:49 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 20:36:49 -0000 Subject: SUSE-SU-2026:21858-1: important: Security update for python-mistune Message-ID: <178034620981.1034.2137357824845746708@cf67f1158b88> # Security update for python-mistune Announcement ID: SUSE-SU-2026:21858-1 Release Date: 2026-05-28T12:08:36Z Rating: important References: * bsc#1264347 * bsc#1264750 * bsc#1264751 * bsc#1264752 * bsc#1264754 * bsc#1265052 * bsc#1265053 Cross-References: * CVE-2026-33079 * CVE-2026-33441 * CVE-2026-44708 * CVE-2026-44896 * CVE-2026-44897 * CVE-2026-44898 * CVE-2026-44899 CVSS scores: * CVE-2026-33079 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-33079 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33079 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-33441 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-33441 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-44708 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2026-44708 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-44708 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-44896 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2026-44896 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-44896 ( NVD ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-44896 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-44897 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2026-44897 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-44897 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-44898 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2026-44898 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-44898 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-44899 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2026-44899 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-44899 ( NVD ): 4.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N * CVE-2026-44899 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves seven vulnerabilities can now be installed. ## Description: This update for python-mistune fixes the following issues * CVE-2026-33079: ReDoS in `LINK_TITLE_RE` can lead to denial of service via a crafted Markdown (bsc#1264347). * CVE-2026-33441: processing of malformed reference links can lead to excessive resource consumption and denial of service (bsc#1264752). * CVE-2026-44708: improper HTML escaping in the math plugin can lead to XSS (bsc#1264751). * CVE-2026-44896: improper escaping in `render_figure` can lead to attribute injection and XSS (bsc#1264754). * CVE-2026-44897: improper sanitization of user-controlled input in `HTMLRenderer.heading` can lead to XSS (bsc#1264750). * CVE-2026-44898: improper sanitization of user-supplied HTML input in `render_toc_ul` can lead to XSS (bsc#1265052). * CVE-2026-44899: improper input verification in Image directive plugin and improper escaping in `render_block_image` can lead to CSS injection (bsc#1265053). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-816=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-816=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (noarch) * python313-mistune-3.1.3-160000.3.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * python313-mistune-3.1.3-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33079.html * https://www.suse.com/security/cve/CVE-2026-33441.html * https://www.suse.com/security/cve/CVE-2026-44708.html * https://www.suse.com/security/cve/CVE-2026-44896.html * https://www.suse.com/security/cve/CVE-2026-44897.html * https://www.suse.com/security/cve/CVE-2026-44898.html * https://www.suse.com/security/cve/CVE-2026-44899.html * https://bugzilla.suse.com/show_bug.cgi?id=1264347 * https://bugzilla.suse.com/show_bug.cgi?id=1264750 * https://bugzilla.suse.com/show_bug.cgi?id=1264751 * https://bugzilla.suse.com/show_bug.cgi?id=1264752 * https://bugzilla.suse.com/show_bug.cgi?id=1264754 * https://bugzilla.suse.com/show_bug.cgi?id=1265052 * https://bugzilla.suse.com/show_bug.cgi?id=1265053 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 20:37:05 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 20:37:05 -0000 Subject: SUSE-SU-2026:21854-1: moderate: Security update for localsearch Message-ID: <178034622500.1034.16934111526292530228@cf67f1158b88> # Security update for localsearch Announcement ID: SUSE-SU-2026:21854-1 Release Date: 2026-05-27T16:46:37Z Rating: moderate References: * bsc#1257606 * bsc#1257607 * bsc#1257608 * bsc#1257609 Cross-References: * CVE-2026-1764 * CVE-2026-1765 * CVE-2026-1766 * CVE-2026-1767 CVSS scores: * CVE-2026-1764 ( SUSE ): 5.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-1764 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H * CVE-2026-1765 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H * CVE-2026-1766 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H * CVE-2026-1767 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves four vulnerabilities can now be installed. ## Description: This update for localsearch fixes the following issues: * CVE-2026-1764: Fixed a heap buffer overflow leads to denial of service or information disclosure when parsing MP3 files. (bsc#1257606) * CVE-2026-1765: Fixed a Denial of Service and potential information disclosure via crafted MP3 files. (bsc#1257607) * CVE-2026-1766: Fixed a Denial of Service and information disclosure via malformed MP3 files. (bsc#1257608) * CVE-2026-1767: Fixed a heap buffer overflow leading to denial of service or information disclosure via malformed MP3 ID3 tags. (bsc#1257609) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-809=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-809=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * localsearch-debuginfo-3.8.2-160000.3.1 * localsearch-3.8.2-160000.3.1 * localsearch-debugsource-3.8.2-160000.3.1 * SUSE Linux Enterprise Server 16.0 (noarch) * localsearch-lang-3.8.2-160000.3.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * localsearch-debuginfo-3.8.2-160000.3.1 * localsearch-3.8.2-160000.3.1 * localsearch-debugsource-3.8.2-160000.3.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * localsearch-lang-3.8.2-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-1764.html * https://www.suse.com/security/cve/CVE-2026-1765.html * https://www.suse.com/security/cve/CVE-2026-1766.html * https://www.suse.com/security/cve/CVE-2026-1767.html * https://bugzilla.suse.com/show_bug.cgi?id=1257606 * https://bugzilla.suse.com/show_bug.cgi?id=1257607 * https://bugzilla.suse.com/show_bug.cgi?id=1257608 * https://bugzilla.suse.com/show_bug.cgi?id=1257609 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 20:37:12 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 20:37:12 -0000 Subject: SUSE-SU-2026:21852-1: important: Security update for alloy Message-ID: <178034623254.1034.11073470795844758951@cf67f1158b88> # Security update for alloy Announcement ID: SUSE-SU-2026:21852-1 Release Date: 2026-05-27T09:08:57Z Rating: important References: * bsc#1262955 * bsc#1263530 Cross-References: * CVE-2026-34986 * CVE-2026-41602 CVSS scores: * CVE-2026-34986 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34986 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34986 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-41602 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-41602 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-41602 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for alloy fixes the following issues * CVE-2026-34986: github.com/go-jose/go-jose/v4: crafted JWE input with a missing encrypted key can lead to a denial of service (bsc#1262955). * CVE-2026-41602: github.com/apache/thrift: TFramedTransport frame size headers can lead to a uint32 integer overflow (bsc#1263530). Changes for alloy: * Update to version 1.16.1 * Bug Fixes logging: Fix startup deadlock when components log before logging config is evaluated Update to Beyla 3.9.8 Migrate from Docker to Moby ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-807=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-807=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * alloy-1.16.1-160000.1.1 * alloy-debuginfo-1.16.1-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * alloy-1.16.1-160000.1.1 * alloy-debuginfo-1.16.1-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-34986.html * https://www.suse.com/security/cve/CVE-2026-41602.html * https://bugzilla.suse.com/show_bug.cgi?id=1262955 * https://bugzilla.suse.com/show_bug.cgi?id=1263530 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 20:37:17 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 20:37:17 -0000 Subject: SUSE-SU-2026:21851-1: important: Security update for docker-stable Message-ID: <178034623719.1034.5122317444686959667@cf67f1158b88> # Security update for docker-stable Announcement ID: SUSE-SU-2026:21851-1 Release Date: 2026-05-26T12:21:52Z Rating: important References: * bsc#1260967 * bsc#1261078 Cross-References: * CVE-2026-33747 * CVE-2026-33748 CVSS scores: * CVE-2026-33747 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-33747 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-33747 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-33747 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-33748 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-33748 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-33748 ( NVD ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-33748 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for docker-stable fixes the following issues * CVE-2026-33747: github.com/moby/buildkit: malicious frontends can craft API messages that cause files to be written outside of the BuildKit state directory (bsc#1260967). * CVE-2026-33748: github.com/moby/buildkit: insufficient validation of Git URL fragment subdir components may allow access to files outside the checked-out Git repository (bsc#1261078). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-804=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-804=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * docker-stable-buildx-debuginfo-0.25.0-160000.5.1 * docker-stable-buildx-0.25.0-160000.5.1 * docker-stable-24.0.9_ce-160000.5.1 * docker-stable-debuginfo-24.0.9_ce-160000.5.1 * SUSE Linux Enterprise Server 16.0 (noarch) * docker-stable-bash-completion-24.0.9_ce-160000.5.1 * docker-stable-rootless-extras-24.0.9_ce-160000.5.1 * docker-stable-zsh-completion-24.0.9_ce-160000.5.1 * docker-stable-fish-completion-24.0.9_ce-160000.5.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * docker-stable-buildx-debuginfo-0.25.0-160000.5.1 * docker-stable-buildx-0.25.0-160000.5.1 * docker-stable-24.0.9_ce-160000.5.1 * docker-stable-debuginfo-24.0.9_ce-160000.5.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * docker-stable-bash-completion-24.0.9_ce-160000.5.1 * docker-stable-rootless-extras-24.0.9_ce-160000.5.1 * docker-stable-zsh-completion-24.0.9_ce-160000.5.1 * docker-stable-fish-completion-24.0.9_ce-160000.5.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33747.html * https://www.suse.com/security/cve/CVE-2026-33748.html * https://bugzilla.suse.com/show_bug.cgi?id=1260967 * https://bugzilla.suse.com/show_bug.cgi?id=1261078 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 20:37:29 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 20:37:29 -0000 Subject: SUSE-SU-2026:21850-1: important: Security update for cups Message-ID: <178034624980.1034.7353513301099726231@cf67f1158b88> # Security update for cups Announcement ID: SUSE-SU-2026:21850-1 Release Date: 2026-05-26T12:19:57Z Rating: important References: * bsc#1261568 * bsc#1261569 * bsc#1261570 * bsc#1261571 * bsc#1261572 * bsc#1261742 * bsc#1261743 * bsc#1263116 Cross-References: * CVE-2026-27447 * CVE-2026-34978 * CVE-2026-34979 * CVE-2026-34980 * CVE-2026-34990 * CVE-2026-39314 * CVE-2026-39316 * CVE-2026-41079 CVSS scores: * CVE-2026-27447 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N * CVE-2026-27447 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N * CVE-2026-27447 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N * CVE-2026-34978 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-34978 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-34979 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-34979 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-34980 ( SUSE ): 6.4 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L * CVE-2026-34980 ( NVD ): 6.1 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-34980 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-34990 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-34990 ( NVD ): 5.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-34990 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-39314 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-39314 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39314 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-39314 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39316 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-39316 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39316 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-39316 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-41079 ( SUSE ): 5.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-41079 ( SUSE ): 3.5 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-41079 ( NVD ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-41079 ( NVD ): 5.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves eight vulnerabilities can now be installed. ## Description: This update for cups fixes the following issues * CVE-2026-27447: Authorization bypass via case-insensitive group-member lookup (bsc#1261572). * CVE-2026-34978: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss (bsc#1261571). * CVE-2026-34979: Heap overflow in `get_options()` (bsc#1261570). * CVE-2026-34980: Shared PostScript queue lets anonymous Print-Job requests reach `lp` code execution over the network (bsc#1261569). * CVE-2026-34990: Local print admin token disclosure using temporary printers (bsc#1261568). * CVE-2026-39314: negative `job-password-supported` attribute can lead to a denial of service (bsc#1261743). * CVE-2026-39316: dangling subscription pointer can lead to a denial of service (bsc#1261742). * CVE-2026-41079: crafted SNMP response can lead to stack-based out-of-bounds read and sensitive memory disclosure (bsc#1263116). Changes for cups: * Version upgrade to 2.4.19. * Version upgrade to 2.4.18. * Version upgrade to 2.4.17: * The scheduler followed symbolic links when cleaning out its temporary directory (Issue #1448) * Updated `cupsFileGetConf` and `cupsFilePutConf` to escape more characters. * Updated man page `cancel` (Issue #984) * Updated `cupsRasterReadHeader` to validate more of the page header values (Issue #1501) * Fixed an issue with the class/printer CGI name checking. * Fixed infinite loop in `http_write()` on busy print servers (Issue #827) * Fixed potential TLS blocking issues (Issue #1128) * Fixed a job history bug in the scheduler (Issue #1440) * Fixed notifier logging bug that would result in nul bytes getting into the log (Issue #1450) * Fixed possible use-after-free in `cupsdReadClient()` (Issue #1454) * Fixed a document format bug in the IPP backend (Issue #1457) * Fixed DRAIN_OUTPUT race condition (Issue #1461) * Fixed a bug when then `ippFindXxx` and `ippSetXxx` functions were mixed. * Fixed the mapping of supply type keywords to SNMP names. * Fixed a bug in the IPP backend when SNMP was disabled. * Fixed a crash bug in the rastertoepson filter. * Fixed a bug in cgiCheckVariables. * Fixed handling read/write errors with OpenSSL (Issue #1506) * Fixed handling rehandshake error in `_httpTLSRead` (Issue #1508) * Fixed a debug printf bug on Windows (Issue #1529) * Fixed a recursion issue with encoding of nested collections (Issue #1539) * Fixed parsing of the `LimitRequestBody`, `MaxLogSize`, and `MaxRequestSize` directives in "cupsd.conf" (Issue #1540) * Fixed a parsing bug in `ipptool` (Issue #1542) * Fixed blank line detection in the `rastertolabel` filter (Issue #1545) * Fixed `httpPeek` edge case on compressed streams ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-802=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-802=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * libcups2-debuginfo-2.4.19-160000.1.1 * cups-client-debuginfo-2.4.19-160000.1.1 * libcupsimage2-2.4.19-160000.1.1 * libcups2-2.4.19-160000.1.1 * cups-ddk-2.4.19-160000.1.1 * libcupsimage2-debuginfo-2.4.19-160000.1.1 * cups-2.4.19-160000.1.1 * cups-debuginfo-2.4.19-160000.1.1 * cups-devel-2.4.19-160000.1.1 * cups-client-2.4.19-160000.1.1 * cups-config-2.4.19-160000.1.1 * cups-debugsource-2.4.19-160000.1.1 * cups-ddk-debuginfo-2.4.19-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * libcups2-debuginfo-2.4.19-160000.1.1 * cups-client-debuginfo-2.4.19-160000.1.1 * libcupsimage2-2.4.19-160000.1.1 * libcups2-2.4.19-160000.1.1 * cups-ddk-2.4.19-160000.1.1 * libcupsimage2-debuginfo-2.4.19-160000.1.1 * cups-2.4.19-160000.1.1 * cups-debuginfo-2.4.19-160000.1.1 * cups-devel-2.4.19-160000.1.1 * cups-client-2.4.19-160000.1.1 * cups-config-2.4.19-160000.1.1 * cups-debugsource-2.4.19-160000.1.1 * cups-ddk-debuginfo-2.4.19-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-27447.html * https://www.suse.com/security/cve/CVE-2026-34978.html * https://www.suse.com/security/cve/CVE-2026-34979.html * https://www.suse.com/security/cve/CVE-2026-34980.html * https://www.suse.com/security/cve/CVE-2026-34990.html * https://www.suse.com/security/cve/CVE-2026-39314.html * https://www.suse.com/security/cve/CVE-2026-39316.html * https://www.suse.com/security/cve/CVE-2026-41079.html * https://bugzilla.suse.com/show_bug.cgi?id=1261568 * https://bugzilla.suse.com/show_bug.cgi?id=1261569 * https://bugzilla.suse.com/show_bug.cgi?id=1261570 * https://bugzilla.suse.com/show_bug.cgi?id=1261571 * https://bugzilla.suse.com/show_bug.cgi?id=1261572 * https://bugzilla.suse.com/show_bug.cgi?id=1261742 * https://bugzilla.suse.com/show_bug.cgi?id=1261743 * https://bugzilla.suse.com/show_bug.cgi?id=1263116 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 20:37:34 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 20:37:34 -0000 Subject: SUSE-SU-2026:21849-1: important: Security update for google-osconfig-agent Message-ID: <178034625458.1034.18302532694931293019@cf67f1158b88> # Security update for google-osconfig-agent Announcement ID: SUSE-SU-2026:21849-1 Release Date: 2026-05-26T12:17:10Z Rating: important References: * bsc#1236533 * bsc#1260264 Cross-References: * CVE-2023-45288 * CVE-2026-33186 CVSS scores: * CVE-2023-45288 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2023-45288 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2023-45288 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33186 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-33186 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33186 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for google-osconfig-agent fixes the following issues * CVE-2023-45288: golang.org/x/net/http2: close connections when receiving too many headers (bsc#1236533). * CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header (bsc#1260264). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-805=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-805=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 x86_64) * google-osconfig-agent-20250416.02-160000.3.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (x86_64) * google-osconfig-agent-20250416.02-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45288.html * https://www.suse.com/security/cve/CVE-2026-33186.html * https://bugzilla.suse.com/show_bug.cgi?id=1236533 * https://bugzilla.suse.com/show_bug.cgi?id=1260264 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 20:37:38 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 20:37:38 -0000 Subject: SUSE-SU-2026:21848-1: important: Security update for xz Message-ID: <178034625836.1034.5898393674773043315@cf67f1158b88> # Security update for xz Announcement ID: SUSE-SU-2026:21848-1 Release Date: 2026-05-26T12:14:16Z Rating: important References: * bsc#1261280 Cross-References: * CVE-2026-34743 CVSS scores: * CVE-2026-34743 ( SUSE ): 7.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-34743 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-34743 ( NVD ): 1.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-34743 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for xz fixes the following issue * CVE-2026-34743: buffer overflow in lzma_index_append() (bsc#1261280). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-803=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-803=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * xz-5.8.1-160000.3.1 * liblzma5-debuginfo-5.8.1-160000.3.1 * xz-devel-5.8.1-160000.3.1 * xz-debugsource-5.8.1-160000.3.1 * xz-debuginfo-5.8.1-160000.3.1 * liblzma5-5.8.1-160000.3.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (x86_64) * liblzma5-x86-64-v3-debuginfo-5.8.1-160000.3.1 * liblzma5-x86-64-v3-5.8.1-160000.3.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * xz-lang-5.8.1-160000.3.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * xz-5.8.1-160000.3.1 * liblzma5-debuginfo-5.8.1-160000.3.1 * xz-devel-5.8.1-160000.3.1 * xz-debugsource-5.8.1-160000.3.1 * xz-debuginfo-5.8.1-160000.3.1 * liblzma5-5.8.1-160000.3.1 * SUSE Linux Enterprise Server 16.0 (noarch) * xz-lang-5.8.1-160000.3.1 * SUSE Linux Enterprise Server 16.0 (x86_64) * liblzma5-x86-64-v3-debuginfo-5.8.1-160000.3.1 * liblzma5-x86-64-v3-5.8.1-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-34743.html * https://bugzilla.suse.com/show_bug.cgi?id=1261280 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 20:37:41 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 20:37:41 -0000 Subject: SUSE-SU-2026:21847-1: important: Security update for bubblewrap Message-ID: <178034626150.1034.12337863760214276337@cf67f1158b88> # Security update for bubblewrap Announcement ID: SUSE-SU-2026:21847-1 Release Date: 2026-05-26T09:51:49Z Rating: important References: * bsc#1263113 Cross-References: * CVE-2026-41163 CVSS scores: * CVE-2026-41163 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-41163 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-41163 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for bubblewrap fixes the following issue * CVE-2026-41163: improper process attachment via ptrace can lead to arbitrary privileged operations and local root escalation (bsc#1263113). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-801=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-801=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * bubblewrap-0.11.0-160000.3.1 * bubblewrap-debuginfo-0.11.0-160000.3.1 * bubblewrap-debugsource-0.11.0-160000.3.1 * bubblewrap-zsh-completion-0.11.0-160000.3.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * bubblewrap-0.11.0-160000.3.1 * bubblewrap-debuginfo-0.11.0-160000.3.1 * bubblewrap-debugsource-0.11.0-160000.3.1 * bubblewrap-zsh-completion-0.11.0-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-41163.html * https://bugzilla.suse.com/show_bug.cgi?id=1263113 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 20:37:43 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 20:37:43 -0000 Subject: SUSE-SU-2026:21846-1: important: Security update for apache2 Message-ID: <178034626321.1034.17984886011501806210@cf67f1158b88> # Security update for apache2 Announcement ID: SUSE-SU-2026:21846-1 Release Date: 2026-05-26T09:51:49Z Rating: important References: * jsc#PED-16181 Cross-References: * CVE-2024-42516 * CVE-2024-43204 * CVE-2024-47252 * CVE-2025-23048 * CVE-2025-49630 * CVE-2025-49812 * CVE-2025-53020 * CVE-2025-55753 * CVE-2025-58098 * CVE-2025-59775 * CVE-2025-65082 * CVE-2025-66200 CVSS scores: * CVE-2024-42516 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-42516 ( SUSE ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2024-42516 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-43204 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-43204 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-43204 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-47252 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-47252 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-47252 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-23048 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-23048 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-23048 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-49630 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-49630 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-49630 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-49812 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-49812 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L * CVE-2025-49812 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-53020 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-53020 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-53020 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-55753 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-55753 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-55753 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-58098 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-58098 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-58098 ( NVD ): 8.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L * CVE-2025-59775 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-65082 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-65082 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2025-65082 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-66200 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-66200 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-66200 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves 12 vulnerabilities and contains one feature can now be installed. ## Description: This update for apache2 fixes the following issues: Changes in apache2: Version update to 2.4.66 (jsc#PED-16181) _) SECURITY: CVE-2025-66200: Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo. mod_userdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid. This issue affects Apache HTTP Server: from 2.4.7 through 2.4.65._) SECURITY: CVE-2025-65082: Apache HTTP Server: CGI environment variable override. Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration unexpectedly superseding variables calculated by the server for CGI programs. This issue affects Apache HTTP Server from 2.4.0 through 2.4.65. _) SECURITY: CVE-2025-59775: Apache HTTP Server: NTLM Leakage on Windows through UNC SSRF. Server-Side Request Forgery (SSRF) vulnerability in Apache HTTP Server on Windows with AllowEncodedSlashes On and MergeSlashes Off allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content_) SECURITY: CVE-2025-58098: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=... Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI) enabled and mod_cgid (but not mod_cgi) passes the shell-escaped query string to #exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. _) SECURITY: CVE-2025-55753: Apache HTTP Server: mod_md (ACME), unintended retry intervals An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures (~30 days in default configurations), to the backoff timer becoming 0. Attempts to renew the certificate then are repeated without delays until it succeeds. This issue affects Apache HTTP Server: from 2.4.30 before 2.4.66._) mod_http2: Fix handling of 304 responses from mod_cache. _) mod_http2/mod_proxy_http2: fix a bug in calculating the log2 value of integers, used in push diaries and proxy window size calculations._) mod_md: update to version 2.6.5 \- New directive `MDInitialDelay`, controlling how longer to wait after a server restart before checking certificates for renewal. [Michael Kaufmann] \- Hardening: when build with OpenSSL older than 1.0.2 or old libressl versions, the parsing of ASN.1 time strings did not do a length check. \- Hardening: when reading back OCSP responses stored in the local JSON store, missing 'valid' key led to uninitialized values, resulting in wrong refresh behaviour. _) mod_md: update to version 2.6.6 \- Fix a small memory leak when using OpenSSL 's BIGNUMs. \- Fix reuse of curl easy handles by resetting them. _) mod_http2: update to version 2.0.35 New directive `H2MaxStreamErrors` to control how much bad behaviour by clients is tolerated before the connection is closed. _) mod_proxy_http2: add support for ProxyErrorOverride directive._) mpm_common: Add new ListenTCPDeferAccept directive that allows to specify the value set for the TCP_DEFER_ACCEPT socket option on listen sockets. _) mod_ssl: Add SSLVHostSNIPolicy directive to control the virtual host compatibility policy._) mod_md: update to version 2.6.2 \- Fix error retry delay calculation to not already doubling the wait on the first error. *) mod_md: update to version 2.6.1 \- Increasing default `MDRetryDelay` to 30 seconds to generate less bursty traffic on errored renewals for the ACME CA. This leads to error retries of 30s, 1 minute, 2, 4, etc. up to daily attempts. \- Checking that configuring `MDRetryDelay` will result in a positive duration. A delay of 0 is not accepted. \- Fix a bug in checking Content-Type of responses from the ACME server. \- Added ACME ARI support (rfc9773) to the module. Enabled by default. New directive "MDRenewViaARI on|off" for controlling this. \- Removing tailscale support. It has not been working for a long time as the company decided to change their APIs. Away with the dead code, documentation and tests. \- Fixed a compilation issue with pre-industrial versions of libcurl. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-800=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-800=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * apache2-utils-2.4.66-160000.1.1 * apache2-debugsource-2.4.66-160000.1.1 * apache2-debuginfo-2.4.66-160000.1.1 * apache2-utils-debugsource-2.4.66-160000.1.1 * apache2-worker-debuginfo-2.4.66-160000.1.1 * apache2-2.4.66-160000.1.1 * apache2-event-2.4.66-160000.1.1 * apache2-prefork-2.4.66-160000.1.1 * apache2-event-debuginfo-2.4.66-160000.1.1 * apache2-worker-debugsource-2.4.66-160000.1.1 * apache2-devel-2.4.66-160000.1.1 * apache2-prefork-debugsource-2.4.66-160000.1.1 * apache2-prefork-debuginfo-2.4.66-160000.1.1 * apache2-utils-debuginfo-2.4.66-160000.1.1 * apache2-event-debugsource-2.4.66-160000.1.1 * apache2-worker-2.4.66-160000.1.1 * SUSE Linux Enterprise Server 16.0 (noarch) * apache2-manual-2.4.66-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * apache2-utils-2.4.66-160000.1.1 * apache2-debugsource-2.4.66-160000.1.1 * apache2-debuginfo-2.4.66-160000.1.1 * apache2-utils-debugsource-2.4.66-160000.1.1 * apache2-worker-debuginfo-2.4.66-160000.1.1 * apache2-2.4.66-160000.1.1 * apache2-event-2.4.66-160000.1.1 * apache2-prefork-2.4.66-160000.1.1 * apache2-event-debuginfo-2.4.66-160000.1.1 * apache2-worker-debugsource-2.4.66-160000.1.1 * apache2-devel-2.4.66-160000.1.1 * apache2-prefork-debugsource-2.4.66-160000.1.1 * apache2-prefork-debuginfo-2.4.66-160000.1.1 * apache2-utils-debuginfo-2.4.66-160000.1.1 * apache2-event-debugsource-2.4.66-160000.1.1 * apache2-worker-2.4.66-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * apache2-manual-2.4.66-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-42516.html * https://www.suse.com/security/cve/CVE-2024-43204.html * https://www.suse.com/security/cve/CVE-2024-47252.html * https://www.suse.com/security/cve/CVE-2025-23048.html * https://www.suse.com/security/cve/CVE-2025-49630.html * https://www.suse.com/security/cve/CVE-2025-49812.html * https://www.suse.com/security/cve/CVE-2025-53020.html * https://www.suse.com/security/cve/CVE-2025-55753.html * https://www.suse.com/security/cve/CVE-2025-58098.html * https://www.suse.com/security/cve/CVE-2025-59775.html * https://www.suse.com/security/cve/CVE-2025-65082.html * https://www.suse.com/security/cve/CVE-2025-66200.html * https://jira.suse.com/browse/PED-16181 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 20:43:36 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 20:43:36 -0000 Subject: SUSE-SU-2026:21845-1: important: Security update for the Linux Kernel Message-ID: <178034661624.1034.14186417919432621670@cf67f1158b88> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:21845-1 Release Date: 2026-05-28T11:49:10Z Rating: important References: * bsc#1215199 * bsc#1234634 * bsc#1241259 * bsc#1243603 * bsc#1248754 * bsc#1249104 * bsc#1250951 * bsc#1253471 * bsc#1254518 * bsc#1255160 * bsc#1255360 * bsc#1255459 * bsc#1255752 * bsc#1256288 * bsc#1256865 * bsc#1256867 * bsc#1258518 * bsc#1258718 * bsc#1258826 * bsc#1258849 * bsc#1258850 * bsc#1258854 * bsc#1258855 * bsc#1258856 * bsc#1258857 * bsc#1258933 * bsc#1258961 * bsc#1259186 * bsc#1259199 * bsc#1259222 * bsc#1259420 * bsc#1259461 * bsc#1259535 * bsc#1259672 * bsc#1259799 * bsc#1259806 * bsc#1259857 * bsc#1259865 * bsc#1259868 * bsc#1259869 * bsc#1259871 * bsc#1259873 * bsc#1259878 * bsc#1259889 * bsc#1259994 * bsc#1260010 * bsc#1260012 * bsc#1260018 * bsc#1260428 * bsc#1260468 * bsc#1260483 * bsc#1260484 * bsc#1260485 * bsc#1260489 * bsc#1260504 * bsc#1260505 * bsc#1260507 * bsc#1260514 * bsc#1260523 * bsc#1260526 * bsc#1260528 * bsc#1260529 * bsc#1260530 * bsc#1260531 * bsc#1260532 * bsc#1260533 * bsc#1260536 * bsc#1260537 * bsc#1260538 * bsc#1260541 * bsc#1260546 * bsc#1260549 * bsc#1260551 * bsc#1260552 * bsc#1260555 * bsc#1260561 * bsc#1260562 * bsc#1260566 * bsc#1260571 * bsc#1260572 * bsc#1260573 * bsc#1260576 * bsc#1260580 * bsc#1260581 * bsc#1260593 * bsc#1260613 * bsc#1260728 * bsc#1260729 * bsc#1260731 * bsc#1260798 * bsc#1260800 * bsc#1260801 * bsc#1260807 * bsc#1260811 * bsc#1260996 * bsc#1261020 * bsc#1261149 * bsc#1261287 * bsc#1261288 * bsc#1261295 * bsc#1261348 * bsc#1261410 * bsc#1261503 * bsc#1261504 * bsc#1261505 * bsc#1261550 * bsc#1261555 * bsc#1261581 * bsc#1261582 * bsc#1261584 * bsc#1261585 * bsc#1261592 * bsc#1261601 * bsc#1261602 * bsc#1261617 * bsc#1261618 * bsc#1261629 * bsc#1261632 * bsc#1261635 * bsc#1261636 * bsc#1261637 * bsc#1261638 * bsc#1261641 * bsc#1261644 * bsc#1261645 * bsc#1261648 * bsc#1261679 * bsc#1261685 * bsc#1261686 * bsc#1261687 * bsc#1261692 * bsc#1261694 * bsc#1261700 * bsc#1261702 * bsc#1261703 * bsc#1261707 * bsc#1261710 * bsc#1261713 * bsc#1261714 * bsc#1261719 * bsc#1261738 * bsc#1261750 * bsc#1261751 * bsc#1261752 * bsc#1261768 * bsc#1261778 * bsc#1261779 * bsc#1261780 * bsc#1261781 * bsc#1261786 * bsc#1261788 * bsc#1261789 * bsc#1261796 * bsc#1261797 * bsc#1261896 * bsc#1262019 * bsc#1262053 * bsc#1262054 * bsc#1262055 * bsc#1262061 * bsc#1262063 * bsc#1262074 * bsc#1262078 * bsc#1262086 * bsc#1262087 * bsc#1262099 * bsc#1262100 * bsc#1262101 * bsc#1262179 * bsc#1262181 * bsc#1262245 * bsc#1262250 * bsc#1262480 * bsc#1262601 * bsc#1262616 * bsc#1262617 * bsc#1262627 * bsc#1262662 * bsc#1262665 * bsc#1262671 * bsc#1262673 * bsc#1262709 * bsc#1262725 * bsc#1262731 * bsc#1262750 * bsc#1262752 * bsc#1262758 * bsc#1263001 * bsc#1263012 * bsc#1263018 * bsc#1263044 * bsc#1263048 * bsc#1263052 * bsc#1263064 * bsc#1263074 * bsc#1263077 * bsc#1263085 * bsc#1263093 * bsc#1263095 * bsc#1263104 * bsc#1263107 * bsc#1263131 * bsc#1263135 * bsc#1263138 * bsc#1263140 * bsc#1263141 * bsc#1263165 * bsc#1263176 * bsc#1263255 * bsc#1263556 * bsc#1263562 * bsc#1263582 * bsc#1263592 * bsc#1263593 * bsc#1263595 * bsc#1263596 * bsc#1263604 * bsc#1263668 * bsc#1263815 * bsc#1263882 * bsc#1263901 * bsc#1263931 * bsc#1263933 * bsc#1263942 * bsc#1263995 * bsc#1264014 * bsc#1264059 * bsc#1264082 * bsc#1264097 * bsc#1264183 * bsc#1264233 * bsc#1264427 * bsc#1264469 * bsc#1264586 * bsc#1264674 * bsc#1264837 * bsc#1264848 * bsc#1265085 * bsc#1265116 * bsc#1265119 * bsc#1265144 * bsc#1265308 * bsc#1265421 * bsc#1265449 * bsc#1265456 * bsc#1265626 * bsc#1265846 * bsc#1265960 * jsc#PED-13771 * jsc#PED-14156 * jsc#PED-14238 * jsc#PED-16113 * jsc#PED-7912 Cross-References: * CVE-2023-2058 * CVE-2024-14027 * CVE-2025-40181 * CVE-2025-40219 * CVE-2025-68265 * CVE-2025-68310 * CVE-2025-71238 * CVE-2025-71268 * CVE-2025-71269 * CVE-2025-71302 * CVE-2026-23168 * CVE-2026-23209 * CVE-2026-23236 * CVE-2026-23237 * CVE-2026-23245 * CVE-2026-23246 * CVE-2026-23253 * CVE-2026-23260 * CVE-2026-23261 * CVE-2026-23264 * CVE-2026-23266 * CVE-2026-23268 * CVE-2026-23269 * CVE-2026-23271 * CVE-2026-23273 * CVE-2026-23276 * CVE-2026-23279 * CVE-2026-23290 * CVE-2026-23291 * CVE-2026-23298 * CVE-2026-23300 * CVE-2026-23307 * CVE-2026-23312 * CVE-2026-23313 * CVE-2026-23315 * CVE-2026-23316 * CVE-2026-23317 * CVE-2026-23318 * CVE-2026-23321 * CVE-2026-23324 * CVE-2026-23325 * CVE-2026-23334 * CVE-2026-23336 * CVE-2026-23339 * CVE-2026-23340 * CVE-2026-23346 * CVE-2026-23347 * CVE-2026-23351 * CVE-2026-23354 * CVE-2026-23357 * CVE-2026-23360 * CVE-2026-23362 * CVE-2026-23363 * CVE-2026-23365 * CVE-2026-23367 * CVE-2026-23368 * CVE-2026-23369 * CVE-2026-23370 * CVE-2026-23372 * CVE-2026-23373 * CVE-2026-23374 * CVE-2026-23375 * CVE-2026-23378 * CVE-2026-23382 * CVE-2026-23387 * CVE-2026-23391 * CVE-2026-23392 * CVE-2026-23395 * CVE-2026-23396 * CVE-2026-23397 * CVE-2026-23399 * CVE-2026-23401 * CVE-2026-23403 * CVE-2026-23404 * CVE-2026-23405 * CVE-2026-23406 * CVE-2026-23407 * CVE-2026-23408 * CVE-2026-23409 * CVE-2026-23410 * CVE-2026-23411 * CVE-2026-23417 * CVE-2026-23418 * CVE-2026-23420 * CVE-2026-23426 * CVE-2026-23434 * CVE-2026-23436 * CVE-2026-23437 * CVE-2026-23440 * CVE-2026-23441 * CVE-2026-23442 * CVE-2026-23443 * CVE-2026-23445 * CVE-2026-23446 * CVE-2026-23447 * CVE-2026-23448 * CVE-2026-23449 * CVE-2026-23450 * CVE-2026-23452 * CVE-2026-23454 * CVE-2026-23455 * CVE-2026-23456 * CVE-2026-23457 * CVE-2026-23458 * CVE-2026-23460 * CVE-2026-23461 * CVE-2026-23462 * CVE-2026-23463 * CVE-2026-23464 * CVE-2026-23465 * CVE-2026-23466 * CVE-2026-23468 * CVE-2026-23470 * CVE-2026-23472 * CVE-2026-23473 * CVE-2026-23474 * CVE-2026-23475 * CVE-2026-31389 * CVE-2026-31392 * CVE-2026-31393 * CVE-2026-31394 * CVE-2026-31395 * CVE-2026-31400 * CVE-2026-31402 * CVE-2026-31403 * CVE-2026-31405 * CVE-2026-31406 * CVE-2026-31407 * CVE-2026-31408 * CVE-2026-31411 * CVE-2026-31412 * CVE-2026-31415 * CVE-2026-31416 * CVE-2026-31417 * CVE-2026-31420 * CVE-2026-31421 * CVE-2026-31422 * CVE-2026-31423 * CVE-2026-31424 * CVE-2026-31425 * CVE-2026-31426 * CVE-2026-31427 * CVE-2026-31428 * CVE-2026-31435 * CVE-2026-31449 * CVE-2026-31453 * CVE-2026-31456 * CVE-2026-31470 * CVE-2026-31494 * CVE-2026-31496 * CVE-2026-31503 * CVE-2026-31504 * CVE-2026-31505 * CVE-2026-31507 * CVE-2026-31515 * CVE-2026-31519 * CVE-2026-31525 * CVE-2026-31526 * CVE-2026-31528 * CVE-2026-31533 * CVE-2026-31547 * CVE-2026-31550 * CVE-2026-31554 * CVE-2026-31565 * CVE-2026-31579 * CVE-2026-31586 * CVE-2026-31588 * CVE-2026-31644 * CVE-2026-31649 * CVE-2026-31658 * CVE-2026-31662 * CVE-2026-31666 * CVE-2026-31668 * CVE-2026-31669 * CVE-2026-31675 * CVE-2026-31678 * CVE-2026-31679 * CVE-2026-31681 * CVE-2026-31682 * CVE-2026-31684 * CVE-2026-31685 * CVE-2026-31691 * CVE-2026-31694 * CVE-2026-31700 * CVE-2026-31738 * CVE-2026-31787 * CVE-2026-43009 * CVE-2026-43025 * CVE-2026-43027 * CVE-2026-43037 * CVE-2026-43038 * CVE-2026-43045 * CVE-2026-43050 * CVE-2026-43060 * CVE-2026-43082 * CVE-2026-43088 * CVE-2026-43153 * CVE-2026-43190 * CVE-2026-43265 * CVE-2026-43329 * CVE-2026-43365 * CVE-2026-43366 * CVE-2026-43441 * CVE-2026-43494 * CVE-2026-43503 * CVE-2026-46333 CVSS scores: * CVE-2023-2058 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2023-2058 ( NVD ): 2.4 CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N * CVE-2024-14027 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-14027 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40181 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40181 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40219 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40219 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-68265 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68265 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-68310 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68310 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-71238 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-71238 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-71238 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71268 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-71268 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71268 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71269 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-71269 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71269 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-71302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23168 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23168 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23168 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23209 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23209 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23236 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23236 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23236 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23236 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2026-23237 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23237 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23245 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23245 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23245 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23246 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23253 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23253 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23260 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23260 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23260 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23261 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23261 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23264 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23264 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23266 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23266 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23266 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23268 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23268 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23269 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23269 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23269 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23271 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23271 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23273 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23276 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23276 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23279 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23279 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23279 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23290 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23290 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23290 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23291 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23291 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23298 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23298 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23298 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23300 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23300 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23300 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23307 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23312 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23312 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23312 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23313 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23315 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23315 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23316 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23316 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23318 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23318 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23321 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23321 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23321 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23324 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23324 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23324 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23325 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23325 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23334 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23334 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23336 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23336 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23339 ( SUSE ): 2.3 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23339 ( SUSE ): 3.1 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23339 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23340 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23340 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23340 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23346 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23346 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23346 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23347 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23347 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23354 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23354 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-23354 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23357 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23357 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23357 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23360 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23360 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23360 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23362 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23363 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23365 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23365 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23365 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23367 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-23367 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-23367 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23368 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23368 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23368 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23369 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23369 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23369 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23370 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23370 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23372 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23372 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23373 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23373 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23374 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23374 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23374 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23375 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23375 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23378 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23378 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23378 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23378 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23382 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23382 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23382 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23387 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23387 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23387 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23391 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23391 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23392 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23395 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23395 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23395 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23395 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23396 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23396 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23396 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23397 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23397 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23397 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23399 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23399 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23399 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23401 ( SUSE ): 8.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2026-23401 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2026-23401 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23403 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23403 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23404 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23406 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23406 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23407 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23407 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23407 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23408 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23409 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23409 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23410 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23410 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23411 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23417 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23417 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23417 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23418 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23418 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23418 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23420 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23426 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23426 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23426 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23434 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23434 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23434 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23434 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23436 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23436 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23436 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23440 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23440 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23440 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23440 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23441 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23441 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23442 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23442 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23442 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23443 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23443 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23443 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23445 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23445 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23445 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23445 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23446 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23446 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23446 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23447 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23447 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23448 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23448 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23448 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23450 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23452 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23452 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23452 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23454 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23454 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23454 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23455 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23455 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23455 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23456 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23456 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-23456 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23457 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23457 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23457 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23458 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23458 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23458 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23460 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23460 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23460 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23461 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23461 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23461 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23462 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23463 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23463 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2026-23463 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23464 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23464 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23464 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23465 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2026-23465 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2026-23465 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23466 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23466 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23466 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23468 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23470 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23470 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23472 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23472 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23472 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23473 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23473 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23474 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23474 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23474 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23475 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23475 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23475 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31389 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31389 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31389 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31392 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31392 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L * CVE-2026-31392 ( NVD ): 8.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L * CVE-2026-31393 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31393 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31393 ( NVD ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31394 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31394 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31394 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31395 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31395 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31395 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31400 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31400 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31400 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31402 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31402 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-31402 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31403 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31405 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31405 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31407 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31407 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31407 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31408 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31408 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31408 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31411 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31411 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31411 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31412 ( SUSE ): 7.0 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31412 ( SUSE ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31412 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31415 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31415 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31415 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31416 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31416 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-31416 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31417 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31417 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31417 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31420 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31421 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31421 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31421 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31422 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31422 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31422 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31423 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31423 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31423 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31424 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31424 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31424 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31425 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31425 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31426 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31426 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-31426 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31427 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-31427 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2026-31427 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31428 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31428 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31428 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31435 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31435 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31435 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-31449 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-31453 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31453 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31453 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31456 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31456 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31456 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31470 ( SUSE ): 6.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31470 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31470 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31494 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-31494 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2026-31494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31496 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31496 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31496 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31503 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31503 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-31503 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31504 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31504 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31504 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31505 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31507 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31515 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31515 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31515 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31519 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31519 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31525 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31525 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31525 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31526 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31526 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31526 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31528 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31528 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31528 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31533 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31547 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31547 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31547 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31550 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31550 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31550 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31554 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31554 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31554 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31565 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31565 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31565 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31579 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31579 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31579 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31586 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31586 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31588 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-31644 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31644 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31644 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31649 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31658 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31658 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31658 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31662 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31662 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31662 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31666 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-31666 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2026-31666 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31668 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-31668 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2026-31668 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31669 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31675 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31675 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2026-31675 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31678 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31678 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31678 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31679 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31679 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31679 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31681 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31681 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31681 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31682 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31682 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31682 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31684 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31684 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-31684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31685 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31685 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31685 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31691 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31691 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31691 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31694 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31694 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31694 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31700 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31738 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43009 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-43027 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43027 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43038 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43038 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43045 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43045 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43050 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43050 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43060 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43060 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43082 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43082 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43088 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-43088 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-43153 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43153 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43153 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43190 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43190 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43190 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43265 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43265 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43265 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43329 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43329 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43329 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43365 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43365 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43365 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43366 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43366 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43366 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43441 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43441 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43494 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43494 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43503 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43503 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43503 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Server High Availability Extension 16.0 An update that solves 206 vulnerabilities, contains five features and has 42 fixes can now be installed. ## Description: The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2023-2058: x86/CPU: Fix FPDSS on Zen1 (bsc#1243603). * CVE-2024-14027: xattr: switch to CLASS(fd) (bsc#1259420). * CVE-2025-40181: x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP (bsc#1253471). * CVE-2025-68265: nvme: fix admin request_queue lifetime (bsc#1255360). * CVE-2025-68310: s390/pci: Avoid deadlock between PCI error recovery and mlx5 crdump (bsc#1255160). * CVE-2025-71302: drm/panthor: fix for dma-fence safe access rules (bsc#1264837). * CVE-2026-23168: flex_proportions: make fprop_new_period() hardirq safe (bsc#1258826). * CVE-2026-23245: net/sched: act_gate: snapshot parameters with RCU on replace (bsc#1259799). * CVE-2026-23271: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race (bsc#1260018). * CVE-2026-23276: net: add xmit recursion limit to tunnel xmit functions (bsc#1260012). * CVE-2026-23300: net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop (bsc#1260538). * CVE-2026-23313: i40e: Fix preempt count leak in napi poll tracepoint (bsc#1260555). * CVE-2026-23316: net: ipv4: fix ARM64 alignment fault in multipath hash seed (bsc#1260573). * CVE-2026-23321: mptcp: pm: in-kernel: always mark signal+subflow endp as used (bsc#1260505). * CVE-2026-23340: net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs (bsc#1260523). * CVE-2026-23346: arm64: io: Rename ioremap_prot() to __ioremap_prot() (bsc#1260529). * CVE-2026-23351: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase (bsc#1260526). * CVE-2026-23354: x86/fred: Correct speculative safety in fred_extint() (bsc#1260801). * CVE-2026-23368: net: phy: register phy led_triggers during probe to avoid AB-BA deadlock (bsc#1260530). * CVE-2026-23374: blktrace: fix __this_cpu_read/write in preemptible context (bsc#1260811). * CVE-2026-23375: mm: thp: deny THP for files on anonymous inodes (bsc#1260576). * CVE-2026-23378: net/sched: act_ife: Fix metalist update behavior (bsc#1260546). * CVE-2026-23391: netfilter: xt_CT: drop pending enqueued packets on template removal (bsc#1260566). * CVE-2026-23392: netfilter: nf_tables: release flowtable after rcu grace period on error (bsc#1260531). * CVE-2026-23397: nfnetlink_osf: validate individual option lengths in fingerprints (bsc#1260728). * CVE-2026-23399: nf_tables: nft_dynset: fix possible stateful expression memleak in error path (bsc#1261020). * CVE-2026-23417: bpf: Fix constant blinding for PROBE_MEM32 stores (bsc#1261410). * CVE-2026-23436: net: add helpers for lookup and walking netdevs under netdev_lock() (bsc#1261617). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261635). * CVE-2026-23440: net/mlx5e: Fix race condition during IPSec ESN update (bsc#1261641). * CVE-2026-23441: net/mlx5e: Prevent concurrent access to IPSec ASO context (bsc#1261768). * CVE-2026-23442: ipv6: add NULL checks for idev in SRv6 paths (bsc#1261581). * CVE-2026-23445: igc: fix page fault in XDP TX timestamps handling (bsc#1261702). * CVE-2026-23449: net/sched: teql: Fix double-free in teql_master_xmit (bsc#1261779). * CVE-2026-23450: net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock() (bsc#1261584). * CVE-2026-23455: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() (bsc#1261687). * CVE-2026-23456: netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case (bsc#1261703). * CVE-2026-23457: netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp() (bsc#1261686). * CVE-2026-23458: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() (bsc#1261781). * CVE-2026-23468: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion (bsc#1261692). * CVE-2026-23472: serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN (bsc#1261636). * CVE-2026-23473: io_uring/poll: fix multishot recv missing EOF on wakeup race (bsc#1261694). * CVE-2026-31392: smb: client: fix krb5 mount with username option (bsc#1261788). * CVE-2026-31395: bnxt_en: fix OOB access in DBG_BUF_PRODUCER async event handler (bsc#1261786). * CVE-2026-31400: sunrpc: fix cache_request leak in cache_release (bsc#1261645). * CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (bsc#1261638). * CVE-2026-31403: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd (bsc#1261796). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261629). * CVE-2026-31407: netfilter: conntrack: add missing netlink policy validations (bsc#1261632). * CVE-2026-31411: net: atm: fix crash due to unvalidated vcc pointer in sigd_send() (bsc#1261752). * CVE-2026-31415: ipv6: avoid overflows in ip6_datagram_send_ctl() (bsc#1262099). * CVE-2026-31416: netfilter: nfnetlink_log: account for netlink header size (bsc#1262100). * CVE-2026-31420: bridge: mrp: reject zero test interval to avoid OOM panic (bsc#1262055). * CVE-2026-31421: net/sched: cls_fw: fix NULL pointer dereference on shared blocks (bsc#1262061). * CVE-2026-31422: net/sched: cls_flow: fix NULL pointer dereference on shared blocks (bsc#1262054). * CVE-2026-31423: net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() (bsc#1262063). * CVE-2026-31424: netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP (bsc#1262053). * CVE-2026-31425: rds: ib: reject FRMR registration before IB connection is established (bsc#1262074). * CVE-2026-31427: netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp (bsc#1262086). * CVE-2026-31428: netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD (bsc#1262087). * CVE-2026-31435: netfs: Fix read abandonment during retry (bsc#1262601). * CVE-2026-31449: ext4: validate p_idx bounds in ext4_ext_correct_indexes (bsc#1262616). * CVE-2026-31453: xfs: avoid dereferencing log items after push callbacks (bsc#1262617). * CVE-2026-31456: mm/pagewalk: fix race between concurrent split and refault (bsc#1262627). * CVE-2026-31494: net: cadence: macb: Synchronize stats calculations (bsc#1262671). * CVE-2026-31496: netfilter: nf_conntrack_expect: skip expectations in other netns via proc (bsc#1262673). * CVE-2026-31503: udp: Fix wildcard bind conflict check when using hash2 (bsc#1263077). * CVE-2026-31504: net: fix fanout UAF in packet_release() via NETDEV_UP race (bsc#1263085). * CVE-2026-31505: iavf: fix out-of-bounds writes in iavf_get_ethtool_stats() (bsc#1263093). * CVE-2026-31507: net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer (bsc#1263095). * CVE-2026-31515: af_key: validate families in pfkey_send_migrate() (bsc#1262752). * CVE-2026-31519: btrfs: set BTRFS_ROOT_ORPHAN_CLEANUP during subvol create (bsc#1263012). * CVE-2026-31525: bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN (bsc#1262725). * CVE-2026-31526: bpf: Fix exception exit lock checking for subprogs (bsc#1262662). * CVE-2026-31528: perf: Make sure to use pmu_ctx->pmu for groups (bsc#1263001). * CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (bsc#1262758). * CVE-2026-31547: drm/xe: Fix missing runtime PM reference in ccs_mode_store (bsc#1263018). * CVE-2026-31550: pmdomain: bcm: bcm2835-power: Increase ASB control timeout (bsc#1263104). * CVE-2026-31554: futex: Require sys_futex_requeue() to have identical flags (bsc#1263107). * CVE-2026-31565: RDMA/irdma: Fix deadlock during netdev reset with active connections (bsc#1263064). * CVE-2026-31579: wireguard: device: use exit_rtnl callback instead of manual rtnl_lock in pre_exit (bsc#1263074). * CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (bsc#1263176). * CVE-2026-31588: KVM: x86: Use scratch field in MMIO fragment to hold small write values (bsc#1263165). * CVE-2026-31644: net: lan966x: fix use-after-free and leak in lan966x_fdma_reload() (bsc#1263048). * CVE-2026-31649: net: stmmac: fix integer underflow in chain mode (bsc#1263582). * CVE-2026-31658: net: altera-tse: fix skb leak on DMA mapping error in tse_start_xmit() (bsc#1263052). * CVE-2026-31662: tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG (bsc#1263131). * CVE-2026-31666: btrfs: fix incorrect return value after changing leaf in lookup_extent_data_ref() (bsc#1263138). * CVE-2026-31668: seg6: separate dst_cache for input and output paths in seg6 lwtunnel (bsc#1263140). * CVE-2026-31669: mptcp: fix slab-use-after-free in __inet_lookup_established (bsc#1263141). * CVE-2026-31675: net/sched: sch_netem: fix out-of-bounds access in packet corruption (bsc#1263556). * CVE-2026-31678: openvswitch: defer tunnel netdev_put to RCU release (bsc#1263562). * CVE-2026-31679: openvswitch: validate MPLS set/set_masked payload length (bsc#1263592). * CVE-2026-31681: netfilter: xt_multiport: validate range encoding in checkentry (bsc#1263593). * CVE-2026-31682: bridge: br_nd_send: linearize skb before parsing ND options (bsc#1263595). * CVE-2026-31684: net: sched: act_csum: validate nested VLAN headers (bsc#1263596). * CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263668). * CVE-2026-31691: igb: remove napi_synchronize() in igb_down() (bsc#1263604). * CVE-2026-31694: fuse: reject oversized dirents in page cache (bsc#1263901). * CVE-2026-31700: net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (bsc#1263882). * CVE-2026-31738: vxlan: validate ND option lengths in vxlan_na_create (bsc#1264059). * CVE-2026-31787: xen/privcmd: fix double free via VMA splitting (bsc#1262181). * CVE-2026-43009: bpf: Fix incorrect pruning due to atomic fetch precision tracking (bsc#1264014). * CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new expectations (bsc#1263931). * CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect cleanup (bsc#1263933). * CVE-2026-43037: ip6_tunnel: clear skb2->cb in ip4ip6_err() (bsc#1263995). * CVE-2026-43038: ipv6: icmp: clear skb2->cb in ip6_err_gen_icmpv6_unreach() (bsc#1264097). * CVE-2026-43045: mshv: Refactor and rename memory region handling functions (bsc#1263942). * CVE-2026-43050: atm: lec: fix use-after-free in sock_def_readable() (bsc#1264082). * CVE-2026-43060: netfilter: nft_ct: drop pending enqueued packets on removal (bsc#1264183). * CVE-2026-43082: net: txgbe: leave space for null terminators on property_entry (bsc#1264233). * CVE-2026-43088: net: af_key: zero aligned sockaddr tail in PF_KEY exports (bsc#1264469). * CVE-2026-43153: xfs: remove xfs_attr_leaf_hasname (bsc#1264586). * CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264848). * CVE-2026-43265: KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block() (bsc#1264427). * CVE-2026-43329: netfilter: flowtable: strictly check for maximum number of actions (bsc#1265085). * CVE-2026-43365: xfs: fix undersized l_iclog_roundoff values (bsc#1265119). * CVE-2026-43366: io_uring/kbuf: check if target buffer list is still legacy on recycle (bsc#1265116). * CVE-2026-43441: net: bonding: Fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1264674). * CVE-2026-43494: net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * CVE-2026-43503: net: skbuff: propagate shared-frag marker through frag- transfer helpers (bsc#1265960). The following non security issues were fixed: * accel/qaic: Add overflow check to remap_pfn_range during mmap (git-fixes). * ACPI: AGDI: fix missing newline in error message (git-fixes). * ACPI: CPPC: Fix related_cpus inconsistency during CPU hotplug (git-fixes). * ACPI: scan: Use acpi_dev_put() in object add error paths (git-fixes). * ACPI: video: Add backlight=native quirk for Dell OptiPlex 7770 AIO (git- fixes). * ACPI: video: force native backlight on HP OMEN 16 (8A44) (stable-fixes). * ACPI: video: Move Lenovo Legion S7 15ACH6 quirk to the right section (git- fixes). * ALSA: 6fire: Fix input volume change detection (git-fixes). * ALSA: 6fire: fix use-after-free on disconnect (git-fixes). * ALSA: aoa: i2sbus: clear stale prepared state (git-fixes). * ALSA: aoa: i2sbus: fix OF node lifetime handling (git-fixes). * ALSA: aoa: Skip devices with no codecs in i2sbus_resume() (git-fixes). * ALSA: aoa: Use guard() for mutex locks (stable-fixes). * ALSA: asihpi: avoid write overflow check warning (stable-fixes). * ALSA: caiaq: Don't abort when no input device is available (git-fixes). * ALSA: caiaq: Fix control_put() result and cache rollback (git-fixes). * ALSA: caiaq: Fix potentially leftover ep1_in_urb at error path (git-fixes). * ALSA: caiaq: fix usb_dev refcount leak on probe failure (git-fixes). * ALSA: caiaq: Handle probe errors properly (git-fixes). * ALSA: caiaq: take a reference on the USB device in create_card() (git- fixes). * ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names() (git-fixes). * ALSA: core: Fix potential data race at fasync handling (git-fixes). * ALSA: core: Serialize deferred fasync state checks (git-fixes). * ALSA: core: Validate compress device numbers without dynamic minors (git- fixes). * ALSA: ctxfi: Add fallback to default RSR for S/PDIF (git-fixes). * ALSA: ctxfi: Fix missing SPDIFI1 index handling (stable-fixes). * ALSA: ctxfi: Limit PTP to a single page (git-fixes). * ALSA: firewire-tascam: Do not drop unread control events (git-fixes). * ALSA: fireworks: bound device-supplied status before string array lookup (git-fixes). * ALSA: hda/hdmi: Add quirk for TUXEDO IBS14G6 (stable-fixes). * ALSA: hda/realtek - fixed speaker no sound update (git-fixes). * ALSA: hda/realtek: Add HP ENVY Laptop 13-ba0xxx quirk (stable-fixes). * ALSA: hda/realtek: Add mute LED quirk for HP Pavilion 15-eg0xxx (stable- fixes). * ALSA: hda/realtek: Add quirk for ASUS ROG Flow Z13-KJP GZ302EAC (stable- fixes). * ALSA: hda/realtek: add quirk for Framework F111:000F (stable-fixes). * ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14IAH10 (stable-fixes). * ALSA: hda/realtek: fix code style (ERROR: else should follow close brace '}') (git-fixes). * ALSA: hda: cs35l41: Put ACPI device on missing physical node (git-fixes). * ALSA: hda: cs35l56: Propagate ASP TX source control errors (git-fixes). * ALSA: hda: cs35l56: Put ACPI device after setting companion (git-fixes). * ALSA: hda: Fix NULL pointer dereference in snd_hda_ctl_add() (git-fixes). * ALSA: misc: Use guard() for spin locks (stable-fixes). * ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger (stable- fixes). * ALSA: pcmtest: fix reference leak on failed device registration (git-fixes). * ALSA: pcmtest: Fix resource leaks in module init error paths (git-fixes). * ALSA: pcmtest: Return -EFAULT on pattern read copy failure (git-fixes). * ALSA: sc6000: Keep the programmed board state in card-private data (git- fixes). * ALSA: scarlett2: Add missing error check when initialise Autogain Status (git-fixes). * ALSA: scarlett2: Add missing sentinel initializer field (git-fixes). * ALSA: seq: Notify client and port info changes (stable-fixes). * ALSA: seq_oss: return full count for successful SEQ_FULLSIZE writes (stable- fixes). * ALSA: usb-audio: apply quirk for MOONDROP JU Jiu (stable-fixes). * ALSA: usb-audio: Avoid false E-MU sample-rate notifications (git-fixes). * ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3() (git- fixes). * ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans (git-fixes). * ALSA: usb-audio: Bound MIDI endpoint descriptor scans (git-fixes). * ALSA: usb-audio: Evaluate packsize caps at the right place (git-fixes). * ALSA: usb-audio: Fix Audio Advantage Micro II SPDIF switch (git-fixes). * ALSA: usb-audio: Fix potential leak of pd at parsing UAC3 streams (git- fixes). * ALSA: usb-audio: Fix quirk flags for NeuralDSP Quad Cortex (stable-fixes). * ALSA: usb-audio: Fix UAC3 cluster descriptor size check (git-fixes). * ALSA: usb-audio: midi2: Restart output URBs on resume (git-fixes). * ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES (git-fixes). * ALSA: virtio: drop an extaneous kernel-doc comment (git-fixes). * amdgpu/jpeg: fix deepsleep register for jpeg 5_0_0 and 5_0_2 (stable-fixes). * ASoC: amd: acp: Add DMI quirk for Valve Steam Deck OLED (git-fixes). * ASoC: amd: yc: Add DMI entry for HP Laptop 15-fc0xxx (stable-fixes). * ASoC: amd: yc: Add DMI quirk for ASUS EXPERTBOOK BM1403CDA (stable-fixes). * ASoC: amd: yc: Add DMI quirk for Thin A15 B7VF (stable-fixes). * ASoC: amd: yc: Add HP OMEN Gaming Laptop 16-ap0xxx product line in quirk table (stable-fixes). * ASoC: codecs: ab8500: Fix casting of private data (git-fixes). * ASoC: cs35l56: Destroy workqueue in probe error path (git-fixes). * ASoC: cs35l56: Don't use devres to unregister component (git-fixes). * ASoC: cs35l56: Fix hibernate write in runtime resume error path (git-fixes). * ASoC: fsl_easrc: Change the type for iec958 channel status controls (git- fixes). * ASoC: fsl_easrc: Check the variable range in fsl_easrc_iec958_put_bits() (git-fixes). * ASoC: fsl_easrc: fix comment typo (git-fixes). * ASoC: fsl_easrc: Fix value type in fsl_easrc_iec958_get_bits() (git-fixes). * ASoC: fsl_micfil: Add access property for "VAD Detected" (git-fixes). * ASoC: fsl_micfil: Fix event generation in hwvad_put_enable() (git-fixes). * ASoC: fsl_micfil: Fix event generation in hwvad_put_init_mode() (git-fixes). * ASoC: fsl_micfil: Fix event generation in micfil_put_dc_remover_state() (git-fixes). * ASoC: fsl_micfil: Fix event generation in micfil_quality_set() (git-fixes). * ASoC: fsl_xcvr: Fix event generation for cached controls (git-fixes). * ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_arc_mode_put() (git-fixes). * ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_mode_put() (git-fixes). * ASoC: Intel: bytcr_wm5102: Fix MCLK leak on platform_clock_control error (git-fixes). * ASoC: qcom: q6apm-dai: reset queue ptr on trigger stop (git-fixes). * ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens (git-fixes). * ASoC: qcom: q6apm: move component registration to unmanaged version (git- fixes). * ASoC: qcom: q6apm: remove child devices when apm is removed (git-fixes). * ASoC: qcom: qdsp6: topology: check widget type before accessing data (git- fixes). * ASoC: soc-core: call missing INIT_LIST_HEAD() for card_aux_list (stable- fixes). * ASoC: SOF: compress: return the configured codec from get_params (git- fixes). * ASoC: SOF: Don't allow pointer operations on unconfigured streams (git- fixes). * ASoC: SOF: Intel: hda: Place check before dereference (git-fixes). * ASoC: SOF: topology: reject invalid vendor array size in token parser (stable-fixes). * ASoC: sti: Return errors from regmap_field_alloc() (git-fixes). * ASoC: sti: use managed regmap_field allocations (git-fixes). * ASoC: stm32_sai: fix incorrect BCLK polarity for DSP_A/B, LEFT_J (stable- fixes). * ata: ahci: force 32-bit DMA for JMicron JMB582/JMB585 (stable-fixes). * backlight: sky81452-backlight: Check return value of devm_gpiod_get_optional() in sky81452_bl_parse_dt() (git-fixes). * batman-adv: bla: only purge non-released claims (git-fixes). * batman-adv: bla: prevent use-after-free when deleting claims (git-fixes). * batman-adv: bla: put backbone reference on failed claim hash insert (git- fixes). * batman-adv: fix integer overflow on buff_pos (git-fixes). * batman-adv: hold claim backbone gateways by reference (git-fixes). * batman-adv: reject new tp_meter sessions during teardown (git-fixes). * batman-adv: reject oversized global TT response buffers (git-fixes). * batman-adv: stop caching unowned originator pointers in BAT IV (git-fixes). * bitfield: Add FIELD_MODIFY() helper (jsc#PED-14238). * Bluetooth: bnep: fix incorrect length parsing in bnep_rx_frame() extension handling (git-fixes). * Bluetooth: btmtk: validate WMT event SKB length before struct access (git- fixes). * Bluetooth: btusb: Check for unexpected bytes when defragmenting HCI frames (bsc#1260996). * Bluetooth: fix locking in hci_conn_request_evt() with HCI_PROTO_DEFER (git- fixes). * Bluetooth: hci_event: fix memset typo (git-fixes). * Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt (git-fixes). * Bluetooth: hci_event: fix potential UAF in SSP passkey handlers (git-fixes). * Bluetooth: hci_ldisc: Clear HCI_UART_PROTO_INIT on error (git-fixes). * Bluetooth: HIDP: serialise l2cap_unregister_user via hidp_session_sem (git- fixes). * Bluetooth: ISO: Fix data-race on dst in iso_sock_connect() (git-fixes). * Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp (git- fixes). * Bluetooth: l2cap: fix MPS check in l2cap_ecred_reconf_req (git-fixes). * Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb() (git- fixes). * Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_state_change_cb() (git- fixes). * Bluetooth: L2CAP: Fix printing wrong information if SDU length exceeds MTU (git-fixes). * Bluetooth: RFCOMM: pull credit byte with skb_pull_data() (git-fixes). * Bluetooth: SCO: check for codecs->num_codecs == 1 before assigning to sco_pi(sk)->codec (git-fixes). * Bluetooth: SCO: fix sleeping under spinlock in sco_conn_ready (git-fixes). * Bluetooth: SCO: hold sk properly in sco_conn_ready (git-fixes). * Bluetooth: virtio_bt: clamp rx length before skb_put (git-fixes). * Bluetooth: virtio_bt: validate rx pkt_type header length (git-fixes). * bpf: Add third round of bounds deduction (git-fixes). * bpf: Fix u32/s32 bounds when ranges cross min/max boundary (git-fixes). * bpf: Improve bounds when s64 crosses sign boundary (git-fixes). * bpf: Switch CONFIG_CFI_CLANG to CONFIG_CFI (git-fixes). * btrfs: qgroup: update all parent qgroups when doing quick inherit (bsc#1258933). * btrfs: reject root items with drop_progress and zero drop_level (git-fixes). * btrfs: replace BUG() with error handling in __btrfs_balance() (git-fixes). * bus: mhi: host: pci_generic: Switch to async power up to avoid boot delays (git-fixes). * bus: rifsc: fix RIF configuration check for peripherals (git-fixes). * can: mcp251x: add error handling for power enable in open and resume (stable-fixes). * can: raw: fix ro->uniq use-after-free in raw_rcv() (git-fixes). * can: ucan: fix devres lifetime (git-fixes). * cdc-acm: new quirk for EPSON HMD (stable-fixes). * check-for-config-changes: Exclude CC_MS_EXTENSIONS. * check-for-config-changes: Exclude HAVE_CFI_ICALL_NORMALIZE_INTEGERS{,_RUSTC}. * comedi: dt2815: add hardware detection to prevent crash (stable-fixes). * cpufreq: intel_pstate: Drop Arrow Lake from "scaling factor" list (bsc#1249104). * crypto: af_alg - limit RX SG extraction by receive buffer budget (git- fixes). * crypto: algif_aead - Fix minimum RX size check for decryption (git-fixes). * crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup (git- fixes). * crypto: atmel-ecc - Release client on allocation failure (git-fixes). * crypto: atmel-sha204a - Fix error codes in OTP reads (git-fixes). * crypto: atmel-sha204a - Fix OTP sysfs read and error handling (git-fixes). * crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path (git-fixes). * crypto: atmel-sha204a - Fix uninitialized data access on OTP read error (git-fixes). * crypto: atmel-tdes - fix DMA sync direction (git-fixes). * crypto: ccp - copy IV using skcipher ivsize (git-fixes). * crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed (git-fixes). * crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed (git-fixes). * crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed (git-fixes). * crypto: ccree - fix a memory leak in cc_mac_digest() (git-fixes). * crypto: drivers - Switch back to struct platform_driver::remove() (jsc#PED-14238). * crypto: drivers - Use str_enable_disable-like helpers (jsc#PED-14238). * crypto: hisilicon - Fix dma_unmap_single() direction (git-fixes). * crypto: iaa - Adjust workqueue allocation type (jsc#PED-14238). * crypto: iaa - fix per-node CPU counter reset in rebalance_wq_table() (git- fixes). * crypto: iaa - Move compression CRC into request object (jsc#PED-14238). * crypto: iaa - Optimize rebalance_wq_table() (jsc#PED-14238). * crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-14238). * crypto: iaa - Remove unreachable pr_debug from iaa_crypto_cleanup_module (jsc#PED-14238). * crypto: iaa - Remove unused disable_async argument from iaa_decompress (jsc#PED-14238). * crypto: iaa - Replace sprintf with sysfs_emit in sysfs show functions (jsc#PED-14238). * crypto: iaa - Simplify init_iaa_device() (jsc#PED-14238). * crypto: jitterentropy - replace long-held spinlock with mutex (git-fixes). * crypto: nx - Fix packed layout in struct nx842_crypto_header (git-fixes). * crypto: pcrypt - Fix handling of MAY_BACKLOG requests (git-fixes). * crypto: qat - #undef field_get() before local definition (jsc#PED-14238). * crypto: qat - add adf_rl_get_num_svc_aes() in rate limiting (jsc#PED-14238). * crypto: qat - add bank state save and restore for qat_420xx (jsc#PED-14238). * crypto: qat - add command queue telemetry counters for GEN6 (jsc#PED-14238). * crypto: qat - add compression slice count for rate limiting (jsc#PED-14238). * crypto: qat - add decompression service for rate limiting (jsc#PED-14238). * crypto: qat - add decompression service to telemetry (jsc#PED-14238). * crypto: qat - add firmware headers for GEN6 devices (jsc#PED-14238). * crypto: qat - add GEN6 firmware loader (jsc#PED-14238). * crypto: qat - add get_svc_slice_cnt() in device data structure (jsc#PED-14238). * crypto: qat - add live migration enablers for GEN6 devices (jsc#PED-14238). * crypto: qat - add macro to write 64-bit values to registers (jsc#PED-14238). * crypto: qat - add missing header inclusion (jsc#PED-14238). * crypto: qat - add qat_6xxx driver (jsc#PED-14238). * crypto: qat - add ring buffer idle telemetry counter for GEN6 (jsc#PED-14238). * crypto: qat - add support for decompression service to GEN6 devices (jsc#PED-14238). * crypto: qat - consolidate service enums (jsc#PED-14238). * crypto: qat - Constify struct pm_status_row (jsc#PED-14238). * crypto: qat - disable 4xxx AE cluster when lead engine is fused off (git- fixes). * crypto: qat - disable 420xx AE cluster when lead engine is fused off (git- fixes). * crypto: qat - do not export adf_cfg_services (jsc#PED-14238). * crypto: qat - enable power management debugfs for GEN6 devices (jsc#PED-14238). * crypto: qat - enable RAS support for GEN6 devices (jsc#PED-14238). * crypto: qat - enable rate limiting feature for GEN6 devices (jsc#PED-14238). * crypto: qat - enable reporting of error counters for GEN6 devices (jsc#PED-14238). * crypto: qat - enable telemetry for GEN6 devices (jsc#PED-14238). * crypto: qat - export adf_get_service_mask() (jsc#PED-14238). * crypto: qat - export adf_init_admin_pm() (jsc#PED-14238). * crypto: qat - expose configuration functions (jsc#PED-14238). * crypto: qat - fix compression instance leak (git-fixes). * crypto: qat - fix IRQ cleanup on 6xxx probe failure (git-fixes). * crypto: qat - fix object goals in Makefiles (jsc#PED-14238. * crypto: qat - fix type mismatch in RAS sysfs show functions (git-fixes). * crypto: qat - Fix typo "accelaration" (jsc#PED-14238). * crypto: qat - fix virtual channel configuration for GEN6 devices (jsc#PED-14238). * crypto: qat - include qat_common in top Makefile (jsc#PED-14238). * crypto: qat - introduce fuse array (jsc#PED-14238). * crypto: qat - make adf_dev_autoreset() static (jsc#PED-14238). * crypto: qat - optimize allocations for fw authentication (jsc#PED-14238). * crypto: qat - refactor compression template logic (jsc#PED-14238). * crypto: qat - refactor FW signing algorithm (jsc#PED-14238). * crypto: qat - refactor ring-related debug functions (jsc#PED-14238). * crypto: qat - refactor service parsing logic (jsc#PED-14238). * crypto: qat - relocate and rename bank state structure definition (jsc#PED-14238). * crypto: qat - relocate bank state helper functions (jsc#PED-14238). * crypto: qat - relocate power management debugfs helper APIs (jsc#PED-14238). * crypto: qat - relocate service related functions (jsc#PED-14238). * crypto: qat - remove BITS_IN_DWORD() (jsc#PED-14238). * crypto: qat - Remove dst_null support (jsc#PED-14238). * crypto: qat - remove duplicate masking for GEN6 devices (jsc#PED-14238). * crypto: qat - remove initialization in device class (jsc#PED-14238). * crypto: qat - remove redundant FW image size check (jsc#PED-14238). * crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-14238). * crypto: qat - remove unused members in suof structure (jsc#PED-14238). * crypto: qat - rename and relocate timer logic (jsc#PED-14238). * crypto: qat - reorder objects in qat_common Makefile (jsc#PED-14238). * crypto: qat - replace CHECK_STAT macro with static inline function (jsc#PED-14238). * crypto: qat - Replace kzalloc() + copy_from_user() with memdup_user() (jsc#PED-14238). * crypto: qat - restore ASYM service support for GEN6 devices (jsc#PED-14238). * crypto: qat - Return pointer directly in adf_ctl_alloc_resources (jsc#PED-14238). * crypto: qat - set command ids as reserved (jsc#PED-14238). * crypto: qat - switch to standard pattern for PCI IDs (jsc#PED-14238). * crypto: qat - update firmware api (jsc#PED-14238). * crypto: qat - use pr_fmt() in adf_gen4_hw_data.c (jsc#PED-14238). * crypto: qat - use pr_fmt() in qat uclo.c (jsc#PED-14238). * crypto: qat - use simple_strtoull to improve qat_uclo_parse_num (jsc#PED-14238). * crypto: qat - use swab32 macro (git-fixes). * crypto: qat - validate service in rate limiting sysfs api (jsc#PED-14238). * crypto: qat/qat_6xxx - Fix NULL vs IS_ERR() check in adf_probe() (jsc#PED-14238). * crypto: sa2ul - Fix AEAD fallback algorithm names (git-fixes). * crypto: simd - reject compat registrations without __ prefixes (git-fixes). * crypto: talitos - fix SEC1 32k ahash request limitation (git-fixes). * crypto: tegra - Disable softirqs before finalizing request (git-fixes). * devres: fix missing node debug info in devm_krealloc() (git-fixes). * dmaengine: dw-axi-dmac: fix Alignment should match open parenthesis (git- fixes). * dmaengine: dw-axi-dmac: Remove unnecessary return statement from void function (git-fixes). * dmaengine: mxs-dma: Fix missing return value from of_dma_controller_register() (git-fixes). * dpll: zl3073x: Add support to adjust phase (bsc#1255752). * dpll: zl3073x: Fix output pin phase adjustment sign (bsc#1255752). * dpll: zl3073x: fix REF_PHASE_OFFSET_COMP register width for some chip IDs (bsc#1255752). * dpll: zl3073x: Specify phase adjustment granularity for pins (bsc#1255752). * drivers/base/memory: fix memory block reference leak in poison accounting (git-fixes). * drm/amd/display: Add NULL check for integrated_info in clk_mgr_construct (git-fixes). * drm/amd/display: Allow DCE link encoder without AUX registers (git-fixes). * drm/amd/display: Avoid NULL dereference in dc_dmub_srv error paths (git- fixes). * drm/amd/display: Change dither policy for 10 bpc output back to dithering (git-fixes). * drm/amd/display: Correct logic check error for fastboot (git-fixes). * drm/amd/display: Disable 10-bit truncation and dithering on DCE 6.x (git- fixes). * drm/amd/display: Disable fastboot on DCE 6 too (stable-fixes). * drm/amd/display: Read EDID from VBIOS embedded panel info (git-fixes). * drm/amd/pm/ci: Clear EnabledForActivity field for memory levels (git-fixes). * drm/amd/pm/ci: Disable MCLK DPM on problematic CI ASICs (git-fixes). * drm/amd/pm/ci: Fill DW8 fields from SMC (git-fixes). * drm/amd/pm/ci: Fix powertune defaults for Hawaii 0x67B0 (git-fixes). * drm/amd/pm/ci: Use highest MCLK on CI when MCLK DPM is disabled (git-fixes). * drm/amd/pm/smu7: Add SCLK cap for quirky Hawaii board (git-fixes). * drm/amd/pm/smu7: Fix SMU7 voltage dependency on display clock (git-fixes). * drm/amd/pm: fix incorrect FeatureCtrlMask setting on smu v14.0.x (git- fixes). * drm/amdgpu/gfx6: Support harvested SI chips with disabled TCCs (v2) (git- fixes). * drm/amdgpu/gfx9: drop unnecessary 64-bit fence flag check in KIQ (stable- fixes). * drm/amdgpu/gfx10: look at the right prop for gfx queue priority (git-fixes). * drm/amdgpu/gfx11: look at the right prop for gfx queue priority (git-fixes). * drm/amdgpu/gmc: Fix AMDGPU_GART_PLACEMENT_LOW to not overlap with VRAM (git- fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v2.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v2.5 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v3.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.3 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.5 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v5.0.0 ring (git-fixes). * drm/amdgpu/pm: add missing revision check for CI (git-fixes). * drm/amdgpu/pm: align Hawaii mclk workaround with radeon (git-fixes). * drm/amdgpu/pm: drop SMU driver if version not matched messages (stable- fixes). * drm/amdgpu/sdma4: replace BUG_ON with WARN_ON in fence emission (git-fixes). * drm/amdgpu/vce: Prevent partial address patches (stable-fixes). * drm/amdgpu/vcn3: Avoid overflow on msg bound check (git-fixes). * drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg (stable-fixes). * drm/amdgpu/vcn4: Avoid overflow on msg bound check (git-fixes). * drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg (stable-fixes). * drm/amdgpu/vcn4: Prevent OOB reads when parsing IB (stable-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v2.0 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v2.5 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v3.0 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0.3 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0.5 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v5.0.0 enc ring (git-fixes). * drm/amdgpu: Add bounds checking to ib_{get,set}_value (stable-fixes). * drm/amdgpu: Add default case in DVI mode validation (git-fixes). * drm/amdgpu: fix AMDGPU_INFO_READ_MMR_REG (git-fixes). * drm/amdgpu: fix zero-size GDS range init on RDNA4 (stable-fixes). * drm/amdgpu: gate VM CPU HDP flush on reset lock (stable-fixes). * drm/amdgpu: replace PASID IDR with XArray (git-fixes). * drm/amdgpu: Use SMUIO 15.0.0 offsets for TSC upper and lower count (stable- fixes). * drm/amdgpu: zero-initialize GART table on allocation (stable-fixes). * drm/amdkfd: Add upper bound check for num_of_nodes (stable-fixes). * drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure (stable- fixes). * drm/amdkfd: Make all TLB-flushes heavy-weight (stable-fixes). * drm/amdkfd: validate SVM ioctl nattr against buffer size (stable-fixes). * drm/arcpgu: fix device node leak (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Add mode_valid hook to drm_bridge_funcs (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Handle HDCP state in bridge atomic check (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Set the mhdp connector earlier in atomic_enable() (git-fixes). * drm/bridge: stm_lvds: Do not fail atomic_check on disabled connector (git- fixes). * drm/etnaviv: Fix armed job not being pushed to the DRM scheduler (git- fixes). * drm/exynos: remove bridge when component_add fails (git-fixes). * drm/fb-helper: Fix clipping when damage area spans a single scanline (git- fixes). * drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() (git-fixes). * drm/gma500/oaktrail_hdmi: fix i2c adapter leak on setup (git-fixes). * drm/gma500/oaktrail_lvds: fix hang on init failure (git-fixes). * drm/gma500/oaktrail_lvds: fix i2c adapter leaks on init (git-fixes). * drm/i915/dp: Fix VSC dynamic range signaling for RGB formats (git-fixes). * drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (git- fixes). * drm/i915/wm: Verify the correct plane DDB entry (git-fixes). * drm/i915: skip __i915_request_skip() for already signaled requests (git- fixes). * drm/imagination: Switch reset_reason fields from enum to u32 (git-fixes). * drm/komeda: fix integer overflow in AFBC framebuffer size check (git-fixes). * drm/loongson: Use managed KMS polling (git-fixes). * drm/msm/a6xx: Fix dumping A650+ debugbus blocks (git-fixes). * drm/msm/a6xx: Fix HLSQ register dumping (git-fixes). * drm/msm/a6xx: Use barriers while updating HFI Q headers (git-fixes). * drm/msm/dpu: fix mismatch between power and frequency (git-fixes). * drm/msm/dsi: add the missing parameter description (git-fixes). * drm/msm/dsi: fix bits_per_pclk (git-fixes). * drm/msm/dsi: fix hdisplay calculation for CMD mode panel (git-fixes). * drm/msm/dsi: rename MSM8998 DSI version from V2_2_0 to V2_0_0 (git-fixes). * drm/msm/gem: fix error handling in msm_ioctl_gem_info_get_metadata() (git- fixes). * drm/msm/shrinker: Fix can_block() logic (git-fixes). * drm/nouveau: fix nvkm_device leak on aperture removal failure (git-fixes). * drm/nouveau: fix u32 overflow in pushbuf reloc bounds check (git-fixes). * drm/panel: boe-tv101wum-nl6: restore MODE_LPM after sending disable cmds (git-fixes). * drm/panel: himax-hx83102: restore MODE_LPM after sending disable cmds (git- fixes). * drm/panel: sharp-ls043t1le01: make use of prepare_prev_first (git-fixes). * drm/panel: simple: Correct G190EAN01 prepare timing (git-fixes). * drm/panfrost: Fix wait_bo ioctl leaking positive return from dma_resv_wait_timeout() (git-fixes). * drm/panthor: Fix outdated function documentation (git-fixes). * drm/radeon: add missing revision check for CI (git-fixes). * drm/sun4i: backend: fix error pointer dereference (git-fixes). * drm/sun4i: Fix resource leaks (git-fixes). * drm/v3d: Handle error from drm_sched_entity_init() (git-fixes). * drm/vc4: Fix a memory leak in hang state error path (git-fixes). * drm/vc4: Fix memory leak of BO array in hang state (git-fixes). * drm/vc4: platform_get_irq_byname() returns an int (stable-fixes). * drm/vc4: Protect madv read in vc4_gem_object_mmap() with madv_lock (git- fixes). * drm/vc4: Release runtime PM reference after binding V3D (git-fixes). * drm/vram: remove DRM_VRAM_MM_FILE_OPERATIONS from docs (git-fixes). * drm/xe/bo: Fix bo leak on GGTT flag validation in xe_bo_init_locked() (git- fixes). * drm/xe/bo: Fix bo leak on unaligned size validation in xe_bo_init_locked() (git-fixes). * drm/xe/debugfs: Correct printing of register whitelist ranges (git-fixes). * drm/xe/dma-buf: handle empty bo and UAF races (git-fixes). * drm/xe/gsc: Fix BO leak on error in query_compatibility_version() (git- fixes). * drm/xe/uapi: update used tracking kernel-doc (git-fixes). * drm/xe: Fix dma-buf attachment leak in xe_gem_prime_import() (git-fixes). * drm/xe: Fix error cleanup in xe_exec_queue_create_ioctl() (git-fixes). * dt-bindings: net: Fix Tegra234 MGBE PTP clock (git-fixes). * efi/capsule-loader: fix incorrect sizeof in phys array reallocation (git- fixes). * efi: pstore: Drop efivar lock when efi_pstore_open() returns with an error (git-fixes). * erofs: add GFP_NOIO in the bio completion if needed (git-fixes). * ext4: fix fsync(2) for nojournal mode (git-fixes). * ext4: make recently_deleted() properly work with lazy itable initialization (git-fixes). * ext4: reject mount if bigalloc with s_first_data_block != 0 (git-fixes). * extcon: Fixed sysfs duplicate filename issue (git-fixes). * extcon: ptn5150: handle pending IRQ events during system resume (git-fixes). * fbdev: matroxfb: Mark variable with __maybe_unused to avoid W=1 build break (git-fixes). * fbdev: offb: fix PCI device reference leak on probe failure (git-fixes). * fbdev: tdfxfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (stable-fixes). * fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (git-fixes). * firmware: arm_ffa: Use the correct buffer size during RXTX_MAP (git-fixes). * firmware: dmi: Correct an indexing error in dmi.h (git-fixes). * firmware: google: framebuffer: Do not mark framebuffer as busy (git-fixes). * firmware: google: framebuffer: Do not unregister platform device (git- fixes). * gpio: of: clear OF_POPULATED on hog nodes in remove path (git-fixes). * gpio: tegra: fix irq_release_resources calling enable instead of disable (git-fixes). * gtp: disable BH before calling udp_tunnel_xmit_skb() (git-fixes). * HID: alps: fix NULL pointer dereference in alps_raw_event() (git-fixes). * HID: amd_sfh: don't log error when device discovery fails with -EOPNOTSUPP (git-fixes). * HID: apple: ensure the keyboard backlight is off if suspending (git-fixes). * HID: asus: do not abort probe when not necessary (git-fixes). * HID: asus: make asus_resume adhere to linux kernel coding standards (git- fixes). * HID: core: clamp report_size in s32ton() to avoid undefined shift (stable- fixes). * HID: logitech-hidpp: Enable MX Master 4 over bluetooth (stable-fixes). * HID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure (stable-fixes). * HID: multitouch: Check to ensure report responses match the request (stable- fixes). * HID: quirks: add HID_QUIRK_ALWAYS_POLL for 8BitDo Pro 3 (stable-fixes). * HID: roccat: fix use-after-free in roccat_report_event (stable-fixes). * HID: usbhid: fix deadlock in hid_post_reset() (git-fixes). * HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq (stable-fixes). * hisi_acc_vfio_pci: add eq and aeq interruption restore (git-fixes). * hisi_acc_vfio_pci: bugfix cache write-back issue (git-fixes). * hisi_acc_vfio_pci: bugfix the problem of uninstalling driver (git-fixes). * hv_sock: fix ARM64 support (git-fixes). * hv_sock: update outdated comment for renamed vsock_stream_recvmsg() (git- fixes). * hwmon: (ads7871) Fix endianness bug in 16-bit register reads (git-fixes). * hwmon: (corsair-psu) Close HID device on probe errors (git-fixes). * hwmon: (lm63) Add locking to avoid TOCTOU (git-fixes). * hwmon: (ltc2992) Clamp threshold writes to hardware range (git-fixes). * hwmon: (ltc2992) Fix u32 overflow in power read path (git-fixes). * hwmon: (ltc4286) Add missing MODULE_IMPORT_NS("PMBUS") (git-fixes). * hwmon: (powerz) Fix missing usb_kill_urb() on signal interrupt (git-fixes). * hwmon: (powerz) Fix use-after-free on USB disconnect (git-fixes). * hwmon: (pt5161l) Fix bugs in pt5161l_read_block_data() (git-fixes). * i2c: s3c24xx: check the size of the SMBUS message before using it (stable- fixes). * i2c: smbus: reject oversized block transfers in the common path (git-fixes). * i2c: stm32f7: reinit_completion() per transfer not per msg (git-fixes). * i2c: stub: Reject I2C block transfers with invalid length (git-fixes). * i2c: tegra: Add HS mode support (bsc#1261550). * i2c: tegra: Add Tegra256 support (bsc#1261550). * i2c: tegra: Do not configure DMA if not supported (bsc#1261550). * i2c: tegra: Don't mark devices with pins as IRQ safe (stable-fixes). * i2c: tegra: Update Tegra256 timing parameters (bsc#1261550). * i2c: tegra: Use separate variables for fast and fastplus (bsc#1261550). * i3c: dw: Fix memory leak in dw_i3c_master_i3c_xfers() (git-fixes). * i3c: master: Fix error codes at send_ccc_cmd (git-fixes). * i3c: mipi-i3c-hci: fix IBI payload length calculation for final status (git- fixes). * ibmveth: Disable GSO for packets with small MSS (bsc#1265144). * iio: adc: ad7192: Revert "properly check spi_get_device_match_data()" (stable-fixes). * iio: adc: ad7768-1: fix one-shot mode data acquisition (git-fixes). * iio: adc: ti-ads7950: use iio_push_to_buffers_with_ts_unaligned() (git- fixes). * iio: frequency: admv1013: add dev variable (stable-fixes). * iio: frequency: admv1013: fix NULL pointer dereference on str (git-fixes). * Input: bcm5974 - recover from failed mode switch (stable-fixes). * Input: i8042 - add TUXEDO InfinityBook Max 16 Gen10 AMD to i8042 quirk table (stable-fixes). * Input: uinput - fix circular locking dependency with ff-core (git-fixes). * Input: uinput - take event lock when submitting FF request "event" (stable- fixes). * Input: xpad - add support for BETOP BTP-KP50B/C controller's wireless mode (stable-fixes). * Input: xpad - add support for Razer Wolverine V3 Pro (stable-fixes). * interconnect: debugfs: fix devm_kstrdup and kfree mismatch (git-fixes). * io_uring/timeout: check unused sqe fields (git-fixes). * iommu/amd: move wait_on_sem() out of spinlock (git-fixes bsc#1260593). * iommu/amd: serialize sequence allocation under concurrent TLB invalidations (git-fixes bsc#1260593). * iommu/vt-d: Remove LPIG from page group response descriptor (jsc#PED-16113). * ipmi: Add limits to event and receive message requests (git-fixes). * ipmi: Check event message buffer response for bad data (git-fixes). * ipmi: ssif_bmc: change log level to dbg in irq callback (git-fixes). * ipmi: ssif_bmc: fix message desynchronization after truncated response (git- fixes). * ipmi: ssif_bmc: fix missing check for copy_to_user() partial failure (git- fixes). * ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (git-fixes). * KVM: arm64: Allow cacheable stage 2 mapping using VMA flags (git-fixes). * KVM: arm64: Assume non-PFNMAP/MIXEDMAP VMAs can be mapped cacheable (git- fixes). * KVM: arm64: Block cacheable PFNMAP mapping (git-fixes). * KVM: arm64: Consolidate idreg callbacks (git-fixes). * KVM: arm64: Discard PC update state on vcpu reset (git-fixes). * KVM: arm64: Finalize ID registers only once per VM (git-fixes). * KVM: arm64: Fix MTE flag initialization for protected VMs (git-fixes). * KVM: arm64: Fix page leak in user_mem_abort() (git-fixes). * KVM: arm64: Fix Trace Buffer trap polarity for protected VMs (git-fixes). * KVM: arm64: Fix Trace Buffer trapping for protected VMs (git-fixes). * KVM: arm64: Fix vma_shift staleness on nested hwpoison path (git-fixes). * KVM: arm64: Hide S1POE from guests when not supported by the host (git- fixes). * KVM: arm64: Limit clearing of ID_{AA64PFR0,PFR1}_EL1.GIC to userspace irqchip (git-fixes). * KVM: arm64: Make all 32bit ID registers fully writable (git-fixes). * KVM: arm64: nv: Add trap config for DBGWCR<15>_EL1 (git-fixes). * KVM: arm64: nv: Return correct RES0 bits for FGT registers (git-fixes). * KVM: arm64: pkvm: Fallback to level-3 mapping on host stage-2 fault (git- fixes). * KVM: arm64: Read PMUVer as unsigned (git-fixes). * KVM: arm64: Rename the device variable to s2_force_noncacheable (git-fixes). * KVM: arm64: Return early from trace helpers when KVM isn't available (git- fixes). * KVM: arm64: Set ID_{AA64PFR0,PFR1}_EL1.GIC when GICv3 is configured (git- fixes). * KVM: arm64: vgic-v3: Release reserved slot outside of lpi_xa's lock (git- fixes). * KVM: arm64: vgic: Fix IIDR revision field extracted from wrong value (git- fixes). * KVM: nSVM: Use vcpu->arch.cr2 when updating vmcb12 on nested #VMEXIT (git- fixes). * KVM: nVMX: Add consistency check for TSC_MULTIPLIER=0 (git-fixes). * KVM: Reject wrapped offset in kvm_reset_dirty_gfn() (git-fixes). * KVM: SEV: Disallow LAUNCH_FINISH if vCPUs are actively being created (git- fixes). * KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION (git- fixes). * KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish (git- fixes). * KVM: SEV: Protect _all_ of sev_mem_enc_register_region() with kvm->lock (git-fixes). * KVM: SEV: Reject attempts to sync VMSA of an already-launched/encrypted vCPU (git-fixes). * KVM: SVM: Disallow EFER.LMSLE when not supported by hardware (git-fixes). * KVM: SVM: Fix a missing kunmap_local() in sev_gmem_post_populate() (git- fixes). * KVM: SVM: Initialize AVIC VMCB fields if AVIC is enabled with in-kernel APIC (git-fixes). * KVM: SVM: Mark VMCB_NPT as dirty on nested VMRUN (git-fixes). * KVM: SVM: Mark VMCB_PERM_MAP as dirty on nested VMRUN (git-fixes). * KVM: SVM: Properly check RAX in the emulator for SVM instructions (git- fixes). * KVM: SVM: Set/clear CR8 write interception when AVIC is (de)activated (git- fixes). * KVM: TDX: Explicitly set user-return MSRs that _may_ be clobbered by the TDX-Module (git-fixes). * KVM: x86/mmu: Fix UBSAN warning when reading nx_huge_pages parameter (git- fixes). * KVM: x86/xen: Fix cleanup logic in emulation of Xen schedop poll hypercalls (git-fixes). * KVM: x86: Add SRCU protection for reading PDPTRs in __get_sregs2() (git- fixes). * KVM: x86: Advertise EferLmsleUnsupported to userspace (git-fixes). * KVM: x86: check for nEPT/nNPT in slow flush hypercalls (git-fixes). * KVM: X86: Fix array_index_nospec protection in __pv_send_ipi (git-fixes). * KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (git- fixes). * KVM: x86: hyper-v: Validate all GVAs during PV TLB flush (git-fixes). * KVM: x86: Ignore cpuid faulting in SMM (git-fixes). * leds: lgm-sso: Remove duplicate assignments for priv->mmap (git-fixes). * leds: qcom-lpg: Check for array overflow when selecting the high resolution (stable-fixes). * lib/hexdump: print_hex_dump_bytes() calls print_hex_dump_debug() (git- fixes). * md/raid1: fix the comparing region of interval tree (bsc#1261555). * md/raid1: serialize overlap io for writemostly disk (bsc#1261555). * media: amphion: Fix race between m2m job_abort and device_run (git-fixes). * media: as102: fix to not free memory after the device is registered in as102_usb_probe() (git-fixes). * media: chips-media: wave5: add missing spinlock protection for handle_dynamic_resolution_change() (git-fixes). * media: chips-media: wave5: add missing spinlock protection for send_eos_event() (git-fixes). * media: chips-media: wave5: fix a potential memory leak in wave5_vdi_init() (git-fixes). * media: dib8000: avoid division by 0 in dib8000_set_dds() (git-fixes). * media: em28xx: fix use-after-free in em28xx_v4l2_open() (git-fixes). * media: hackrf: fix to not free memory after the device is registered in hackrf_probe() (git-fixes). * media: i2c: imx219: Check return value of devm_gpiod_get_optional() in imx219_probe() (git-fixes). * media: i2c: imx283: Enter full standby when stopping streaming (git-fixes). * media: i2c: imx283: Fix hang when going from large to small resolution (git- fixes). * media: i2c: imx412: Assert reset GPIO during probe (git-fixes). * media: i2c: ov08d10: fix image vertical start setting (git-fixes). * media: i2c: ov8856: free control handler on error in ov8856_init_controls() (git-fixes). * media: intel/ipu6: fix error pointer dereference (git-fixes). * media: mtk-jpeg: fix use-after-free in release path due to uncancelled work (git-fixes). * media: nxp: imx8-isi: Reduce minimum queued buffers from 2 to 0 (git-fixes). * media: omap3isp: drop the use count of v4l2 pipeline (git-fixes). * media: pci: zoran: fix potential memory leak in zoran_probe() (git-fixes). * media: rc: streamzap: Error handling in probe (git-fixes). * media: rc: xbox_remote: heed DMA restrictions (git-fixes). * media: saa7164: add ioremap return checks and cleanups (git-fixes). * media: staging: imx: configure src_mux in csi_start (git-fixes). * media: staging: imx: request mbus_config in csi_start (git-fixes). * media: uvcvideo: Enable VB2_DMABUF for metadata stream (git-fixes). * media: videobuf2: Set vma_flags in vb2_dma_sg_mmap (git-fixes). * media: vidtv: fix nfeeds state corruption on start_streaming failure (git- fixes). * media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections (git-fixes). * media: vidtv: fix pass-by-value structs causing MSAN warnings (git-fixes). * memory: tegra30-emc: Fix dll_change check (git-fixes). * memory: tegra124-emc: Fix dll_change check (git-fixes). * mfd: core: Preserve OF node when ACPI handle is present (git-fixes). * mfd: mc13xxx-core: Fix memory leak in mc13xxx_add_subdevice_pdata() (git- fixes). * mfd: stpmic1: Attempt system shutdown twice in case PMIC is confused (git- fixes). * mkspec: Add signature to source list only when it exists. * mmc: sdhci-of-dwcmshc: Disable clock before DLL configuration (git-fixes). * mmc: vub300: fix NULL-deref on disconnect (git-fixes). * modpost: Amend ppc64 save/restfpr symnames for -Os build (bsc#1215199). * mtd: docg3: fix use-after-free in docg3_release() (git-fixes). * mtd: parsers: ofpart: call of_node_get() for dedicated subpartitions (git- fixes). * mtd: parsers: ofpart: call of_node_put() only in ofpart_fail path (git- fixes). * mtd: physmap_of_gemini: Fix disabled pinctrl state check (git-fixes). * mtd: rawnand: sunxi: fix sunxi_nfc_hw_ecc_read_extra_oob (git-fixes). * mtd: spi-nor: core: correct the op.dummy.nbytes when check read operations (git-fixes). * mtd: spi-nor: debugfs: fix out-of-bounds read in spi_nor_params_show() (git- fixes). * mtd: spi-nor: sst: Fix write enable before AAI sequence (git-fixes). * mtd: spi-nor: swp: check SR_TB flag when getting tb_mask (git-fixes). * net-shapers: don't free reply skb after genlmsg_reply() (git-fixes). * net/mlx5: Fix HCA caps leak on notifier init failure (git-fixes). * net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * net/sched: cls_fw: fix NULL dereference of "old" filters before change() (git-fixes). * net/sched: fix pedit partial COW leading to page cache corruption (bsc#1265421). * net: gro: don't merge zcopy skbs (git-fixes). * net: hamradio: 6pack: fix uninit-value in sixpack_receive_buf (git-fixes). * net: mana: Add MAC address to vPort logs and clarify error messages (git- fixes). * net: mana: check xdp_rxq registration before unreg in mana_destroy_rxq() (git-fixes). * net: mana: Don't overwrite port probe error with add_adev result (git- fixes). * net: mana: Fix crash from unvalidated SHM offset read from BAR0 during FLR (bsc#1265846). * net: mana: Fix EQ leak in mana_remove on NULL port (git-fixes). * net: mana: Fix RX skb truesize accounting (bsc#1248754). * net: mana: Guard mana_remove against double invocation (git-fixes). * net: mana: hardening: Validate adapter_mtu from MANA_QUERY_DEV_CONFIG (git- fixes). * net: mana: hardening: Validate doorbell ID from GDMA_REGISTER_DEVICE response (git-fixes). * net: mana: Init gf_stats_work before potential error paths in probe (git- fixes). * net: mana: Init link_change_work before potential error paths in probe (git- fixes). * net: mana: Move current_speed debugfs file to mana_init_port() (git-fixes). * net: mana: remove double CQ cleanup in mana_create_rxq error path (git- fixes). * net: mana: Set default number of queues to 16 (bsc#1261648). * net: mana: Skip WQ object destruction for uninitialized RXQ (git-fixes). * net: mana: Use at least SZ_4K in doorbell ID range check (git-fixes). * net: mana: Use pci_name() for debugfs directory naming (git-fixes). * net: phy: broadcom: Save PHY counters during suspend (git-fixes). * net: phy: DP83TC811: add reading of abilities (git-fixes). * net: phy: dp83869: fix setting CLK_O_SEL field (git-fixes). * net: phy: fix a return path in get_phy_c45_ids() (git-fixes). * net: phy: qcom: at803x: Use the correct bit to disable extended next page (git-fixes). * net: stmmac: Fix PTP ref clock for Tegra234 (git-fixes). * net: usb: asix: ax88772: re-add usbnet_link_change() in phylink callbacks (git-fixes). * net: usb: cdc-phonet: fix skb frags[] overflow in rx_complete() (git-fixes). * net: usb: rtl8150: fix use-after-free in rtl8150_start_xmit() (git-fixes). * net: usb: rtl8150: free skb on usb_submit_urb() failure in xmit (git-fixes). * net: wan: fsl_ucc_hdlc: fix ucc_hdlc_remove (git-fixes). * net: wan: fsl_ucc_hdlc: fix uhdlc_memclean (git-fixes). * net: wan: fsl_ucc_hdlc: free tx_skbuff in uhdlc_memclean (git-fixes). * net: wwan: t7xx: validate port_count against message length in t7xx_port_enum_msg_handler (git-fixes). * NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (git- fixes). * nfc: llcp: add missing return after LLCP_CLOSED checks (git-fixes). * nfc: pn533: allocate rx skb before consuming bytes (git-fixes). * nfc: s3fwrn5: allocate rx skb before consuming bytes (git-fixes). * NFC: trf7970a: Ignore antenna noise when checking for RF field (git-fixes). * nvme-apple: drop invalid put of admin queue reference count (git-fixes). * nvme-auth: Include SC_C in RVAL controller hash (bsc#1260428). * nvme-loop: do not cancel I/O and admin tagset during ctrl reset/shutdown (bsc#1262709). * nvme-pci: add NVME_QUIRK_DISABLE_WRITE_ZEROES for Kingston OM3SGP4 (git- fixes). * nvme: Allow reauth from sysfs (bsc#1259672). * nvme: Expose the tls_configured sysfs for secure concat connections (bsc#1259672). * nvme: expose TLS mode (bsc#1259672). * nvme: fix admin queue leak on controller reset (git-fixes). * nvme: fix PCIe subsystem reset controller state transition (bsc#1261738). * nvmet-tcp: propagate nvmet_tcp_build_pdu_iovec() errors to its callers (git- fixes). * ocfs2: fix possible deadlock between unlink and dio_end_io_write (bsc#1258718). * ocfs2: split transactions in dio completion to avoid credit exhaustion (bsc#1258718). * openvswitch: vport: fix self-deadlock on release of tunnel ports (git- fixes). * panic/printk: replace other_cpu_in_panic() with panic_on_other_cpu() (bsc#1261149). * panic/printk: replace this_cpu_in_panic() with panic_on_this_cpu() (bsc#1261149). * panic: introduce helper functions for panic state (bsc#1261149). * panic: use angle-bracket include for panic.h (bsc#1261149). * PCI/AER: Clear only error bits in PCIe Device Status (git-fixes). * PCI/AER: Stop ruling out unbound devices as error source (git-fixes). * PCI/ASPM: Fix pci_clear_and_set_config_dword() usage (git-fixes). * PCI/NPEM: Set LED_HW_PLUGGABLE for hotplug-capable ports (git-fixes). * PCI/TPH: Allow TPH enable for RCiEPs (git-fixes). * PCI: dwc: Apply ECRC workaround to DesignWare 5.00a as well (git-fixes). * PCI: dwc: rcar-gen4: Change EPC BAR alignment to 4K as per the documentation (git-fixes). * PCI: Enable AtomicOps only if Root Port supports them (git-fixes). * PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown (git-fixes). * PCI: endpoint: pci-epf-vntb: Stop cmd_handler work in epf_ntb_epc_cleanup (git-fixes). * PCI: epf-mhi: Return 0, not remaining timeout, when eDMA ops complete (git- fixes). * PCI: hv: Set default NUMA node to 0 for devices without affinity info (bsc#1261648). * PCI: mediatek-gen3: Prevent leaking IRQ domains when IRQ not found (git- fixes). * PCI: qcom: Advertise Hotplug Slot Capability with no Command Completion support (git-fixes). * PCI: tegra194: Allow system suspend when the Endpoint link is not up (git- fixes). * PCI: tegra194: Disable direct speed change for Endpoint mode (git-fixes). * PCI: tegra194: Disable LTSSM after transition to Detect on surprise link down (git-fixes). * PCI: tegra194: Disable PERST# IRQ only in Endpoint mode (git-fixes). * PCI: tegra194: Fix CBB timeout caused by DBI access before core power-on (git-fixes). * PCI: tegra194: Fix polling delay for L2 state (git-fixes). * PCI: tegra194: Free up Endpoint resources during remove() (git-fixes). * PCI: tegra194: Increase LTSSM poll time on surprise link down (git-fixes). * PCI: tegra194: Set LTR message request before PCIe link up in Endpoint mode (git-fixes). * PCI: tegra194: Use devm_gpiod_get_optional() to parse "nvidia,refclk-select" (git-fixes). * PCI: tegra194: Use DWC IP core version (git-fixes). * pinctrl: abx500: Fix type of 'argument' variable (git-fixes). * pinctrl: Fix spelling problem (git-fixes). * pinctrl: intel: Fix the revision for new features (1kOhm PD, HW debouncer) (stable-fixes). * pinctrl: pic32: change all cases of bare 'unsigned' to 'unsigned int' (git- fixes). * pinctrl: pic32: use consistent spacing around '+' (git-fixes). * pinctrl: pinctrl-pic32: Fix resource leak (git-fixes). * pinctrl: realtek: Fix function signature for config argument (git-fixes). * pinctrl: renesas: rzg2l: Fix save/restore of {IOLH,IEN,PUPD,SMT} registers (git-fixes). * platform/chrome: chromeos_tbmc: Drop wakeup source on remove (git-fixes). * platform/surface: surfacepro3_button: Drop wakeup source on remove (git- fixes). * platform/x86/amd: pmc: Add Thinkpad L14 Gen3 to quirk_s2idle_bug (stable- fixes). * platform/x86/intel-uncore-freq: Handle autonomous UFS status bit (git- fixes). * platform/x86: asus-wmi: adjust screenpad power/brightness handling (git- fixes). * platform/x86: asus-wmi: fix screenpad brightness range (git-fixes). * platform/x86: dell-wmi-sysman: bound enumeration string aggregation (git- fixes). * platform/x86: dell_rbu: avoid uninit value usage in packet_size_write() (git-fixes). * platform/x86: hp-wmi: Ignore backlight and FnLock events (stable-fixes). * platform/x86: panasonic-laptop: Fix OPTD notifier registration and cleanup (git-fixes). * power: supply: axp288_charger: Do not cancel work before initializing it (git-fixes). * power: supply: max17042: avoid overflow when determining health (git-fixes). * powerpc/crash: fix backup region offset update to elfcorehdr (bsc#1259535). * powerpc/crash: Update backup region offset in elfcorehdr on memory hotplug (bsc#1259535). * printk/nbcon/panic: Allow printk kthread to sleep when the system is in panic (bsc#1261149). * printk/nbcon: Block printk kthreads when any CPU is in an emergency context (bsc#1261149). * printk/nbcon: Release nbcon consoles ownership in atomic flush after each emitted record (bsc#1261149). * printk/nbcon: Restore IRQ in atomic flush after each emitted record (bsc#1261149). * printk/nbcon: use panic_on_this_cpu() helper (bsc#1261149). * printk: Allow printk_trigger_flush() to flush all types (bsc#1262750). * printk: Allow to use the printk kthread immediately even for 1st nbcon (jsc#PED-7912). * printk: Avoid irq_work for printk_deferred() on suspend (bsc#1262750). * printk: Avoid scheduling irq_work on suspend (bsc#1262750). * printk: console_flush_one_record() code cleanup (bsc#1261149). * printk: Introduce console_flush_one_record (bsc#1261149). * printk: Use console_flush_one_record for legacy printer kthread (bsc#1261149). * pwm: imx-tpm: Count the number of enabled channels in probe (git-fixes). * qat: don't mess with ->d_name (jsc#PED-14238). * r8152: fix incorrect register write to USB_UPHY_XTAL (git-fixes). * RDMA/irdma: Fix double free related to rereg_user_mr (git-fixes). * RDMA/mana: Fix error unwind in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Fix mana_destroy_wq_obj() cleanup in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Validate rx_hash_key_len (git-fixes). * RDMA/mana_ib: cleanup the usage of mana_gd_send_request() (git-fixes). * RDMA/mana_ib: Disable RX steering on RSS QP destroy (git-fixes). * RDMA/mana_ib: Support memory windows (git-fixes). * regulator: act8945a: fix OF node reference imbalance (git-fixes). * regulator: bd9571mwv: fix OF node reference imbalance (git-fixes). * regulator: max77650: fix OF node reference imbalance (git-fixes). * regulator: mt6357: fix OF node reference imbalance (git-fixes). * regulator: rk808: fix OF node reference imbalance (git-fixes). * remoteproc: xlnx: Fix sram property parsing (git-fixes). * remoteproc: xlnx: Only access buffer information if IPI is buffered (git- fixes). * Revert "ALSA: usb: Increase volume range that triggers a warning" (git- fixes). * Revert "serial: 8250: Revert "drop lockdep annotation from serial8250_clear_IER()"" (bsc#1262480). * Revert "serial: 8250: Switch to nbcon console" (bsc#1262480). * rtc: abx80x: Disable alarm feature if no interrupt attached (git-fixes). * rtc: ntxec: fix OF node reference imbalance (git-fixes). * s390/dasd: Copy detected format information to secondary device (bsc#1259994). * s390/dasd: Fix gendisk parent after copy pair swap (bsc#1259994). * s390/dasd: Move quiesce state with pprc swap (bsc#1259994). * sched/fair: Change likelyhood of nohz.nr_cpus (bsc#1234634 bsc#1258961). * sched/fair: Move checking for nohz cpus after time check (bsc#1234634 bsc#1258961). * sched/fair: Remove nohz.nr_cpus and use weight of cpumask instead (bsc#1234634 bsc#1258961). * scsi: lpfc: Add clean up of aborted NVMe commands during PCI fcn reset (bsc#1262019). * scsi: lpfc: Add log messages to fabric login error labels (bsc#1262019). * scsi: lpfc: Add PCI ID support for LPe42100 series adapters (bsc#1262019). * scsi: lpfc: Add REG_VFI mailbox cmd error handling (bsc#1262019). * scsi: lpfc: Break out of IRQ affinity assignment when mask reaches nr_cpu_ids (bsc#1262019). * scsi: lpfc: Check ASIC_ID register to aid diagnostics during failed fw updates (bsc#1262019). * scsi: lpfc: Cleanup error exit paths in lpfc_fdmi_cmd() and associated messages (bsc#1262019). * scsi: lpfc: ELIMINATE kernel-doc warnings in lpfc.h (bsc#1262019). * scsi: lpfc: Fix incorrect txcmplq_cnt during cleanup in lpfc_sli_abort_ring() (bsc#1262019). * scsi: lpfc: Introduce 128G link speed selection and support (bsc#1262019). * scsi: lpfc: Log discarded and insufficient RQE buffer events (bsc#1262019). * scsi: lpfc: Log MCQE contents for mbox commands with no context (bsc#1262019). * scsi: lpfc: Properly set WC for DPP mapping (bsc#1262019). * scsi: lpfc: Reduce pointer chasing when accessing vmid_flag (bsc#1262019). * scsi: lpfc: Remove deprecated PBDE feature (bsc#1262019). * scsi: lpfc: Remove unnecessary ndlp kref get in lpfc_check_nlp_post_devloss (bsc#1262019). * scsi: lpfc: Restrict first burst to non-FCoE and SLI4 adapters only (bsc#1262019). * scsi: lpfc: Select mailbox rq_create cmd version based on SLI4 if_type (bsc#1262019). * scsi: lpfc: Update class of service bit field to 3 bits for WQE submissions (bsc#1262019). * scsi: lpfc: Update construction of SGL when XPSGL is enabled (bsc#1262019). * scsi: lpfc: Update copyright year string for 2026 (bsc#1262019). * scsi: lpfc: Update log message when ndlp kref get is unsuccessful (bsc#1262019). * scsi: lpfc: Update lpfc version to 14.4.0.14 (bsc#1262019). * scsi: lpfc: Update lpfc version to 15.0.0.0 (bsc#1262019). * scsi: lpfc: Update outdated comment for renamed lpfc_freenode() (bsc#1262019). * scsi: lpfc: Use min_t() instead of min() in lpfc_sli4_driver_resource_setup (bsc#1262019). * scsi: lpfc: Use the crc32c() function (bsc#1262019). * scsi: mpi3mr: Add NULL checks when resetting request and reply queues (git- fixes). * scsi: ses: Fix devices attaching to different hosts (git-fixes). * scsi: storvsc: Handle PERSISTENT_RESERVE_IN truncation for Hyper-V vFC (git- fixes). * scsi: target: iscsi: validate CHAP_R length before base64 decode (bsc#1265449). * scsi: ufs: ufs-pci: Add support for Intel Wildcat Lake (jsc#PED-13771). * selftests/bpf: Test cross-sign 64bits range refinement (git-fixes). * selftests/bpf: Test invariants on JSLT crossing sign (git-fixes). * selftests/bpf: test refining u32/s32 bounds when ranges cross min/max boundary (git-fixes). * selftests: net: build net/lib dependency in all target (bsc#1262245). * selinux: don't reserve xattr slot when we won't fill it (stable-fixes). * selinux: prune /sys/fs/selinux/disable (stable-fixes). * selinux: shrink critical section in sel_write_load() (stable-fixes). * serial: 8250: Add serial8250_handle_irq_locked() (bsc#1262480). * serial: 8250: Protect LCR write in shutdown (bsc#1262480). * serial: 8250_dw: Avoid unnecessary LCR writes (bsc#1262480). * serial: 8250_dw: Ensure BUSY is deasserted (bsc#1262480). * serial: 8250_dw: Rework dw8250_handle_irq() locking and IIR handling (bsc#1262480). * serial: 8250_dw: Rework IIR_NO_INT handling to stop interrupt storm (bsc#1262480). * Set CONFIG_INTEL_TSX_MODE to follow upstream AUTO default (bsc#1263044). * soc/tegra: cbb: Set ERD on resume for err interrupt (git-fixes). * soc: qcom: aoss: compare against normalized cooling state (git-fixes). * soc: qcom: llcc: fix v1 SB syndrome register offset (git-fixes). * soc: qcom: ocmem: make the core clock optional (git-fixes). * soc: qcom: ocmem: register reasons for probe deferrals (git-fixes). * soc: qcom: ocmem: return -EPROBE_DEFER is ocmem is not available (git- fixes). * sound: ua101: fix division by zero at probe (git-fixes). * soundwire: bus: demote UNATTACHED state warnings to dev_dbg() (git-fixes). * soundwire: cadence: Clear message complete before signaling waiting thread (git-fixes). * soundwire: debugfs: initialize firmware_file to empty string (git-fixes). * spi: aspeed-smc: fix controller deregistration (git-fixes). * spi: at91-usart: fix controller deregistration (git-fixes). * spi: atmel: fix controller deregistration (git-fixes). * spi: bcm63xx: fix controller deregistration (git-fixes). * spi: bcmbca-hsspi: fix controller deregistration (git-fixes). * spi: cadence: fix controller deregistration (git-fixes). * spi: cadence: fix unclocked access on unbind (git-fixes). * spi: ch341: fix memory leaks on probe failures (git-fixes). * spi: coldfire-qspi: fix controller deregistration (git-fixes). * spi: dln2: fix controller deregistration (git-fixes). * spi: fix controller cleanup() documentation (git-fixes). * spi: fix misleading controller deregistration kernel-doc (git-fixes). * spi: fix misleading controller registration kernel-doc (git-fixes). * spi: fsl-espi: fix controller deregistration (git-fixes). * spi: fsl-qspi: Use reinit_completion() for repeated operations (git-fixes). * spi: fsl: fix controller deregistration (git-fixes). * spi: hisi-kunpeng: prevent infinite while() loop in hisi_spi_flush_fifo (git-fixes). * spi: img-spfi: fix controller deregistration (git-fixes). * spi: imx: fix runtime pm leak on probe deferral (git-fixes). * spi: imx: fix use-after-free on unbind (git-fixes). * spi: lantiq-ssc: fix controller deregistration (git-fixes). * spi: meson-spicc: fix controller deregistration (git-fixes). * spi: microchip-core-qspi: fix controller deregistration (git-fixes). * spi: mpc52xx: fix controller deregistration (git-fixes). * spi: mpc52xx: fix use-after-free on registration failure (git-fixes). * spi: mpc52xx: fix use-after-free on unbind (git-fixes). * spi: mtk-nor: fix controller deregistration (git-fixes). * spi: mtk-snfi: fix memory leak in probe (git-fixes). * spi: mtk-snfi: unregister ECC engine on probe failure and remove() callback (git-fixes). * spi: mxic: fix controller deregistration (git-fixes). * spi: mxs: fix controller deregistration (git-fixes). * spi: npcm-pspi: fix controller deregistration (git-fixes). * spi: omap2-mcspi: fix controller deregistration (git-fixes). * spi: orion: fix clock imbalance on registration failure (git-fixes). * spi: orion: fix controller deregistration (git-fixes). * spi: orion: fix runtime pm leak on unbind (git-fixes). * spi: pic32-sqi: fix controller deregistration (git-fixes). * spi: pic32: fix controller deregistration (git-fixes). * spi: pl022: fix controller deregistration (git-fixes). * spi: qup: fix controller deregistration (git-fixes). * spi: rockchip: fix controller deregistration (git-fixes). * spi: rockchip: Read ISR, not IMR, to detect cs-inactive IRQ (git-fixes). * spi: rspi: fix controller deregistration (git-fixes). * spi: s3c64xx: fix controller deregistration (git-fixes). * spi: s3c64xx: fix NULL-deref on driver unbind (git-fixes). * spi: sh-hspi: fix controller deregistration (git-fixes). * spi: sprd: fix controller deregistration (git-fixes). * spi: st-ssc4: fix controller deregistration (git-fixes). * spi: sun4i: fix controller deregistration (git-fixes). * spi: sun6i: fix controller deregistration (git-fixes). * spi: syncuacer: fix controller deregistration (git-fixes). * spi: ti-qspi: fix controller deregistration (git-fixes). * spi: topcliff-pch: fix controller deregistration (git-fixes). * spi: topcliff-pch: fix use-after-free on unbind (git-fixes). * spi: uniphier: fix controller deregistration (git-fixes). * spi: uniphier: Simplify clock handling with devm_clk_get_enabled() (stable- fixes). * spi: zynq-qspi: fix controller deregistration (git-fixes). * spi: zynq-qspi: Simplify clock handling with devm_clk_get_enabled() (stable- fixes). * spi: zynqmp-gqspi: fix controller deregistration (git-fixes). * staging: media: atomisp: Disallow all private IOCTLs (git-fixes). * staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify() (git-fixes). * staging: sm750fb: fix division by zero in ps_to_hz() (git-fixes). * staging: vme_user: fix root device leak on init failure (git-fixes). * tg3: replace placeholder MAC address with device property (git-fixes). * thermal/drivers/spear: Fix error condition for reading st,thermal-flags (git-fixes). * thermal/drivers/sprd: Fix raw temperature clamping in sprd_thm_rawdata_to_temp (git-fixes). * thermal/drivers/sprd: Fix temperature clamping in sprd_thm_temp_to_rawdata (git-fixes). * tools/power/turbostat: Fix microcode patch level output for AMD/Hygon (git- fixes). * tools: hv: Fix cross-compilation (git-fixes). * tpm2-sessions: Fix missing tpm_buf_destroy() in tpm2_read_public() (git- fixes). * tpm: avoid -Wunused-but-set-variable (git-fixes). * tpm: Fix auth session leak in tpm2_get_random() error path (git-fixes). * tpm: tpm_tis: add error logging for data transfer (git-fixes). * tpm: tpm_tis: stop transmit if retries are exhausted (git-fixes). * tpm: Use kfree_sensitive() to free auth session in tpm_dev_release() (git- fixes). * tty: serial: ip22zilog: Fix section mispatch warning (git-fixes). * udp: Force compute_score to always inline (bsc#1241259). * unshare: fix unshare_fs() handling (git-fixes). * USB: cdc-acm: Add quirks for Yoga Book 9 14IAH10 INGENIC touchscreen (git- fixes). * usb: chipidea: core: allow ci_irq_handler() handle both ID and VBUS change (git-fixes). * usb: chipidea: otg: not wait vbus drop if use role_switch (git-fixes). * USB: core: add NO_LPM quirk for Razer Kiyo Pro webcam (stable-fixes). * usb: gadget: dummy_hcd: fix premature URB completion when ZLP follows partial transfer (stable-fixes). * usb: gadget: f_hid: Add missing error code (git-fixes). * usb: gadget: f_hid: don't call cdev_init while cdev in use (git-fixes). * usb: gadget: f_hid: move list and spinlock inits from bind to alloc (stable- fixes). * usb: gadget: f_ncm: validate minimum block_len in ncm_unwrap_ntb() (git- fixes). * usb: gadget: f_phonet: fix skb frags[] overflow in pn_rx_complete() (git- fixes). * usb: gadget: f_uac1_legacy: validate control request size (stable-fixes). * usb: gadget: renesas_usb3: validate endpoint index in standard request handlers (git-fixes). * usb: gadget: u_ether: Fix NULL pointer deref in eth_get_drvinfo (git-fixes). * USB: omap_udc: DMA: Don't enable burst 4 mode (git-fixes). * usb: port: add delay after usb_hub_set_port_power() (git-fixes). * usb: quirks: add DELAY_INIT quirk for another Silicon Motion flash drive (stable-fixes). * USB: serial: io_edgeport: add support for Blackbox IC135A (stable-fixes). * USB: serial: option: add MeiG Smart SRM825WN (stable-fixes). * USB: serial: option: add support for Rolling Wireless RW135R-GL (stable- fixes). * USB: serial: option: add Telit Cinterion FN990A MBIM composition (git- fixes). * USB: serial: option: add Telit Cinterion LE910Cx compositions (stable- fixes). * usb: storage: Expand range of matched versions for VL817 quirks entry (git- fixes). * usb: typec: tcpm: reset internal port states on soft reset AMS (git-fixes). * usb: ulpi: fix memory leak on ulpi_register() error paths (git-fixes). * usb: usblp: fix heap leak in IEEE 1284 device ID via short response (stable- fixes). * usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl (stable- fixes). * usb: xhci: Make usb_host_endpoint.hcpriv survive endpoint_disable() (git- fixes). * usbip: validate number_of_packets in usbip_pack_ret_submit() (git-fixes). * vfio/pci: Lock upstream bridge for vfio_pci_core_disable() (git-fixes). * vfio/pds: Fix memory leak in pds_vfio_dirty_enable() (git-fixes). * vfio/pds: Fix missing detach_ioas op (git-fixes). * vfio/pds: replace bitmap_free with vfree (git-fixes). * vfio/type1: Fix error unwind in migration dirty bitmap allocation (git- fixes). * vfio: Fix unbalanced vfio_df_close call in no-iommu mode (git-fixes). * vfio: Prevent open_count decrement to negative (git-fixes). * virt: arm-cca-guest: fix error check for RSI_INCOMPLETE (git-fixes). * virt: sev-guest: Do not use host-controlled page order in cleanup path (git- fixes). * virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (git- fixes). * virt: tdx-guest: Return error for GetQuote failures (git-fixes). * wifi: ath5k: do not access array OOB (git-fixes). * wifi: ath9k: Fix typo (git-fixes). * wifi: ath10k: fix station lookup failure during disconnect (git-fixes). * wifi: ath11k: fix memory leaks in beacon template setup (git-fixes). * wifi: ath12k: fix leak in some ath12k_wmi_xxx() functions (git-fixes). * wifi: ath12k: use lockdep_assert_in_rcu_read_lock() for RCU assertions (git- fixes). * wifi: b43: enforce bounds check on firmware key index in b43_rx() (git- fixes). * wifi: b43legacy: enforce bounds check on firmware key index in RX path (git- fixes). * wifi: brcmfmac: Fix error pointer dereference (git-fixes). * wifi: brcmfmac: Fix potential use-after-free issue when stopping watchdog task (git-fixes). * wifi: brcmfmac: validate bsscfg indices in IF events (stable-fixes). * wifi: brcmsmac: Fix dma_free_coherent() size (git-fixes). * wifi: cw1200: Revert "Fix locking in error paths" (git-fixes). * wifi: libertas: notify firmware load wait on disconnect (git-fixes). * wifi: mac80211: check ieee80211_rx_data_set_link return in pubsta MLO path (git-fixes). * wifi: mac80211: check tdls flag in ieee80211_tdls_oper (stable-fixes). * wifi: mac80211: drop stray 'static' from fast-RX rx_result (git-fixes). * wifi: mac80211: handle VHT EXT NSS in ieee80211_determine_our_sta_mode() (git-fixes). * wifi: mac80211: remove station if connection prep fails (git-fixes). * wifi: mac80211: use safe list iteration in radar detect work (git-fixes). * wifi: mt76: Fix memory leak after mt76_connac_mcu_alloc_sta_req() (git- fixes). * wifi: mt76: mt792x: describe USB WFSYS reset with a descriptor (stable- fixes). * wifi: mt76: mt792x: fix mt7925u USB WFSYS reset handling (git-fixes). * wifi: mt76: mt7615: fix use_cts_prot support (git-fixes). * wifi: mt76: mt7915: fix use-after-free bugs in mt7915_mac_dump_work() (git- fixes). * wifi: mt76: mt7915: fix use_cts_prot support (git-fixes). * wifi: mt76: mt7921: fix 6GHz regulatory update on connection (git-fixes). * wifi: mt76: mt7921: fix a potential clc buffer length underflow (git-fixes). * wifi: mt76: mt7921: fix ROC abort flow interruption in mt7921_roc_work (git- fixes). * wifi: mt76: mt7921: Place upper limit on station AID (git-fixes). * wifi: mt76: mt7921: Reset ampdu_state state in case of failure in mt76_connac2_tx_check_aggr() (git-fixes). * wifi: mt76: mt7925: fix AMPDU state handling in mt7925_tx_check_aggr (git- fixes). * wifi: mt76: mt7925: fix incorrect length field in txpower command (git- fixes). * wifi: mt76: mt7925: Fix incorrect MLO mode in firmware control (git-fixes). * wifi: mt76: mt7925: fix incorrect TLV length in CLC command (git-fixes). * wifi: mt76: mt7925: prevent NULL pointer dereference in mt7925_tx_check_aggr() (git-fixes). * wifi: mt76: mt7925: prevent NULL vif dereference in mt7925_mac_write_txwi (git-fixes). * wifi: mt76: mt7996: fix FCS error flag check in RX descriptor (git-fixes). * wifi: mt76: mt7996: fix struct mt7996_mcu_uni_event (git-fixes). * wifi: mt76: mt7996: fix use-after-free bugs in mt7996_mac_dump_work() (git- fixes). * wifi: mwifiex: Fix memory leak in mwifiex_11n_aggregate_pkt() (git-fixes). * wifi: nl80211: fix NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST usage (git- fixes). * wifi: nl80211: require admin perm on SET_PMK / DEL_PMK (git-fixes). * wifi: rsi: fix kthread lifetime race between self-exit and external-stop (git-fixes). * wifi: rt2x00usb: fix devres lifetime (git-fixes). * wifi: rtl8xxxu: fix potential use of uninitialized value (git-fixes). * wifi: rtlwifi: pci: fix possible use-after-free caused by unfinished irq_prepare_bcn_tasklet (git-fixes). * wifi: rtw88: Add additional USB IDs for RTL8812BU (bsc#1263135). * wifi: rtw88: Add BUFFALO WI-U3-866DHP to the USB ID list (bsc#1263135). * wifi: rtw88: Add support for Mercusys MA30N and D-Link DWA-T185 rev. A1 (bsc#1263135). * wifi: rtw88: check for PCI upstream bridge existence (git-fixes). * wifi: rtw88: fix device leak on probe failure (git-fixes). * wifi: rtw88: rtw8822bu VID/PID for BUFFALO WI-U2-866DM (bsc#1263135). * wifi: rtw89: phy: fix uninitialized variable access in rtw89_phy_cfo_set_crystal_cap() (git-fixes). * wifi: wl1251: validate packet IDs before indexing tx_frames (stable-fixes). * x86/acpi/boot: Correct acpi_is_processor_usable() check again (git-fixes). * x86/boot/sev: Avoid shared GHCB page for early memory acceptance (git- fixes). * x86/boot/sev: Support memory acceptance in the EFI stub under SVSM (git- fixes). * x86/boot: Fix page table access in 5-level to 4-level paging transition (git-fixes). * x86/CPU/AMD: Add X86_FEATURE_ZEN6 (bsc#1263255). * x86/cpufeatures: Free up unused feature bits (bsc#1263255). * x86/fred: Fix early boot failures on SEV-ES/SNP guests (git-fixes). * x86/mtrr: Check if fixed-range MTRRs exist in mtrr_save_fixed_ranges() (git- fixes). * x86/sev: Add missing RIP_REL_REF() invocations during sme_enable() (git- fixes). * x86/sev: Do not touch VMSA pages during SNP guest memory kdump (git-fixes). * x86/sev: Ensure SVSM reserved fields in a page validation entry are initialized to zero (git-fixes). * x86/sev: Fix operator precedence in GHCB_MSR_VMPL_REQ_LEVEL macro (git- fixes). * x86/sev: Improve handling of writes to intercepted TSC MSRs (git-fixes). * x86/sev: Make sure pages are not skipped during kdump (git-fixes). * x86/tsx: Get the tsx= command line parameter with early_param() (bsc#1250951 bsc#1263044). * x86/tsx: Make tsx_ctrl_state static (bsc#1250951 bsc#1263044). * x86/vmware: Parse MP tables for SEV-SNP enabled guests under VMware hypervisors (git-fixes). * X.509: Fix out-of-bounds access when parsing extensions (git-fixes). * Xarray: do not return sibling entries from xas_find_marked() (bsc#1263815). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server High Availability Extension 16.0 zypper in -t patch SUSE-SLES-HA-16.0-814=1 ## Package List: * SUSE Linux Enterprise Server High Availability Extension 16.0 (ppc64le s390x x86_64) * cluster-md-kmp-default-debuginfo-6.12.0-160000.33.1 * gfs2-kmp-default-6.12.0-160000.33.1 * gfs2-kmp-default-debuginfo-6.12.0-160000.33.1 * kernel-default-debuginfo-6.12.0-160000.33.1 * kernel-default-debugsource-6.12.0-160000.33.1 * cluster-md-kmp-default-6.12.0-160000.33.1 * dlm-kmp-default-debuginfo-6.12.0-160000.33.1 * dlm-kmp-default-6.12.0-160000.33.1 * SUSE Linux Enterprise Server High Availability Extension 16.0 (nosrc) * kernel-default-6.12.0-160000.33.1 ## References: * https://www.suse.com/security/cve/CVE-2023-2058.html * https://www.suse.com/security/cve/CVE-2024-14027.html * https://www.suse.com/security/cve/CVE-2025-40181.html * https://www.suse.com/security/cve/CVE-2025-40219.html * https://www.suse.com/security/cve/CVE-2025-68265.html * https://www.suse.com/security/cve/CVE-2025-68310.html * https://www.suse.com/security/cve/CVE-2025-71238.html * https://www.suse.com/security/cve/CVE-2025-71268.html * https://www.suse.com/security/cve/CVE-2025-71269.html * https://www.suse.com/security/cve/CVE-2025-71302.html * https://www.suse.com/security/cve/CVE-2026-23168.html * https://www.suse.com/security/cve/CVE-2026-23209.html * https://www.suse.com/security/cve/CVE-2026-23236.html * https://www.suse.com/security/cve/CVE-2026-23237.html * https://www.suse.com/security/cve/CVE-2026-23245.html * https://www.suse.com/security/cve/CVE-2026-23246.html * https://www.suse.com/security/cve/CVE-2026-23253.html * https://www.suse.com/security/cve/CVE-2026-23260.html * https://www.suse.com/security/cve/CVE-2026-23261.html * https://www.suse.com/security/cve/CVE-2026-23264.html * https://www.suse.com/security/cve/CVE-2026-23266.html * https://www.suse.com/security/cve/CVE-2026-23268.html * https://www.suse.com/security/cve/CVE-2026-23269.html * https://www.suse.com/security/cve/CVE-2026-23271.html * https://www.suse.com/security/cve/CVE-2026-23273.html * https://www.suse.com/security/cve/CVE-2026-23276.html * https://www.suse.com/security/cve/CVE-2026-23279.html * https://www.suse.com/security/cve/CVE-2026-23290.html * https://www.suse.com/security/cve/CVE-2026-23291.html * https://www.suse.com/security/cve/CVE-2026-23298.html * https://www.suse.com/security/cve/CVE-2026-23300.html * https://www.suse.com/security/cve/CVE-2026-23307.html * https://www.suse.com/security/cve/CVE-2026-23312.html * https://www.suse.com/security/cve/CVE-2026-23313.html * https://www.suse.com/security/cve/CVE-2026-23315.html * https://www.suse.com/security/cve/CVE-2026-23316.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-23318.html * https://www.suse.com/security/cve/CVE-2026-23321.html * https://www.suse.com/security/cve/CVE-2026-23324.html * https://www.suse.com/security/cve/CVE-2026-23325.html * https://www.suse.com/security/cve/CVE-2026-23334.html * https://www.suse.com/security/cve/CVE-2026-23336.html * https://www.suse.com/security/cve/CVE-2026-23339.html * https://www.suse.com/security/cve/CVE-2026-23340.html * https://www.suse.com/security/cve/CVE-2026-23346.html * https://www.suse.com/security/cve/CVE-2026-23347.html * https://www.suse.com/security/cve/CVE-2026-23351.html * https://www.suse.com/security/cve/CVE-2026-23354.html * https://www.suse.com/security/cve/CVE-2026-23357.html * https://www.suse.com/security/cve/CVE-2026-23360.html * https://www.suse.com/security/cve/CVE-2026-23362.html * https://www.suse.com/security/cve/CVE-2026-23363.html * https://www.suse.com/security/cve/CVE-2026-23365.html * https://www.suse.com/security/cve/CVE-2026-23367.html * https://www.suse.com/security/cve/CVE-2026-23368.html * https://www.suse.com/security/cve/CVE-2026-23369.html * https://www.suse.com/security/cve/CVE-2026-23370.html * https://www.suse.com/security/cve/CVE-2026-23372.html * https://www.suse.com/security/cve/CVE-2026-23373.html * https://www.suse.com/security/cve/CVE-2026-23374.html * https://www.suse.com/security/cve/CVE-2026-23375.html * https://www.suse.com/security/cve/CVE-2026-23378.html * https://www.suse.com/security/cve/CVE-2026-23382.html * https://www.suse.com/security/cve/CVE-2026-23387.html * https://www.suse.com/security/cve/CVE-2026-23391.html * https://www.suse.com/security/cve/CVE-2026-23392.html * https://www.suse.com/security/cve/CVE-2026-23395.html * https://www.suse.com/security/cve/CVE-2026-23396.html * https://www.suse.com/security/cve/CVE-2026-23397.html * https://www.suse.com/security/cve/CVE-2026-23399.html * https://www.suse.com/security/cve/CVE-2026-23401.html * https://www.suse.com/security/cve/CVE-2026-23403.html * https://www.suse.com/security/cve/CVE-2026-23404.html * https://www.suse.com/security/cve/CVE-2026-23405.html * https://www.suse.com/security/cve/CVE-2026-23406.html * https://www.suse.com/security/cve/CVE-2026-23407.html * https://www.suse.com/security/cve/CVE-2026-23408.html * https://www.suse.com/security/cve/CVE-2026-23409.html * https://www.suse.com/security/cve/CVE-2026-23410.html * https://www.suse.com/security/cve/CVE-2026-23411.html * https://www.suse.com/security/cve/CVE-2026-23417.html * https://www.suse.com/security/cve/CVE-2026-23418.html * https://www.suse.com/security/cve/CVE-2026-23420.html * https://www.suse.com/security/cve/CVE-2026-23426.html * https://www.suse.com/security/cve/CVE-2026-23434.html * https://www.suse.com/security/cve/CVE-2026-23436.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-23440.html * https://www.suse.com/security/cve/CVE-2026-23441.html * https://www.suse.com/security/cve/CVE-2026-23442.html * https://www.suse.com/security/cve/CVE-2026-23443.html * https://www.suse.com/security/cve/CVE-2026-23445.html * https://www.suse.com/security/cve/CVE-2026-23446.html * https://www.suse.com/security/cve/CVE-2026-23447.html * https://www.suse.com/security/cve/CVE-2026-23448.html * https://www.suse.com/security/cve/CVE-2026-23449.html * https://www.suse.com/security/cve/CVE-2026-23450.html * https://www.suse.com/security/cve/CVE-2026-23452.html * https://www.suse.com/security/cve/CVE-2026-23454.html * https://www.suse.com/security/cve/CVE-2026-23455.html * https://www.suse.com/security/cve/CVE-2026-23456.html * https://www.suse.com/security/cve/CVE-2026-23457.html * https://www.suse.com/security/cve/CVE-2026-23458.html * https://www.suse.com/security/cve/CVE-2026-23460.html * https://www.suse.com/security/cve/CVE-2026-23461.html * https://www.suse.com/security/cve/CVE-2026-23462.html * https://www.suse.com/security/cve/CVE-2026-23463.html * https://www.suse.com/security/cve/CVE-2026-23464.html * https://www.suse.com/security/cve/CVE-2026-23465.html * https://www.suse.com/security/cve/CVE-2026-23466.html * https://www.suse.com/security/cve/CVE-2026-23468.html * https://www.suse.com/security/cve/CVE-2026-23470.html * https://www.suse.com/security/cve/CVE-2026-23472.html * https://www.suse.com/security/cve/CVE-2026-23473.html * https://www.suse.com/security/cve/CVE-2026-23474.html * https://www.suse.com/security/cve/CVE-2026-23475.html * https://www.suse.com/security/cve/CVE-2026-31389.html * https://www.suse.com/security/cve/CVE-2026-31392.html * https://www.suse.com/security/cve/CVE-2026-31393.html * https://www.suse.com/security/cve/CVE-2026-31394.html * https://www.suse.com/security/cve/CVE-2026-31395.html * https://www.suse.com/security/cve/CVE-2026-31400.html * https://www.suse.com/security/cve/CVE-2026-31402.html * https://www.suse.com/security/cve/CVE-2026-31403.html * https://www.suse.com/security/cve/CVE-2026-31405.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-31407.html * https://www.suse.com/security/cve/CVE-2026-31408.html * https://www.suse.com/security/cve/CVE-2026-31411.html * https://www.suse.com/security/cve/CVE-2026-31412.html * https://www.suse.com/security/cve/CVE-2026-31415.html * https://www.suse.com/security/cve/CVE-2026-31416.html * https://www.suse.com/security/cve/CVE-2026-31417.html * https://www.suse.com/security/cve/CVE-2026-31420.html * https://www.suse.com/security/cve/CVE-2026-31421.html * https://www.suse.com/security/cve/CVE-2026-31422.html * https://www.suse.com/security/cve/CVE-2026-31423.html * https://www.suse.com/security/cve/CVE-2026-31424.html * https://www.suse.com/security/cve/CVE-2026-31425.html * https://www.suse.com/security/cve/CVE-2026-31426.html * https://www.suse.com/security/cve/CVE-2026-31427.html * https://www.suse.com/security/cve/CVE-2026-31428.html * https://www.suse.com/security/cve/CVE-2026-31435.html * https://www.suse.com/security/cve/CVE-2026-31449.html * https://www.suse.com/security/cve/CVE-2026-31453.html * https://www.suse.com/security/cve/CVE-2026-31456.html * https://www.suse.com/security/cve/CVE-2026-31470.html * https://www.suse.com/security/cve/CVE-2026-31494.html * https://www.suse.com/security/cve/CVE-2026-31496.html * https://www.suse.com/security/cve/CVE-2026-31503.html * https://www.suse.com/security/cve/CVE-2026-31504.html * https://www.suse.com/security/cve/CVE-2026-31505.html * https://www.suse.com/security/cve/CVE-2026-31507.html * https://www.suse.com/security/cve/CVE-2026-31515.html * https://www.suse.com/security/cve/CVE-2026-31519.html * https://www.suse.com/security/cve/CVE-2026-31525.html * https://www.suse.com/security/cve/CVE-2026-31526.html * https://www.suse.com/security/cve/CVE-2026-31528.html * https://www.suse.com/security/cve/CVE-2026-31533.html * https://www.suse.com/security/cve/CVE-2026-31547.html * https://www.suse.com/security/cve/CVE-2026-31550.html * https://www.suse.com/security/cve/CVE-2026-31554.html * https://www.suse.com/security/cve/CVE-2026-31565.html * https://www.suse.com/security/cve/CVE-2026-31579.html * https://www.suse.com/security/cve/CVE-2026-31586.html * https://www.suse.com/security/cve/CVE-2026-31588.html * https://www.suse.com/security/cve/CVE-2026-31644.html * https://www.suse.com/security/cve/CVE-2026-31649.html * https://www.suse.com/security/cve/CVE-2026-31658.html * https://www.suse.com/security/cve/CVE-2026-31662.html * https://www.suse.com/security/cve/CVE-2026-31666.html * https://www.suse.com/security/cve/CVE-2026-31668.html * https://www.suse.com/security/cve/CVE-2026-31669.html * https://www.suse.com/security/cve/CVE-2026-31675.html * https://www.suse.com/security/cve/CVE-2026-31678.html * https://www.suse.com/security/cve/CVE-2026-31679.html * https://www.suse.com/security/cve/CVE-2026-31681.html * https://www.suse.com/security/cve/CVE-2026-31682.html * https://www.suse.com/security/cve/CVE-2026-31684.html * https://www.suse.com/security/cve/CVE-2026-31685.html * https://www.suse.com/security/cve/CVE-2026-31691.html * https://www.suse.com/security/cve/CVE-2026-31694.html * https://www.suse.com/security/cve/CVE-2026-31700.html * https://www.suse.com/security/cve/CVE-2026-31738.html * https://www.suse.com/security/cve/CVE-2026-31787.html * https://www.suse.com/security/cve/CVE-2026-43009.html * https://www.suse.com/security/cve/CVE-2026-43025.html * https://www.suse.com/security/cve/CVE-2026-43027.html * https://www.suse.com/security/cve/CVE-2026-43037.html * https://www.suse.com/security/cve/CVE-2026-43038.html * https://www.suse.com/security/cve/CVE-2026-43045.html * https://www.suse.com/security/cve/CVE-2026-43050.html * https://www.suse.com/security/cve/CVE-2026-43060.html * https://www.suse.com/security/cve/CVE-2026-43082.html * https://www.suse.com/security/cve/CVE-2026-43088.html * https://www.suse.com/security/cve/CVE-2026-43153.html * https://www.suse.com/security/cve/CVE-2026-43190.html * https://www.suse.com/security/cve/CVE-2026-43265.html * https://www.suse.com/security/cve/CVE-2026-43329.html * https://www.suse.com/security/cve/CVE-2026-43365.html * https://www.suse.com/security/cve/CVE-2026-43366.html * https://www.suse.com/security/cve/CVE-2026-43441.html * https://www.suse.com/security/cve/CVE-2026-43494.html * https://www.suse.com/security/cve/CVE-2026-43503.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1234634 * https://bugzilla.suse.com/show_bug.cgi?id=1241259 * https://bugzilla.suse.com/show_bug.cgi?id=1243603 * https://bugzilla.suse.com/show_bug.cgi?id=1248754 * https://bugzilla.suse.com/show_bug.cgi?id=1249104 * https://bugzilla.suse.com/show_bug.cgi?id=1250951 * https://bugzilla.suse.com/show_bug.cgi?id=1253471 * https://bugzilla.suse.com/show_bug.cgi?id=1254518 * https://bugzilla.suse.com/show_bug.cgi?id=1255160 * https://bugzilla.suse.com/show_bug.cgi?id=1255360 * https://bugzilla.suse.com/show_bug.cgi?id=1255459 * https://bugzilla.suse.com/show_bug.cgi?id=1255752 * https://bugzilla.suse.com/show_bug.cgi?id=1256288 * https://bugzilla.suse.com/show_bug.cgi?id=1256865 * https://bugzilla.suse.com/show_bug.cgi?id=1256867 * https://bugzilla.suse.com/show_bug.cgi?id=1258518 * https://bugzilla.suse.com/show_bug.cgi?id=1258718 * https://bugzilla.suse.com/show_bug.cgi?id=1258826 * https://bugzilla.suse.com/show_bug.cgi?id=1258849 * https://bugzilla.suse.com/show_bug.cgi?id=1258850 * https://bugzilla.suse.com/show_bug.cgi?id=1258854 * https://bugzilla.suse.com/show_bug.cgi?id=1258855 * https://bugzilla.suse.com/show_bug.cgi?id=1258856 * https://bugzilla.suse.com/show_bug.cgi?id=1258857 * https://bugzilla.suse.com/show_bug.cgi?id=1258933 * https://bugzilla.suse.com/show_bug.cgi?id=1258961 * https://bugzilla.suse.com/show_bug.cgi?id=1259186 * https://bugzilla.suse.com/show_bug.cgi?id=1259199 * https://bugzilla.suse.com/show_bug.cgi?id=1259222 * https://bugzilla.suse.com/show_bug.cgi?id=1259420 * https://bugzilla.suse.com/show_bug.cgi?id=1259461 * https://bugzilla.suse.com/show_bug.cgi?id=1259535 * https://bugzilla.suse.com/show_bug.cgi?id=1259672 * https://bugzilla.suse.com/show_bug.cgi?id=1259799 * https://bugzilla.suse.com/show_bug.cgi?id=1259806 * https://bugzilla.suse.com/show_bug.cgi?id=1259857 * https://bugzilla.suse.com/show_bug.cgi?id=1259865 * https://bugzilla.suse.com/show_bug.cgi?id=1259868 * https://bugzilla.suse.com/show_bug.cgi?id=1259869 * https://bugzilla.suse.com/show_bug.cgi?id=1259871 * https://bugzilla.suse.com/show_bug.cgi?id=1259873 * https://bugzilla.suse.com/show_bug.cgi?id=1259878 * https://bugzilla.suse.com/show_bug.cgi?id=1259889 * https://bugzilla.suse.com/show_bug.cgi?id=1259994 * https://bugzilla.suse.com/show_bug.cgi?id=1260010 * https://bugzilla.suse.com/show_bug.cgi?id=1260012 * https://bugzilla.suse.com/show_bug.cgi?id=1260018 * https://bugzilla.suse.com/show_bug.cgi?id=1260428 * https://bugzilla.suse.com/show_bug.cgi?id=1260468 * https://bugzilla.suse.com/show_bug.cgi?id=1260483 * https://bugzilla.suse.com/show_bug.cgi?id=1260484 * https://bugzilla.suse.com/show_bug.cgi?id=1260485 * https://bugzilla.suse.com/show_bug.cgi?id=1260489 * https://bugzilla.suse.com/show_bug.cgi?id=1260504 * https://bugzilla.suse.com/show_bug.cgi?id=1260505 * https://bugzilla.suse.com/show_bug.cgi?id=1260507 * https://bugzilla.suse.com/show_bug.cgi?id=1260514 * https://bugzilla.suse.com/show_bug.cgi?id=1260523 * https://bugzilla.suse.com/show_bug.cgi?id=1260526 * https://bugzilla.suse.com/show_bug.cgi?id=1260528 * https://bugzilla.suse.com/show_bug.cgi?id=1260529 * https://bugzilla.suse.com/show_bug.cgi?id=1260530 * https://bugzilla.suse.com/show_bug.cgi?id=1260531 * https://bugzilla.suse.com/show_bug.cgi?id=1260532 * https://bugzilla.suse.com/show_bug.cgi?id=1260533 * https://bugzilla.suse.com/show_bug.cgi?id=1260536 * https://bugzilla.suse.com/show_bug.cgi?id=1260537 * https://bugzilla.suse.com/show_bug.cgi?id=1260538 * https://bugzilla.suse.com/show_bug.cgi?id=1260541 * https://bugzilla.suse.com/show_bug.cgi?id=1260546 * https://bugzilla.suse.com/show_bug.cgi?id=1260549 * https://bugzilla.suse.com/show_bug.cgi?id=1260551 * https://bugzilla.suse.com/show_bug.cgi?id=1260552 * https://bugzilla.suse.com/show_bug.cgi?id=1260555 * https://bugzilla.suse.com/show_bug.cgi?id=1260561 * https://bugzilla.suse.com/show_bug.cgi?id=1260562 * https://bugzilla.suse.com/show_bug.cgi?id=1260566 * https://bugzilla.suse.com/show_bug.cgi?id=1260571 * https://bugzilla.suse.com/show_bug.cgi?id=1260572 * https://bugzilla.suse.com/show_bug.cgi?id=1260573 * https://bugzilla.suse.com/show_bug.cgi?id=1260576 * https://bugzilla.suse.com/show_bug.cgi?id=1260580 * https://bugzilla.suse.com/show_bug.cgi?id=1260581 * https://bugzilla.suse.com/show_bug.cgi?id=1260593 * https://bugzilla.suse.com/show_bug.cgi?id=1260613 * https://bugzilla.suse.com/show_bug.cgi?id=1260728 * https://bugzilla.suse.com/show_bug.cgi?id=1260729 * https://bugzilla.suse.com/show_bug.cgi?id=1260731 * https://bugzilla.suse.com/show_bug.cgi?id=1260798 * https://bugzilla.suse.com/show_bug.cgi?id=1260800 * https://bugzilla.suse.com/show_bug.cgi?id=1260801 * https://bugzilla.suse.com/show_bug.cgi?id=1260807 * https://bugzilla.suse.com/show_bug.cgi?id=1260811 * https://bugzilla.suse.com/show_bug.cgi?id=1260996 * https://bugzilla.suse.com/show_bug.cgi?id=1261020 * https://bugzilla.suse.com/show_bug.cgi?id=1261149 * https://bugzilla.suse.com/show_bug.cgi?id=1261287 * https://bugzilla.suse.com/show_bug.cgi?id=1261288 * https://bugzilla.suse.com/show_bug.cgi?id=1261295 * https://bugzilla.suse.com/show_bug.cgi?id=1261348 * https://bugzilla.suse.com/show_bug.cgi?id=1261410 * https://bugzilla.suse.com/show_bug.cgi?id=1261503 * https://bugzilla.suse.com/show_bug.cgi?id=1261504 * https://bugzilla.suse.com/show_bug.cgi?id=1261505 * https://bugzilla.suse.com/show_bug.cgi?id=1261550 * https://bugzilla.suse.com/show_bug.cgi?id=1261555 * https://bugzilla.suse.com/show_bug.cgi?id=1261581 * https://bugzilla.suse.com/show_bug.cgi?id=1261582 * https://bugzilla.suse.com/show_bug.cgi?id=1261584 * https://bugzilla.suse.com/show_bug.cgi?id=1261585 * https://bugzilla.suse.com/show_bug.cgi?id=1261592 * https://bugzilla.suse.com/show_bug.cgi?id=1261601 * https://bugzilla.suse.com/show_bug.cgi?id=1261602 * https://bugzilla.suse.com/show_bug.cgi?id=1261617 * https://bugzilla.suse.com/show_bug.cgi?id=1261618 * https://bugzilla.suse.com/show_bug.cgi?id=1261629 * https://bugzilla.suse.com/show_bug.cgi?id=1261632 * https://bugzilla.suse.com/show_bug.cgi?id=1261635 * https://bugzilla.suse.com/show_bug.cgi?id=1261636 * https://bugzilla.suse.com/show_bug.cgi?id=1261637 * https://bugzilla.suse.com/show_bug.cgi?id=1261638 * https://bugzilla.suse.com/show_bug.cgi?id=1261641 * https://bugzilla.suse.com/show_bug.cgi?id=1261644 * https://bugzilla.suse.com/show_bug.cgi?id=1261645 * https://bugzilla.suse.com/show_bug.cgi?id=1261648 * https://bugzilla.suse.com/show_bug.cgi?id=1261679 * https://bugzilla.suse.com/show_bug.cgi?id=1261685 * https://bugzilla.suse.com/show_bug.cgi?id=1261686 * https://bugzilla.suse.com/show_bug.cgi?id=1261687 * https://bugzilla.suse.com/show_bug.cgi?id=1261692 * https://bugzilla.suse.com/show_bug.cgi?id=1261694 * https://bugzilla.suse.com/show_bug.cgi?id=1261700 * https://bugzilla.suse.com/show_bug.cgi?id=1261702 * https://bugzilla.suse.com/show_bug.cgi?id=1261703 * https://bugzilla.suse.com/show_bug.cgi?id=1261707 * https://bugzilla.suse.com/show_bug.cgi?id=1261710 * https://bugzilla.suse.com/show_bug.cgi?id=1261713 * https://bugzilla.suse.com/show_bug.cgi?id=1261714 * https://bugzilla.suse.com/show_bug.cgi?id=1261719 * https://bugzilla.suse.com/show_bug.cgi?id=1261738 * https://bugzilla.suse.com/show_bug.cgi?id=1261750 * https://bugzilla.suse.com/show_bug.cgi?id=1261751 * https://bugzilla.suse.com/show_bug.cgi?id=1261752 * https://bugzilla.suse.com/show_bug.cgi?id=1261768 * https://bugzilla.suse.com/show_bug.cgi?id=1261778 * https://bugzilla.suse.com/show_bug.cgi?id=1261779 * https://bugzilla.suse.com/show_bug.cgi?id=1261780 * https://bugzilla.suse.com/show_bug.cgi?id=1261781 * https://bugzilla.suse.com/show_bug.cgi?id=1261786 * https://bugzilla.suse.com/show_bug.cgi?id=1261788 * https://bugzilla.suse.com/show_bug.cgi?id=1261789 * https://bugzilla.suse.com/show_bug.cgi?id=1261796 * https://bugzilla.suse.com/show_bug.cgi?id=1261797 * https://bugzilla.suse.com/show_bug.cgi?id=1261896 * https://bugzilla.suse.com/show_bug.cgi?id=1262019 * https://bugzilla.suse.com/show_bug.cgi?id=1262053 * https://bugzilla.suse.com/show_bug.cgi?id=1262054 * https://bugzilla.suse.com/show_bug.cgi?id=1262055 * https://bugzilla.suse.com/show_bug.cgi?id=1262061 * https://bugzilla.suse.com/show_bug.cgi?id=1262063 * https://bugzilla.suse.com/show_bug.cgi?id=1262074 * https://bugzilla.suse.com/show_bug.cgi?id=1262078 * https://bugzilla.suse.com/show_bug.cgi?id=1262086 * https://bugzilla.suse.com/show_bug.cgi?id=1262087 * https://bugzilla.suse.com/show_bug.cgi?id=1262099 * https://bugzilla.suse.com/show_bug.cgi?id=1262100 * https://bugzilla.suse.com/show_bug.cgi?id=1262101 * https://bugzilla.suse.com/show_bug.cgi?id=1262179 * https://bugzilla.suse.com/show_bug.cgi?id=1262181 * https://bugzilla.suse.com/show_bug.cgi?id=1262245 * https://bugzilla.suse.com/show_bug.cgi?id=1262250 * https://bugzilla.suse.com/show_bug.cgi?id=1262480 * https://bugzilla.suse.com/show_bug.cgi?id=1262601 * https://bugzilla.suse.com/show_bug.cgi?id=1262616 * https://bugzilla.suse.com/show_bug.cgi?id=1262617 * https://bugzilla.suse.com/show_bug.cgi?id=1262627 * https://bugzilla.suse.com/show_bug.cgi?id=1262662 * https://bugzilla.suse.com/show_bug.cgi?id=1262665 * https://bugzilla.suse.com/show_bug.cgi?id=1262671 * https://bugzilla.suse.com/show_bug.cgi?id=1262673 * https://bugzilla.suse.com/show_bug.cgi?id=1262709 * https://bugzilla.suse.com/show_bug.cgi?id=1262725 * https://bugzilla.suse.com/show_bug.cgi?id=1262731 * https://bugzilla.suse.com/show_bug.cgi?id=1262750 * https://bugzilla.suse.com/show_bug.cgi?id=1262752 * https://bugzilla.suse.com/show_bug.cgi?id=1262758 * https://bugzilla.suse.com/show_bug.cgi?id=1263001 * https://bugzilla.suse.com/show_bug.cgi?id=1263012 * https://bugzilla.suse.com/show_bug.cgi?id=1263018 * https://bugzilla.suse.com/show_bug.cgi?id=1263044 * https://bugzilla.suse.com/show_bug.cgi?id=1263048 * https://bugzilla.suse.com/show_bug.cgi?id=1263052 * https://bugzilla.suse.com/show_bug.cgi?id=1263064 * https://bugzilla.suse.com/show_bug.cgi?id=1263074 * https://bugzilla.suse.com/show_bug.cgi?id=1263077 * https://bugzilla.suse.com/show_bug.cgi?id=1263085 * https://bugzilla.suse.com/show_bug.cgi?id=1263093 * https://bugzilla.suse.com/show_bug.cgi?id=1263095 * https://bugzilla.suse.com/show_bug.cgi?id=1263104 * https://bugzilla.suse.com/show_bug.cgi?id=1263107 * https://bugzilla.suse.com/show_bug.cgi?id=1263131 * https://bugzilla.suse.com/show_bug.cgi?id=1263135 * https://bugzilla.suse.com/show_bug.cgi?id=1263138 * https://bugzilla.suse.com/show_bug.cgi?id=1263140 * https://bugzilla.suse.com/show_bug.cgi?id=1263141 * https://bugzilla.suse.com/show_bug.cgi?id=1263165 * https://bugzilla.suse.com/show_bug.cgi?id=1263176 * https://bugzilla.suse.com/show_bug.cgi?id=1263255 * https://bugzilla.suse.com/show_bug.cgi?id=1263556 * https://bugzilla.suse.com/show_bug.cgi?id=1263562 * https://bugzilla.suse.com/show_bug.cgi?id=1263582 * https://bugzilla.suse.com/show_bug.cgi?id=1263592 * https://bugzilla.suse.com/show_bug.cgi?id=1263593 * https://bugzilla.suse.com/show_bug.cgi?id=1263595 * https://bugzilla.suse.com/show_bug.cgi?id=1263596 * https://bugzilla.suse.com/show_bug.cgi?id=1263604 * https://bugzilla.suse.com/show_bug.cgi?id=1263668 * https://bugzilla.suse.com/show_bug.cgi?id=1263815 * https://bugzilla.suse.com/show_bug.cgi?id=1263882 * https://bugzilla.suse.com/show_bug.cgi?id=1263901 * https://bugzilla.suse.com/show_bug.cgi?id=1263931 * https://bugzilla.suse.com/show_bug.cgi?id=1263933 * https://bugzilla.suse.com/show_bug.cgi?id=1263942 * https://bugzilla.suse.com/show_bug.cgi?id=1263995 * https://bugzilla.suse.com/show_bug.cgi?id=1264014 * https://bugzilla.suse.com/show_bug.cgi?id=1264059 * https://bugzilla.suse.com/show_bug.cgi?id=1264082 * https://bugzilla.suse.com/show_bug.cgi?id=1264097 * https://bugzilla.suse.com/show_bug.cgi?id=1264183 * https://bugzilla.suse.com/show_bug.cgi?id=1264233 * https://bugzilla.suse.com/show_bug.cgi?id=1264427 * https://bugzilla.suse.com/show_bug.cgi?id=1264469 * https://bugzilla.suse.com/show_bug.cgi?id=1264586 * https://bugzilla.suse.com/show_bug.cgi?id=1264674 * https://bugzilla.suse.com/show_bug.cgi?id=1264837 * https://bugzilla.suse.com/show_bug.cgi?id=1264848 * https://bugzilla.suse.com/show_bug.cgi?id=1265085 * https://bugzilla.suse.com/show_bug.cgi?id=1265116 * https://bugzilla.suse.com/show_bug.cgi?id=1265119 * https://bugzilla.suse.com/show_bug.cgi?id=1265144 * https://bugzilla.suse.com/show_bug.cgi?id=1265308 * https://bugzilla.suse.com/show_bug.cgi?id=1265421 * https://bugzilla.suse.com/show_bug.cgi?id=1265449 * https://bugzilla.suse.com/show_bug.cgi?id=1265456 * https://bugzilla.suse.com/show_bug.cgi?id=1265626 * https://bugzilla.suse.com/show_bug.cgi?id=1265846 * https://bugzilla.suse.com/show_bug.cgi?id=1265960 * https://jira.suse.com/browse/PED-13771 * https://jira.suse.com/browse/PED-14156 * https://jira.suse.com/browse/PED-14238 * https://jira.suse.com/browse/PED-16113 * https://jira.suse.com/browse/PED-7912 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 1 20:43:43 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jun 2026 20:43:43 -0000 Subject: SUSE-SU-2026:2207-1: important: Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise 15 SP7) Message-ID: <178034662325.1034.4327239606203668236@cf67f1158b88> # Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise 15 SP7) Announcement ID: SUSE-SU-2026:2207-1 Release Date: 2026-06-01T15:33:50Z Rating: important References: * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.45 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2026-2207=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2208=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-2208=1 * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-2210=1 SUSE-SLE- Module-Live-Patching-15-SP7-2026-2209=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_299-default-4-2.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_24-debugsource-2-150600.2.1 * kernel-livepatch-6_4_0-150600_23_103-default-2-150600.2.1 * kernel-livepatch-6_4_0-150600_23_103-default-debuginfo-2-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_24-debugsource-2-150600.2.1 * kernel-livepatch-6_4_0-150600_23_103-default-2-150600.2.1 * kernel-livepatch-6_4_0-150600_23_103-default-debuginfo-2-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP7 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150700_53_45-default-2-150700.2.1 * kernel-livepatch-SLE15-SP7_Update_12-debugsource-3-150700.2.1 * kernel-livepatch-6_4_0-150700_53_40-default-3-150700.2.1 * kernel-livepatch-6_4_0-150700_53_40-default-debuginfo-3-150700.2.1 * kernel-livepatch-6_4_0-150700_53_45-default-debuginfo-2-150700.2.1 * kernel-livepatch-SLE15-SP7_Update_13-debugsource-2-150700.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 08:30:06 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 08:30:06 -0000 Subject: SUSE-SU-2026:2212-1: important: Security update for the Linux Kernel (Live Patch 39 for SUSE Linux Enterprise 15 SP5) Message-ID: <178038900626.1212.8259075947238410128@28a6f8bc0cea> # Security update for the Linux Kernel (Live Patch 39 for SUSE Linux Enterprise 15 SP5) Announcement ID: SUSE-SU-2026:2212-1 Release Date: 2026-06-01T17:05:30Z Rating: important References: * bsc#1264096 Cross-References: * CVE-2025-54518 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.153 fixes one security issue The following security issue was fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2212=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-2212=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_163-default-2-150500.2.1 * kernel-livepatch-5_14_21-150500_55_163-default-debuginfo-2-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_39-debugsource-2-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_163-default-2-150500.2.1 * kernel-livepatch-5_14_21-150500_55_163-default-debuginfo-2-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_39-debugsource-2-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://bugzilla.suse.com/show_bug.cgi?id=1264096 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 08:30:16 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 08:30:16 -0000 Subject: SUSE-SU-2026:2214-1: important: Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise 15 SP7) Message-ID: <178038901602.1212.17946944953260993576@28a6f8bc0cea> # Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise 15 SP7) Announcement ID: SUSE-SU-2026:2214-1 Release Date: 2026-06-01T18:33:54Z Rating: important References: * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.37 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2214=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-2214=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2211=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-2211=1 * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-2213=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_209-default-2-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_52-debugsource-2-150400.2.1 * kernel-livepatch-5_14_21-150400_24_209-default-debuginfo-2-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_209-default-2-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_52-debugsource-2-150400.2.1 * kernel-livepatch-5_14_21-150400_24_209-default-debuginfo-2-150400.2.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_23-debugsource-3-150600.2.1 * kernel-livepatch-6_4_0-150600_23_100-default-3-150600.2.1 * kernel-livepatch-6_4_0-150600_23_100-default-debuginfo-3-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_23-debugsource-3-150600.2.1 * kernel-livepatch-6_4_0-150600_23_100-default-3-150600.2.1 * kernel-livepatch-6_4_0-150600_23_100-default-debuginfo-3-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP7 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150700_53_37-default-4-150700.2.1 * kernel-livepatch-SLE15-SP7_Update_11-debugsource-4-150700.2.1 * kernel-livepatch-6_4_0-150700_53_37-default-debuginfo-4-150700.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 12:36:33 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 12:36:33 -0000 Subject: SUSE-SU-2026:2217-1: important: Security update for the Linux Kernel Message-ID: <178040379317.1312.13878079307290998952@28a6f8bc0cea> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:2217-1 Release Date: 2026-06-02T05:58:34Z Rating: important References: * bsc#1215199 * bsc#1225897 * bsc#1234634 * bsc#1237452 * bsc#1241166 * bsc#1243603 * bsc#1248754 * bsc#1249104 * bsc#1253122 * bsc#1253754 * bsc#1254518 * bsc#1255160 * bsc#1255752 * bsc#1256863 * bsc#1257183 * bsc#1257631 * bsc#1258518 * bsc#1258718 * bsc#1258826 * bsc#1258849 * bsc#1258850 * bsc#1258854 * bsc#1258855 * bsc#1258856 * bsc#1258857 * bsc#1258961 * bsc#1259186 * bsc#1259199 * bsc#1259222 * bsc#1259461 * bsc#1259484 * bsc#1259485 * bsc#1259535 * bsc#1259672 * bsc#1259799 * bsc#1259806 * bsc#1259857 * bsc#1259868 * bsc#1259869 * bsc#1259870 * bsc#1259871 * bsc#1259873 * bsc#1259878 * bsc#1259995 * bsc#1260010 * bsc#1260012 * bsc#1260018 * bsc#1260428 * bsc#1260468 * bsc#1260483 * bsc#1260484 * bsc#1260485 * bsc#1260489 * bsc#1260497 * bsc#1260501 * bsc#1260504 * bsc#1260505 * bsc#1260507 * bsc#1260522 * bsc#1260523 * bsc#1260526 * bsc#1260527 * bsc#1260528 * bsc#1260529 * bsc#1260530 * bsc#1260531 * bsc#1260532 * bsc#1260533 * bsc#1260536 * bsc#1260537 * bsc#1260538 * bsc#1260541 * bsc#1260544 * bsc#1260546 * bsc#1260549 * bsc#1260550 * bsc#1260551 * bsc#1260552 * bsc#1260553 * bsc#1260555 * bsc#1260561 * bsc#1260566 * bsc#1260572 * bsc#1260580 * bsc#1260581 * bsc#1260728 * bsc#1260729 * bsc#1260731 * bsc#1260800 * bsc#1260801 * bsc#1260811 * bsc#1260989 * bsc#1261020 * bsc#1261287 * bsc#1261295 * bsc#1261348 * bsc#1261412 * bsc#1261503 * bsc#1261504 * bsc#1261505 * bsc#1261507 * bsc#1261555 * bsc#1261581 * bsc#1261582 * bsc#1261584 * bsc#1261585 * bsc#1261601 * bsc#1261602 * bsc#1261618 * bsc#1261628 * bsc#1261632 * bsc#1261636 * bsc#1261637 * bsc#1261638 * bsc#1261641 * bsc#1261644 * bsc#1261645 * bsc#1261648 * bsc#1261669 * bsc#1261679 * bsc#1261685 * bsc#1261686 * bsc#1261687 * bsc#1261692 * bsc#1261694 * bsc#1261700 * bsc#1261702 * bsc#1261703 * bsc#1261707 * bsc#1261710 * bsc#1261713 * bsc#1261714 * bsc#1261719 * bsc#1261738 * bsc#1261750 * bsc#1261751 * bsc#1261752 * bsc#1261768 * bsc#1261778 * bsc#1261779 * bsc#1261780 * bsc#1261781 * bsc#1261786 * bsc#1261788 * bsc#1261789 * bsc#1261796 * bsc#1261797 * bsc#1261896 * bsc#1262019 * bsc#1262020 * bsc#1262053 * bsc#1262054 * bsc#1262055 * bsc#1262061 * bsc#1262063 * bsc#1262074 * bsc#1262078 * bsc#1262086 * bsc#1262087 * bsc#1262099 * bsc#1262100 * bsc#1262101 * bsc#1262179 * bsc#1262181 * bsc#1262250 * bsc#1262480 * bsc#1262526 * bsc#1262599 * bsc#1262602 * bsc#1262616 * bsc#1262665 * bsc#1262671 * bsc#1262673 * bsc#1262709 * bsc#1262725 * bsc#1262731 * bsc#1262734 * bsc#1262746 * bsc#1262752 * bsc#1262758 * bsc#1263001 * bsc#1263012 * bsc#1263018 * bsc#1263064 * bsc#1263065 * bsc#1263085 * bsc#1263093 * bsc#1263095 * bsc#1263104 * bsc#1263131 * bsc#1263140 * bsc#1263141 * bsc#1263149 * bsc#1263165 * bsc#1263170 * bsc#1263176 * bsc#1263255 * bsc#1263556 * bsc#1263582 * bsc#1263592 * bsc#1263593 * bsc#1263595 * bsc#1263596 * bsc#1263600 * bsc#1263668 * bsc#1263723 * bsc#1263797 * bsc#1263815 * bsc#1263877 * bsc#1263882 * bsc#1263901 * bsc#1263931 * bsc#1263933 * bsc#1263995 * bsc#1264014 * bsc#1264059 * bsc#1264082 * bsc#1264087 * bsc#1264097 * bsc#1264183 * bsc#1264427 * bsc#1264449 * bsc#1264469 * bsc#1264482 * bsc#1264634 * bsc#1264651 * bsc#1264661 * bsc#1264674 * bsc#1264801 * bsc#1264848 * bsc#1265085 * bsc#1265090 * bsc#1265116 * bsc#1265119 * bsc#1265126 * bsc#1265144 * bsc#1265421 * bsc#1265449 * bsc#1265456 * bsc#1265626 * bsc#1265846 * bsc#1265960 * jsc#PED-10383 * jsc#PED-10664 * jsc#PED-11175 * jsc#PED-16221 * jsc#PED-16245 * jsc#PED-7249 Cross-References: * CVE-2023-20585 * CVE-2025-40219 * CVE-2025-68310 * CVE-2025-71183 * CVE-2025-71238 * CVE-2026-23168 * CVE-2026-23209 * CVE-2026-23236 * CVE-2026-23237 * CVE-2026-23239 * CVE-2026-23240 * CVE-2026-23245 * CVE-2026-23246 * CVE-2026-23253 * CVE-2026-23260 * CVE-2026-23261 * CVE-2026-23262 * CVE-2026-23264 * CVE-2026-23266 * CVE-2026-23268 * CVE-2026-23269 * CVE-2026-23271 * CVE-2026-23273 * CVE-2026-23276 * CVE-2026-23279 * CVE-2026-23290 * CVE-2026-23291 * CVE-2026-23298 * CVE-2026-23300 * CVE-2026-23304 * CVE-2026-23306 * CVE-2026-23307 * CVE-2026-23308 * CVE-2026-23312 * CVE-2026-23313 * CVE-2026-23315 * CVE-2026-23318 * CVE-2026-23321 * CVE-2026-23324 * CVE-2026-23325 * CVE-2026-23335 * CVE-2026-23336 * CVE-2026-23339 * CVE-2026-23340 * CVE-2026-23343 * CVE-2026-23346 * CVE-2026-23351 * CVE-2026-23354 * CVE-2026-23357 * CVE-2026-23362 * CVE-2026-23363 * CVE-2026-23365 * CVE-2026-23367 * CVE-2026-23368 * CVE-2026-23370 * CVE-2026-23372 * CVE-2026-23373 * CVE-2026-23374 * CVE-2026-23378 * CVE-2026-23382 * CVE-2026-23383 * CVE-2026-23391 * CVE-2026-23392 * CVE-2026-23393 * CVE-2026-23395 * CVE-2026-23396 * CVE-2026-23397 * CVE-2026-23399 * CVE-2026-23403 * CVE-2026-23404 * CVE-2026-23405 * CVE-2026-23406 * CVE-2026-23407 * CVE-2026-23408 * CVE-2026-23409 * CVE-2026-23410 * CVE-2026-23411 * CVE-2026-23412 * CVE-2026-23418 * CVE-2026-23419 * CVE-2026-23420 * CVE-2026-23426 * CVE-2026-23434 * CVE-2026-23440 * CVE-2026-23441 * CVE-2026-23442 * CVE-2026-23443 * CVE-2026-23445 * CVE-2026-23446 * CVE-2026-23447 * CVE-2026-23448 * CVE-2026-23449 * CVE-2026-23450 * CVE-2026-23452 * CVE-2026-23454 * CVE-2026-23455 * CVE-2026-23456 * CVE-2026-23457 * CVE-2026-23458 * CVE-2026-23460 * CVE-2026-23461 * CVE-2026-23462 * CVE-2026-23463 * CVE-2026-23465 * CVE-2026-23466 * CVE-2026-23468 * CVE-2026-23470 * CVE-2026-23472 * CVE-2026-23473 * CVE-2026-23474 * CVE-2026-23475 * CVE-2026-31389 * CVE-2026-31392 * CVE-2026-31393 * CVE-2026-31394 * CVE-2026-31395 * CVE-2026-31400 * CVE-2026-31402 * CVE-2026-31403 * CVE-2026-31404 * CVE-2026-31405 * CVE-2026-31407 * CVE-2026-31408 * CVE-2026-31411 * CVE-2026-31412 * CVE-2026-31415 * CVE-2026-31416 * CVE-2026-31417 * CVE-2026-31420 * CVE-2026-31421 * CVE-2026-31422 * CVE-2026-31423 * CVE-2026-31424 * CVE-2026-31425 * CVE-2026-31426 * CVE-2026-31427 * CVE-2026-31428 * CVE-2026-31436 * CVE-2026-31449 * CVE-2026-31470 * CVE-2026-31488 * CVE-2026-31494 * CVE-2026-31496 * CVE-2026-31504 * CVE-2026-31505 * CVE-2026-31507 * CVE-2026-31512 * CVE-2026-31515 * CVE-2026-31519 * CVE-2026-31525 * CVE-2026-31528 * CVE-2026-31533 * CVE-2026-31547 * CVE-2026-31550 * CVE-2026-31565 * CVE-2026-31570 * CVE-2026-31586 * CVE-2026-31588 * CVE-2026-31602 * CVE-2026-31607 * CVE-2026-31622 * CVE-2026-31649 * CVE-2026-31656 * CVE-2026-31662 * CVE-2026-31668 * CVE-2026-31669 * CVE-2026-31675 * CVE-2026-31679 * CVE-2026-31681 * CVE-2026-31682 * CVE-2026-31684 * CVE-2026-31685 * CVE-2026-31694 * CVE-2026-31700 * CVE-2026-31738 * CVE-2026-31787 * CVE-2026-43009 * CVE-2026-43025 * CVE-2026-43027 * CVE-2026-43037 * CVE-2026-43038 * CVE-2026-43044 * CVE-2026-43050 * CVE-2026-43060 * CVE-2026-43088 * CVE-2026-43110 * CVE-2026-43120 * CVE-2026-43126 * CVE-2026-43190 * CVE-2026-43214 * CVE-2026-43265 * CVE-2026-43329 * CVE-2026-43330 * CVE-2026-43334 * CVE-2026-43365 * CVE-2026-43366 * CVE-2026-43419 * CVE-2026-43437 * CVE-2026-43441 * CVE-2026-43494 * CVE-2026-43503 CVSS scores: * CVE-2023-20585 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2023-20585 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2023-20585 ( NVD ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-40219 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40219 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-68310 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68310 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-71183 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71183 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71238 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-71238 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-71238 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23168 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23168 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23168 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23209 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23209 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23236 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23236 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23236 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23236 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2026-23237 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23237 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23239 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23239 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23240 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23245 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23245 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23245 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23246 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23253 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23253 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23260 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23260 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23260 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23261 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23261 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23262 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23262 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23264 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23264 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23266 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23266 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23266 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23268 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23268 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23269 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23269 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23269 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23271 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23271 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23273 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23276 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23276 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23279 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23279 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23279 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23290 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23290 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23290 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23291 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23291 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23298 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23298 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23298 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23300 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23300 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23300 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23304 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23304 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23304 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23306 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23306 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H * CVE-2026-23306 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23307 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23308 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23308 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23312 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23312 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23312 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23313 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23315 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23315 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23318 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23318 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23321 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23321 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23321 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23324 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23324 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23324 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23325 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23325 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23335 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23335 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-23335 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23336 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23336 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23339 ( SUSE ): 2.3 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23339 ( SUSE ): 3.1 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23339 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23340 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23340 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23340 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23343 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23343 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23343 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23346 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23346 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23346 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23354 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23354 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-23354 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23357 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23357 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23357 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23362 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23363 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23365 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23365 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23365 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23367 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-23367 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-23367 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23368 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23368 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23368 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23370 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23370 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23372 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23372 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23373 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23373 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23374 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23374 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23374 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23378 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23378 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23378 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23378 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23382 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23382 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23382 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23383 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23383 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23391 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23391 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23392 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23393 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23395 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23395 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23395 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23395 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23396 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23396 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23396 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23397 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23397 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23397 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23399 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23399 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23399 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23403 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23403 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23404 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23406 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23406 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23407 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23407 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23407 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23408 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23409 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23409 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23410 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23410 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23411 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23412 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23412 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23412 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23412 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23418 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23418 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23418 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23419 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23419 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23419 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23419 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23420 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23426 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23426 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23426 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23434 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23434 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23434 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23434 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23440 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23440 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23440 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23440 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23441 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23441 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23442 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23442 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23442 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23443 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23443 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23443 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23445 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23445 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23445 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23445 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23446 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23446 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23446 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23447 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23447 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23448 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23448 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23448 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23450 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23452 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23452 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23452 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23454 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23454 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23454 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23455 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23455 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23455 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23456 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23456 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-23456 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23457 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23457 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23457 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23458 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23458 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23458 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23460 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23460 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23460 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23461 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23461 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23461 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23462 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23463 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23463 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2026-23463 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23465 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2026-23465 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2026-23465 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23466 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23466 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23466 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23468 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23470 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23470 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23472 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23472 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23472 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23473 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23473 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23474 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23474 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23474 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23475 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23475 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23475 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31389 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31389 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31389 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31392 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31392 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L * CVE-2026-31392 ( NVD ): 8.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L * CVE-2026-31393 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31393 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31393 ( NVD ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31394 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31394 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31394 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31395 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31395 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31395 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31400 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31400 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31400 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31402 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31402 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-31402 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31403 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31404 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31404 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31404 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31405 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31405 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31407 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31407 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31407 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31408 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31408 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31408 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31411 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31411 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31411 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31412 ( SUSE ): 7.0 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31412 ( SUSE ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31412 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31415 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31415 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31415 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31416 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31416 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-31416 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31417 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31417 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31417 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31420 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31421 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31421 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31421 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31422 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31422 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31422 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31423 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31423 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31423 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31424 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31424 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31424 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31425 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31425 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31426 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31426 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-31426 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31427 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-31427 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2026-31427 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31428 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31428 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31428 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31436 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31436 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31436 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31449 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-31470 ( SUSE ): 6.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31470 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31470 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31488 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31488 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31488 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31494 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-31494 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2026-31494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31496 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31496 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31496 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31504 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31504 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31504 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31505 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31507 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31512 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31512 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-31512 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31515 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31515 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31515 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31519 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31519 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31525 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31525 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31525 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31528 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31528 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31528 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31533 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31547 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31547 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31547 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31550 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31550 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31550 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31565 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31565 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31565 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31570 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:N/SA:N * CVE-2026-31570 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31586 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31588 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-31602 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31602 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31602 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31607 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31607 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2026-31607 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31622 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31622 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31622 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31649 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31656 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31662 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31662 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31662 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31668 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-31668 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2026-31668 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31669 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31675 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31675 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2026-31675 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31679 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31679 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31679 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31681 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31681 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31681 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31682 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31682 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31682 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31684 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31684 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-31684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31685 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31685 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31685 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31694 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31694 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31694 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31700 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31738 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43009 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-43027 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43027 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43038 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43038 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43044 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43044 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43044 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43050 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43060 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43060 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43088 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-43088 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-43110 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43110 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43110 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43120 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43126 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43190 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43190 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43190 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43214 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43214 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43214 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43265 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43265 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43265 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43329 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43329 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43329 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43330 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43330 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43330 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43334 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-43334 ( SUSE ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-43334 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43365 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43365 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43365 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43366 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43366 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43366 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43419 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-43419 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-43437 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43437 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43441 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43441 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43494 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43494 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43503 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43503 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43503 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Real Time Module 15-SP7 An update that solves 201 vulnerabilities, contains six features and has 41 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: * CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1 (bsc#1243603). * CVE-2025-68310: s390/pci: Use pci_uevent_ers() in PCI recovery (bsc#1255160). * CVE-2025-71183: btrfs: always detect conflicting inodes when logging inode refs (bsc#1257631). * CVE-2026-23168: flex_proportions: make fprop_new_period() hardirq safe (bsc#1258826). * CVE-2026-23239: espintcp: Fix race condition in espintcp_close() (bsc#1259485). * CVE-2026-23240: tls: Fix race condition in tls_sw_cancel_work_tx() (bsc#1259484). * CVE-2026-23245: net/sched: act_gate: snapshot parameters with RCU on replace (bsc#1259799). * CVE-2026-23262: gve: Fix stats report corruption on queue count change (bsc#1259870). * CVE-2026-23271: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race (bsc#1260018). * CVE-2026-23276: net: move dev_xmit_recursion() helpers to net/core/dev.h (bsc#1260012). * CVE-2026-23300: net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop (bsc#1260538). * CVE-2026-23304: ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu() (bsc#1260544). * CVE-2026-23306: scsi: pm8001: Fix use-after-free in pm8001_queue_command() (bsc#1260501). * CVE-2026-23313: i40e: Fix preempt count leak in napi poll tracepoint (bsc#1260555). * CVE-2026-23321: mptcp: pm: in-kernel: always mark signal+subflow endp as used (bsc#1260505). * CVE-2026-23335: RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah() (bsc#1260550). * CVE-2026-23340: net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs (bsc#1260523). * CVE-2026-23343: xdp: produce a warning when calculated tailroom is negative (bsc#1260527). * CVE-2026-23346: mm/ioremap: define generic_ioremap_prot() and generic_iounmap() (bsc#1260529). * CVE-2026-23351: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase (bsc#1260526). * CVE-2026-23354: x86/fred: Correct speculative safety in fred_extint() (bsc#1260801). * CVE-2026-23368: net: phy: register phy led_triggers during probe to avoid AB-BA deadlock (bsc#1260530). * CVE-2026-23374: blktrace: fix __this_cpu_read/write in preemptible context (bsc#1260811). * CVE-2026-23378: net/sched: act_ife: Fix metalist update behavior (bsc#1260546). * CVE-2026-23383: bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing (bsc#1260497). * CVE-2026-23391: netfilter: xt_CT: drop pending enqueued packets on template removal (bsc#1260566). * CVE-2026-23392: netfilter: nf_tables: release flowtable after rcu grace period on error (bsc#1260531). * CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260522). * CVE-2026-23395: Bluetooth: L2CAP: Fix accepting multiple L2CAP_ECRED_CONN_REQ (bsc#1260580). * CVE-2026-23397: nfnetlink_osf: validate individual option lengths in fingerprints (bsc#1260728). * CVE-2026-23399: nf_tables: nft_dynset: fix possible stateful expression memleak in error path (bsc#1261020). * CVE-2026-23412: netfilter: bpf: defer hook memory release until rcu readers are done (bsc#1261412). * CVE-2026-23419: net/rds: Fix circular locking dependency in rds_tcp_tune (bsc#1261507). * CVE-2026-23440: net/mlx5e: Fix race condition during IPSec ESN update (bsc#1261641). * CVE-2026-23441: net/mlx5e: Prevent concurrent access to IPSec ASO context (bsc#1261768). * CVE-2026-23442: ipv6: add NULL checks for idev in SRv6 paths (bsc#1261581). * CVE-2026-23445: igc: fix page fault in XDP TX timestamps handling (bsc#1261702). * CVE-2026-23449: net/sched: teql: Fix double-free in teql_master_xmit (bsc#1261779). * CVE-2026-23450: net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock() (bsc#1261584). * CVE-2026-23455: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() (bsc#1261687). * CVE-2026-23456: netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case (bsc#1261703). * CVE-2026-23457: netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp() (bsc#1261686). * CVE-2026-23458: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() (bsc#1261781). * CVE-2026-23461: Bluetooth: L2CAP: Fix use-after-free in l2cap_unregister_user (bsc#1261707). * CVE-2026-23462: Bluetooth: HIDP: Fix possible UAF (bsc#1261710). * CVE-2026-23468: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion (bsc#1261692). * CVE-2026-23472: serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN (bsc#1261636). * CVE-2026-23473: io_uring/poll: fix multishot recv missing EOF on wakeup race (bsc#1261694). * CVE-2026-31395: bnxt_en: fix OOB access in DBG_BUF_PRODUCER async event handler (bsc#1261786). * CVE-2026-31400: sunrpc: fix cache_request leak in cache_release (bsc#1261645). * CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (bsc#1261638). * CVE-2026-31403: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd (bsc#1261796). * CVE-2026-31404: xfs: avoid dereferencing log items after push callbacks (bsc#1261628). * CVE-2026-31407: netfilter: conntrack: add missing netlink policy validations (bsc#1261632). * CVE-2026-31411: net: atm: fix crash due to unvalidated vcc pointer in sigd_send() (bsc#1261752). * CVE-2026-31415: ipv6: avoid overflows in ip6_datagram_send_ctl() (bsc#1262099). * CVE-2026-31416: netfilter: nfnetlink_log: account for netlink header size (bsc#1262100). * CVE-2026-31420: bridge: mrp: reject zero test interval to avoid OOM panic (bsc#1262055). * CVE-2026-31421: net/sched: cls_fw: fix NULL pointer dereference on shared blocks (bsc#1262061). * CVE-2026-31422: net/sched: cls_flow: fix NULL pointer dereference on shared blocks (bsc#1262054). * CVE-2026-31423: net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() (bsc#1262063). * CVE-2026-31424: netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP (bsc#1262053). * CVE-2026-31425: rds: ib: reject FRMR registration before IB connection is established (bsc#1262074). * CVE-2026-31427: netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp (bsc#1262086). * CVE-2026-31428: netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD (bsc#1262087). * CVE-2026-31436: dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() (bsc#1262602). * CVE-2026-31449: ext4: validate p_idx bounds in ext4_ext_correct_indexes (bsc#1262616). * CVE-2026-31470: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (bsc#1262665). * CVE-2026-31488: drm/amd/display: Do not skip unrelated mode changes in DSC validation (bsc#1262746). * CVE-2026-31494: net: cadence: macb: Synchronize stats calculations (bsc#1262671). * CVE-2026-31496: netfilter: nf_conntrack_expect: skip expectations in other netns via proc (bsc#1262673). * CVE-2026-31504: net: fix fanout UAF in packet_release() via NETDEV_UP race (bsc#1263085). * CVE-2026-31505: iavf: fix out-of-bounds writes in iavf_get_ethtool_stats() (bsc#1263093). * CVE-2026-31507: net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer (bsc#1263095). * CVE-2026-31512: Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv() (bsc#1262734). * CVE-2026-31515: af_key: validate families in pfkey_send_migrate() (bsc#1262752). * CVE-2026-31519: btrfs: set BTRFS_ROOT_ORPHAN_CLEANUP during subvol create (bsc#1263012). * CVE-2026-31525: bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN (bsc#1262725). * CVE-2026-31528: perf: Make sure to use pmu_ctx->pmu for groups (bsc#1263001). * CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (bsc#1262758). * CVE-2026-31547: drm/xe: Fix missing runtime PM reference in ccs_mode_store (bsc#1263018). * CVE-2026-31550: pmdomain: bcm: bcm2835-power: Increase ASB control timeout (bsc#1263104). * CVE-2026-31565: RDMA/irdma: Fix deadlock during netdev reset with active connections (bsc#1263064). * CVE-2026-31570: can: gw: fix OOB heap access in cgw_csum_crc8_rel() (bsc#1263065). * CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (bsc#1263176). * CVE-2026-31588: KVM: x86: Use scratch field in MMIO fragment to hold small write values (bsc#1263165). * CVE-2026-31602: ALSA: ctxfi: Limit PTP to a single page (bsc#1263723). * CVE-2026-31607: usbip: validate number_of_packets in usbip_pack_ret_submit() (bsc#1263600). * CVE-2026-31622: NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (bsc#1263797). * CVE-2026-31649: net: stmmac: fix integer underflow in chain mode (bsc#1263582). * CVE-2026-31656: drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (bsc#1263170). * CVE-2026-31662: tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG (bsc#1263131). * CVE-2026-31668: seg6: separate dst_cache for input and output paths in seg6 lwtunnel (bsc#1263140). * CVE-2026-31669: mptcp: fix slab-use-after-free in __inet_lookup_established (bsc#1263141). * CVE-2026-31675: net/sched: sch_netem: fix out-of-bounds access in packet corruption (bsc#1263556). * CVE-2026-31679: openvswitch: validate MPLS set/set_masked payload length (bsc#1263592). * CVE-2026-31681: netfilter: xt_multiport: validate range encoding in checkentry (bsc#1263593). * CVE-2026-31682: bridge: br_nd_send: linearize skb before parsing ND options (bsc#1263595). * CVE-2026-31684: net: sched: act_csum: validate nested VLAN headers (bsc#1263596). * CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263668). * CVE-2026-31694: fuse: reject oversized dirents in page cache (bsc#1263901). * CVE-2026-31700: net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (bsc#1263882). * CVE-2026-31738: vxlan: validate ND option lengths in vxlan_na_create (bsc#1264059). * CVE-2026-31787: xen/privcmd: fix double free via VMA splitting (bsc#1262181). * CVE-2026-43009: bpf: Fix incorrect pruning due to atomic fetch precision tracking (bsc#1264014). * CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new expectations (bsc#1263931). * CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect cleanup (bsc#1263933). * CVE-2026-43037: ip6_tunnel: clear skb2->cb in ip4ip6_err() (bsc#1263995). * CVE-2026-43038: ipv6: icmp: clear skb2->cb in ip6_err_gen_icmpv6_unreach() (bsc#1264097). * CVE-2026-43044: crypto: caam - fix DMA corruption on long hmac keys (bsc#1264087). * CVE-2026-43050: atm: lec: fix use-after-free in sock_def_readable() (bsc#1264082). * CVE-2026-43060: netfilter: nft_ct: drop pending enqueued packets on removal (bsc#1264183). * CVE-2026-43088: net: af_key: zero aligned sockaddr tail in PF_KEY exports (bsc#1264469). * CVE-2026-43110: wifi: brcmfmac: validate bsscfg indices in IF events (bsc#1264482). * CVE-2026-43120: RDMA/irdma: Fix double free related to rereg_user_mr. * CVE-2026-43126: ALSA: mixer: oss: Add card disconnect checkpoints (bsc#1264634). * CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264848). * CVE-2026-43214: KVM: x86: Add SRCU protection for reading PDPTRs in __get_sregs2() (bsc#1264651). * CVE-2026-43265: KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block() (bsc#1264427). * CVE-2026-43329: netfilter: flowtable: strictly check for maximum number of actions (bsc#1265085). * CVE-2026-43330: crypto: caam - fix overflow on long hmac keys (bsc#1264801). * CVE-2026-43334: Bluetooth: SMP: force responder MITM requirements before building the pairing response (bsc#1265090). * CVE-2026-43365: xfs: fix undersized l_iclog_roundoff values (bsc#1265119). * CVE-2026-43366: io_uring/kbuf: check if target buffer list is still legacy on recycle (bsc#1265116). * CVE-2026-43419: ceph: fix memory leaks in ceph_mdsc_build_path() (bsc#1264661). * CVE-2026-43437: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (bsc#1265126). * CVE-2026-43441: net: bonding: Fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1264674). * CVE-2026-43494: net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * CVE-2026-43503: net: skbuff: propagate shared-frag marker through frag- transfer helpers (bsc#1265960). The following non security issues were fixed: * accel/qaic: Add overflow check to remap_pfn_range during mmap (git-fixes). * ACPI: AGDI: fix missing newline in error message (git-fixes). * ACPI: CPPC: Fix related_cpus inconsistency during CPU hotplug (git-fixes). * ACPI: scan: Use acpi_dev_put() in object add error paths (git-fixes). * ACPI: video: Add backlight=native quirk for Dell OptiPlex 7770 AIO (git- fixes). * ACPI: video: force native backlight on HP OMEN 16 (8A44) (stable-fixes). * ALSA: 6fire: Fix input volume change detection (git-fixes). * ALSA: 6fire: fix use-after-free on disconnect (git-fixes). * ALSA: aoa: i2sbus: clear stale prepared state (git-fixes). * ALSA: aoa: i2sbus: fix OF node lifetime handling (git-fixes). * ALSA: aoa: Skip devices with no codecs in i2sbus_resume() (git-fixes). * ALSA: aoa: Use guard() for mutex locks (stable-fixes). * ALSA: asihpi: avoid write overflow check warning (stable-fixes). * ALSA: caiaq: Don't abort when no input device is available (git-fixes). * ALSA: caiaq: Fix control_put() result and cache rollback (git-fixes). * ALSA: caiaq: Fix potentially leftover ep1_in_urb at error path (git-fixes). * ALSA: caiaq: fix usb_dev refcount leak on probe failure (git-fixes). * ALSA: caiaq: Handle probe errors properly (git-fixes). * ALSA: caiaq: take a reference on the USB device in create_card() (git- fixes). * ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names() (git-fixes). * ALSA: core: Fix potential data race at fasync handling (git-fixes). * ALSA: core: Serialize deferred fasync state checks (git-fixes). * ALSA: core: Validate compress device numbers without dynamic minors (git- fixes). * ALSA: ctxfi: Add fallback to default RSR for S/PDIF (git-fixes). * ALSA: ctxfi: Fix missing SPDIFI1 index handling (stable-fixes). * ALSA: ctxfi: Limit PTP to a single page (git-fixes). * ALSA: firewire-tascam: Do not drop unread control events (git-fixes). * ALSA: fireworks: bound device-supplied status before string array lookup (git-fixes). * ALSA: hda/realtek - fixed speaker no sound update (git-fixes). * ALSA: hda/realtek: Add HP ENVY Laptop 13-ba0xxx quirk (stable-fixes). * ALSA: hda/realtek: Add mute LED quirk for HP Pavilion 15-eg0xxx (stable- fixes). * ALSA: hda/realtek: Add quirk for ASUS ROG Flow Z13-KJP GZ302EAC (stable- fixes). * ALSA: hda/realtek: add quirk for Framework F111:000F (stable-fixes). * ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14IAH10 (stable-fixes). * ALSA: hda/realtek: fix code style (ERROR: else should follow close brace '}') (git-fixes). * ALSA: hda: cs35l41: Put ACPI device on missing physical node (git-fixes). * ALSA: hda: cs35l56: Propagate ASP TX source control errors (git-fixes). * ALSA: hda: cs35l56: Put ACPI device after setting companion (git-fixes). * ALSA: hda: Fix NULL pointer dereference in snd_hda_ctl_add() (git-fixes). * ALSA: misc: Use guard() for spin locks (stable-fixes). * ALSA: scarlett2: Add missing error check when initialise Autogain Status (git-fixes). * ALSA: scarlett2: Add missing sentinel initializer field (git-fixes). * ALSA: seq: Notify client and port info changes (stable-fixes). * ALSA: seq_oss: return full count for successful SEQ_FULLSIZE writes (stable- fixes). * ALSA: usb-audio: apply quirk for MOONDROP JU Jiu (stable-fixes). * ALSA: usb-audio: Avoid false E-MU sample-rate notifications (git-fixes). * ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3() (git- fixes). * ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans (git-fixes). * ALSA: usb-audio: Bound MIDI endpoint descriptor scans (git-fixes). * ALSA: usb-audio: Evaluate packsize caps at the right place (git-fixes). * ALSA: usb-audio: Fix Audio Advantage Micro II SPDIF switch (git-fixes). * ALSA: usb-audio: Fix potential leak of pd at parsing UAC3 streams (git- fixes). * ALSA: usb-audio: Fix quirk flags for NeuralDSP Quad Cortex (stable-fixes). * ALSA: usb-audio: Fix UAC3 cluster descriptor size check (git-fixes). * ALSA: usb-audio: midi2: Restart output URBs on resume (git-fixes). * ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES (git-fixes). * amdgpu/jpeg: fix deepsleep register for jpeg 5_0_0 and 5_0_2 (stable-fixes). * ASoC: amd: acp: Add DMI quirk for Valve Steam Deck OLED (git-fixes). * ASoC: amd: yc: Add DMI entry for HP Laptop 15-fc0xxx (stable-fixes). * ASoC: amd: yc: Add DMI quirk for ASUS EXPERTBOOK BM1403CDA (stable-fixes). * ASoC: amd: yc: Add DMI quirk for Thin A15 B7VF (stable-fixes). * ASoC: amd: yc: Add HP OMEN Gaming Laptop 16-ap0xxx product line in quirk table (stable-fixes). * ASoC: codecs: ab8500: Fix casting of private data (git-fixes). * ASoC: cs35l56: Destroy workqueue in probe error path (git-fixes). * ASoC: cs35l56: Don't use devres to unregister component (git-fixes). * ASoC: cs35l56: Fix hibernate write in runtime resume error path (git-fixes). * ASoC: fsl_easrc: Change the type for iec958 channel status controls (git- fixes). * ASoC: fsl_easrc: Check the variable range in fsl_easrc_iec958_put_bits() (git-fixes). * ASoC: fsl_easrc: fix comment typo (git-fixes). * ASoC: fsl_easrc: Fix value type in fsl_easrc_iec958_get_bits() (git-fixes). * ASoC: fsl_micfil: Add access property for "VAD Detected" (git-fixes). * ASoC: fsl_micfil: Fix event generation in hwvad_put_enable() (git-fixes). * ASoC: fsl_micfil: Fix event generation in hwvad_put_init_mode() (git-fixes). * ASoC: fsl_micfil: Fix event generation in micfil_put_dc_remover_state() (git-fixes). * ASoC: fsl_micfil: Fix event generation in micfil_quality_set() (git-fixes). * ASoC: fsl_xcvr: Fix event generation for cached controls (git-fixes). * ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_arc_mode_put() (git-fixes). * ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_mode_put() (git-fixes). * ASoC: Intel: bytcr_wm5102: Fix MCLK leak on platform_clock_control error (git-fixes). * ASoC: qcom: q6apm-dai: reset queue ptr on trigger stop (git-fixes). * ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens (git-fixes). * ASoC: qcom: q6apm: move component registration to unmanaged version (git- fixes). * ASoC: qcom: q6apm: remove child devices when apm is removed (git-fixes). * ASoC: qcom: qdsp6: topology: check widget type before accessing data (git- fixes). * ASoC: soc-core: call missing INIT_LIST_HEAD() for card_aux_list (stable- fixes). * ASoC: SOF: compress: return the configured codec from get_params (git- fixes). * ASoC: SOF: Don't allow pointer operations on unconfigured streams (git- fixes). * ASoC: SOF: Intel: hda: Place check before dereference (git-fixes). * ASoC: SOF: topology: reject invalid vendor array size in token parser (stable-fixes). * ASoC: sti: Return errors from regmap_field_alloc() (git-fixes). * ASoC: sti: use managed regmap_field allocations (git-fixes). * ASoC: stm32_sai: fix incorrect BCLK polarity for DSP_A/B, LEFT_J (stable- fixes). * ata: ahci: force 32-bit DMA for JMicron JMB582/JMB585 (stable-fixes). * batman-adv: bla: only purge non-released claims (git-fixes). * batman-adv: bla: prevent use-after-free when deleting claims (git-fixes). * batman-adv: bla: put backbone reference on failed claim hash insert (git- fixes). * batman-adv: fix integer overflow on buff_pos (git-fixes). * batman-adv: hold claim backbone gateways by reference (git-fixes). * batman-adv: reject new tp_meter sessions during teardown (git-fixes). * batman-adv: reject oversized global TT response buffers (git-fixes). * batman-adv: stop caching unowned originator pointers in BAT IV (git-fixes). * Bluetooth: bnep: fix incorrect length parsing in bnep_rx_frame() extension handling (git-fixes). * Bluetooth: btmtk: validate WMT event SKB length before struct access (git- fixes). * Bluetooth: fix locking in hci_conn_request_evt() with HCI_PROTO_DEFER (git- fixes). * Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt (git-fixes). * Bluetooth: hci_event: fix potential UAF in SSP passkey handlers (git-fixes). * Bluetooth: hci_ldisc: Clear HCI_UART_PROTO_INIT on error (git-fixes). * Bluetooth: HIDP: serialise l2cap_unregister_user via hidp_session_sem (git- fixes). * Bluetooth: ISO: Fix data-race on dst in iso_sock_connect() (git-fixes). * Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp (git- fixes). * Bluetooth: l2cap: fix MPS check in l2cap_ecred_reconf_req (git-fixes). * Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb() (git- fixes). * Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_state_change_cb() (git- fixes). * Bluetooth: L2CAP: Fix printing wrong information if SDU length exceeds MTU (git-fixes). * Bluetooth: RFCOMM: pull credit byte with skb_pull_data() (git-fixes). * Bluetooth: SCO: check for codecs->num_codecs == 1 before assigning to sco_pi(sk)->codec (git-fixes). * Bluetooth: SCO: fix sleeping under spinlock in sco_conn_ready (git-fixes). * Bluetooth: SCO: hold sk properly in sco_conn_ready (git-fixes). * Bluetooth: virtio_bt: clamp rx length before skb_put (git-fixes). * Bluetooth: virtio_bt: validate rx pkt_type header length (git-fixes). * btrfs: do not skip logging new dentries when logging a new name (git-fixes). * btrfs: reject root items with drop_progress and zero drop_level (git-fixes). * btrfs: replace BUG() with error handling in __btrfs_balance() (git-fixes). * can: mcp251x: add error handling for power enable in open and resume (stable-fixes). * can: raw: fix ro->uniq use-after-free in raw_rcv() (git-fixes). * can: ucan: fix devres lifetime (git-fixes). * cdc-acm: new quirk for EPSON HMD (stable-fixes). * cgroup/cpuset: Fix incorrect change to effective_xcpus in partition_xcpus_del() (bsc#1241166). * cgroup/cpuset: Fix incorrect use of cpuset_update_tasks_cpumask() in update_cpumasks_hier() (bsc#1241166). * check-for-config-changes: Exclude CC_MS_EXTENSIONS. * check-for-config-changes: Exclude HAVE_CFI_ICALL_NORMALIZE_INTEGERS{,_RUSTC}. * checkpatch: add support for Assisted-by tag (stable-fixes). * comedi: dt2815: add hardware detection to prevent crash (stable-fixes). * cpufreq: intel_pstate: Drop Arrow Lake from "scaling factor" list (bsc#1249104). * crypto: algif_aead - Fix minimum RX size check for decryption (git-fixes). * crypto: arm64/aes - Fix 32-bit aes_mac_update() arg treated as 64-bit (git- fixes). * crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup (git- fixes). * crypto: atmel-ecc - Release client on allocation failure (git-fixes). * crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path (git-fixes). * crypto: atmel-tdes - fix DMA sync direction (git-fixes). * crypto: authencesn - reject short ahash digests during instance creation (git-fixes). * crypto: ccp - copy IV using skcipher ivsize (git-fixes). * crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed (git-fixes). * crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed (git-fixes). * crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed (git-fixes). * crypto: ccree - fix a memory leak in cc_mac_digest() (git-fixes). * crypto: hisilicon - Fix dma_unmap_single() direction (git-fixes). * crypto: jitterentropy - replace long-held spinlock with mutex (git-fixes). * crypto: pcrypt - Fix handling of MAY_BACKLOG requests (git-fixes). * crypto: qat - fix type mismatch in RAS sysfs show functions (git-fixes). * crypto: qat - use swab32 macro (git-fixes). * crypto: sa2ul - Fix AEAD fallback algorithm names (git-fixes). * crypto: simd - reject compat registrations without __ prefixes (git-fixes). * crypto: talitos - fix SEC1 32k ahash request limitation (git-fixes). * crypto: testmgr - Hide ENOENT errors (stable-fixes). * crypto: testmgr - Hide ENOENT errors better (git-fixes). * devres: fix missing node debug info in devm_krealloc() (git-fixes). * dm init: ensure device probing has finished in dm-mod.waitfor= (git-fixes). * dmaengine: dw-axi-dmac: Remove unnecessary return statement from void function (git-fixes). * dmaengine: mxs-dma: Fix missing return value from of_dma_controller_register() (git-fixes). * dpll: zl3073x: Add support to adjust phase (bsc#1255752). * dpll: zl3073x: Fix output pin phase adjustment sign (bsc#1255752). * dpll: zl3073x: Fix output pin registration (bsc#1255752). * dpll: zl3073x: fix REF_PHASE_OFFSET_COMP register width for some chip IDs (bsc#1255752). * dpll: zl3073x: Specify phase adjustment granularity for pins (bsc#1255752). * drm/amd/display: Add NULL check for integrated_info in clk_mgr_construct (git-fixes). * drm/amd/display: Allow DCE link encoder without AUX registers (git-fixes). * drm/amd/display: Avoid NULL dereference in dc_dmub_srv error paths (git- fixes). * drm/amd/display: Change dither policy for 10 bpc output back to dithering (git-fixes). * drm/amd/display: Correct logic check error for fastboot (git-fixes). * drm/amd/display: Disable 10-bit truncation and dithering on DCE 6.x (git- fixes). * drm/amd/display: Disable fastboot on DCE 6 too (stable-fixes). * drm/amd/display: Read EDID from VBIOS embedded panel info (git-fixes). * drm/amd/pm/ci: Clear EnabledForActivity field for memory levels (git-fixes). * drm/amd/pm/ci: Disable MCLK DPM on problematic CI ASICs (git-fixes). * drm/amd/pm/ci: Fill DW8 fields from SMC (git-fixes). * drm/amd/pm/ci: Fix powertune defaults for Hawaii 0x67B0 (git-fixes). * drm/amd/pm/ci: Use highest MCLK on CI when MCLK DPM is disabled (git-fixes). * drm/amd/pm/smu7: Add SCLK cap for quirky Hawaii board (git-fixes). * drm/amd/pm/smu7: Fix SMU7 voltage dependency on display clock (git-fixes). * drm/amd/pm: fix incorrect FeatureCtrlMask setting on smu v14.0.x (git- fixes). * drm/amdgpu/gfx6: Support harvested SI chips with disabled TCCs (v2) (git- fixes). * drm/amdgpu/gfx9: drop unnecessary 64-bit fence flag check in KIQ (stable- fixes). * drm/amdgpu/gfx10: look at the right prop for gfx queue priority (git-fixes). * drm/amdgpu/gfx11: look at the right prop for gfx queue priority (git-fixes). * drm/amdgpu/gmc: Fix AMDGPU_GART_PLACEMENT_LOW to not overlap with VRAM (git- fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v2.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v2.5 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v3.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.3 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.5 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v5.0.0 ring (git-fixes). * drm/amdgpu/pm: add missing revision check for CI (git-fixes). * drm/amdgpu/pm: align Hawaii mclk workaround with radeon (git-fixes). * drm/amdgpu/pm: drop SMU driver if version not matched messages (stable- fixes). * drm/amdgpu/sdma4: replace BUG_ON with WARN_ON in fence emission (git-fixes). * drm/amdgpu/vce: Prevent partial address patches (stable-fixes). * drm/amdgpu/vcn3: Avoid overflow on msg bound check (git-fixes). * drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg (stable-fixes). * drm/amdgpu/vcn4: Avoid overflow on msg bound check (git-fixes). * drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg (stable-fixes). * drm/amdgpu/vcn4: Prevent OOB reads when parsing IB (stable-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v2.0 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v2.5 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v3.0 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0.3 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0.5 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v5.0.0 enc ring (git-fixes). * drm/amdgpu: Add bounds checking to ib_{get,set}_value (stable-fixes). * drm/amdgpu: Add default case in DVI mode validation (git-fixes). * drm/amdgpu: fix AMDGPU_INFO_READ_MMR_REG (git-fixes). * drm/amdgpu: fix the idr allocation flags (git-fixes). * drm/amdgpu: fix zero-size GDS range init on RDNA4 (stable-fixes). * drm/amdgpu: gate VM CPU HDP flush on reset lock (stable-fixes). * drm/amdgpu: replace PASID IDR with XArray (git-fixes). * drm/amdgpu: Use SMUIO 15.0.0 offsets for TSC upper and lower count (stable- fixes). * drm/amdgpu: zero-initialize GART table on allocation (stable-fixes). * drm/amdkfd: Add upper bound check for num_of_nodes (stable-fixes). * drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure (stable- fixes). * drm/amdkfd: Make all TLB-flushes heavy-weight (stable-fixes). * drm/amdkfd: validate SVM ioctl nattr against buffer size (stable-fixes). * drm/arcpgu: fix device node leak (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Add mode_valid hook to drm_bridge_funcs (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Handle HDCP state in bridge atomic check (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Set the mhdp connector earlier in atomic_enable() (git-fixes). * drm/bridge: stm_lvds: Do not fail atomic_check on disabled connector (git- fixes). * drm/etnaviv: Fix armed job not being pushed to the DRM scheduler (git- fixes). * drm/exynos: remove bridge when component_add fails (git-fixes). * drm/fb-helper: Fix clipping when damage area spans a single scanline (git- fixes). * drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() (git-fixes). * drm/gma500/oaktrail_hdmi: fix i2c adapter leak on setup (git-fixes). * drm/gma500/oaktrail_lvds: fix hang on init failure (git-fixes). * drm/gma500/oaktrail_lvds: fix i2c adapter leaks on init (git-fixes). * drm/i915/dp: Fix VSC dynamic range signaling for RGB formats (git-fixes). * drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (git- fixes). * drm/i915/wm: Verify the correct plane DDB entry (git-fixes). * drm/i915: skip __i915_request_skip() for already signaled requests (git- fixes). * drm/imagination: Switch reset_reason fields from enum to u32 (git-fixes). * drm/komeda: fix integer overflow in AFBC framebuffer size check (git-fixes). * drm/loongson: Use managed KMS polling (git-fixes). * drm/msm/a6xx: Fix dumping A650+ debugbus blocks (git-fixes). * drm/msm/a6xx: Fix HLSQ register dumping (git-fixes). * drm/msm/a6xx: Use barriers while updating HFI Q headers (git-fixes). * drm/msm/dpu: fix mismatch between power and frequency (git-fixes). * drm/msm/dsi: add the missing parameter description (git-fixes). * drm/msm/dsi: fix bits_per_pclk (git-fixes). * drm/msm/dsi: fix hdisplay calculation for CMD mode panel (git-fixes). * drm/msm/dsi: rename MSM8998 DSI version from V2_2_0 to V2_0_0 (git-fixes). * drm/msm/gem: fix error handling in msm_ioctl_gem_info_get_metadata() (git- fixes). * drm/msm/shrinker: Fix can_block() logic (git-fixes). * drm/msm: add missing MODULE_DEVICE_ID definitions (git-fixes). * drm/nouveau: fix nvkm_device leak on aperture removal failure (git-fixes). * drm/nouveau: fix u32 overflow in pushbuf reloc bounds check (git-fixes). * drm/panel: boe-tv101wum-nl6: restore MODE_LPM after sending disable cmds (git-fixes). * drm/panel: himax-hx83102: restore MODE_LPM after sending disable cmds (git- fixes). * drm/panel: sharp-ls043t1le01: make use of prepare_prev_first (git-fixes). * drm/panel: simple: Correct G190EAN01 prepare timing (git-fixes). * drm/panfrost: Fix wait_bo ioctl leaking positive return from dma_resv_wait_timeout() (git-fixes). * drm/panthor: Fix outdated function documentation (git-fixes). * drm/radeon: add missing revision check for CI (git-fixes). * drm/sun4i: backend: fix error pointer dereference (git-fixes). * drm/sun4i: Fix resource leaks (git-fixes). * drm/v3d: Handle error from drm_sched_entity_init() (git-fixes). * drm/vc4: Fix a memory leak in hang state error path (git-fixes). * drm/vc4: Fix memory leak of BO array in hang state (git-fixes). * drm/vc4: platform_get_irq_byname() returns an int (stable-fixes). * drm/vc4: Protect madv read in vc4_gem_object_mmap() with madv_lock (git- fixes). * drm/vc4: Release runtime PM reference after binding V3D (git-fixes). * drm/vram: remove DRM_VRAM_MM_FILE_OPERATIONS from docs (git-fixes). * drm/xe/bo: Fix bo leak on GGTT flag validation in xe_bo_init_locked() (git- fixes). * drm/xe/bo: Fix bo leak on unaligned size validation in xe_bo_init_locked() (git-fixes). * drm/xe/debugfs: Correct printing of register whitelist ranges (git-fixes). * drm/xe/dma-buf: handle empty bo and UAF races (git-fixes). * drm/xe/gsc: Fix BO leak on error in query_compatibility_version() (git- fixes). * drm/xe/uapi: update used tracking kernel-doc (git-fixes). * drm/xe: Fix dma-buf attachment leak in xe_gem_prime_import() (git-fixes). * drm/xe: Fix error cleanup in xe_exec_queue_create_ioctl() (git-fixes). * dt-bindings: net: Fix Tegra234 MGBE PTP clock (git-fixes). * efi/capsule-loader: fix incorrect sizeof in phys array reallocation (git- fixes). * efi: pstore: Drop efivar lock when efi_pstore_open() returns with an error (git-fixes). * ext4: fix fsync(2) for nojournal mode (git-fixes). * ext4: make recently_deleted() properly work with lazy itable initialization (git-fixes). * ext4: reject mount if bigalloc with s_first_data_block != 0 (git-fixes). * extcon: ptn5150: handle pending IRQ events during system resume (git-fixes). * fbdev: matroxfb: Mark variable with __maybe_unused to avoid W=1 build break (git-fixes). * fbdev: offb: fix PCI device reference leak on probe failure (git-fixes). * fbdev: tdfxfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (stable-fixes). * fbdev: udlfb: add vm_ops to dlfb_ops_mmap to prevent use-after-free (stable- fixes). * fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (git-fixes). * firmware: dmi: Correct an indexing error in dmi.h (git-fixes). * gpio: tegra: fix irq_release_resources calling enable instead of disable (git-fixes). * gtp: disable BH before calling udp_tunnel_xmit_skb() (git-fixes). * HID: alps: fix NULL pointer dereference in alps_raw_event() (git-fixes). * HID: asus: do not abort probe when not necessary (git-fixes). * HID: asus: make asus_resume adhere to linux kernel coding standards (git- fixes). * HID: core: clamp report_size in s32ton() to avoid undefined shift (stable- fixes). * HID: multitouch: Check to ensure report responses match the request (stable- fixes). * HID: playstation: Clamp num_touch_reports (git-fixes). * HID: quirks: add HID_QUIRK_ALWAYS_POLL for 8BitDo Pro 3 (stable-fixes). * HID: roccat: fix use-after-free in roccat_report_event (stable-fixes). * HID: usbhid: fix deadlock in hid_post_reset() (git-fixes). * HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq (stable-fixes). * hv_sock: fix ARM64 support (git-fixes). * hwmon: (ads7871) Fix endianness bug in 16-bit register reads (git-fixes). * hwmon: (corsair-psu) Close HID device on probe errors (git-fixes). * hwmon: (lm63) Add locking to avoid TOCTOU (git-fixes). * hwmon: (ltc2992) Clamp threshold writes to hardware range (git-fixes). * hwmon: (ltc2992) Fix u32 overflow in power read path (git-fixes). * i2c: s3c24xx: check the size of the SMBUS message before using it (stable- fixes). * i2c: smbus: reject oversized block transfers in the common path (git-fixes). * i2c: stm32f7: reinit_completion() per transfer not per msg (git-fixes). * i2c: stub: Reject I2C block transfers with invalid length (git-fixes). * i3c: master: Fix error codes at send_ccc_cmd (git-fixes). * i3c: mipi-i3c-hci: fix IBI payload length calculation for final status (git- fixes). * ibmveth: Disable GSO for packets with small MSS (bsc#1265144). * ice: set max queues in alloc_etherdev_mqs() (git-fixes). * iio: adc: ad7768-1: fix one-shot mode data acquisition (git-fixes). * iio: adc: ti-adc161s626: use DMA-safe memory for spi_read() (git-fixes). * iio: adc: ti-ads7950: use iio_push_to_buffers_with_ts_unaligned() (git- fixes). * Input: i8042 - add TUXEDO InfinityBook Max 16 Gen10 AMD to i8042 quirk table (stable-fixes). * Input: uinput - fix circular locking dependency with ff-core (git-fixes). * Input: uinput - take event lock when submitting FF request "event" (stable- fixes). * Input: xpad - add support for BETOP BTP-KP50B/C controller's wireless mode (stable-fixes). * Input: xpad - add support for Razer Wolverine V3 Pro (stable-fixes). * intel_idle: add Clearwater Forest SoC support (jsc#PED-10383). * ipmi: Add limits to event and receive message requests (git-fixes). * ipmi: Check event message buffer response for bad data (git-fixes). * ipmi: ssif_bmc: change log level to dbg in irq callback (git-fixes). * ipmi: ssif_bmc: fix message desynchronization after truncated response (git- fixes). * ipmi: ssif_bmc: fix missing check for copy_to_user() partial failure (git- fixes). * irqchip/irq-pic32-evic: Address warning related to wrong printf() formatter (git-fixes). * kdump, documentation: describe craskernel CMA reservation (jsc#PED-7249). * KVM: Reject wrapped offset in kvm_reset_dirty_gfn() (git-fixes). * KVM: SVM: Fix a missing kunmap_local() in sev_gmem_post_populate() (git- fixes). * KVM: SVM: Mark VMCB_NPT as dirty on nested VMRUN (git-fixes). * KVM: SVM: Mark VMCB_PERM_MAP as dirty on nested VMRUN (git-fixes). * KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE (bsc#1259461). * KVM: x86/mmu: Retry fault before acquiring mmu_lock if mapping is changing (bsc#1253122). * KVM: x86/xen: Fix cleanup logic in emulation of Xen schedop poll hypercalls (git-fixes). * KVM: x86: check for nEPT/nNPT in slow flush hypercalls (git-fixes). * KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (git- fixes). * KVM: x86: hyper-v: Validate all GVAs during PV TLB flush (git-fixes). * KVM: x86: Ignore cpuid faulting in SMM (git-fixes). * leds: lgm-sso: Remove duplicate assignments for priv->mmap (git-fixes). * leds: qcom-lpg: Check for array overflow when selecting the high resolution (stable-fixes). * lib/hexdump: print_hex_dump_bytes() calls print_hex_dump_debug() (git- fixes). * md/raid1: fix the comparing region of interval tree (bsc#1261555). * md/raid1: serialize overlap io for writemostly disk (bsc#1261555). * media: amphion: Fix race between m2m job_abort and device_run (git-fixes). * media: as102: fix to not free memory after the device is registered in as102_usb_probe() (git-fixes). * media: chips-media: wave5: add missing spinlock protection for handle_dynamic_resolution_change() (git-fixes). * media: chips-media: wave5: add missing spinlock protection for send_eos_event() (git-fixes). * media: chips-media: wave5: fix a potential memory leak in wave5_vdi_init() (git-fixes). * media: dib8000: avoid division by 0 in dib8000_set_dds() (git-fixes). * media: em28xx: fix use-after-free in em28xx_v4l2_open() (git-fixes). * media: hackrf: fix to not free memory after the device is registered in hackrf_probe() (git-fixes). * media: i2c: imx219: Check return value of devm_gpiod_get_optional() in imx219_probe() (git-fixes). * media: i2c: imx412: Assert reset GPIO during probe (git-fixes). * media: i2c: ov08d10: fix image vertical start setting (git-fixes). * media: i2c: ov8856: free control handler on error in ov8856_init_controls() (git-fixes). * media: intel/ipu6: fix error pointer dereference (git-fixes). * media: mtk-jpeg: fix use-after-free in release path due to uncancelled work (git-fixes). * media: nxp: imx8-isi: Reduce minimum queued buffers from 2 to 0 (git-fixes). * media: omap3isp: drop the use count of v4l2 pipeline (git-fixes). * media: pci: zoran: fix potential memory leak in zoran_probe() (git-fixes). * media: rc: streamzap: Error handling in probe (git-fixes). * media: rc: xbox_remote: heed DMA restrictions (git-fixes). * media: saa7164: add ioremap return checks and cleanups (git-fixes). * media: staging: imx: configure src_mux in csi_start (git-fixes). * media: staging: imx: request mbus_config in csi_start (git-fixes). * media: uvcvideo: Enable VB2_DMABUF for metadata stream (git-fixes). * media: videobuf2: Set vma_flags in vb2_dma_sg_mmap (git-fixes). * media: vidtv: fix nfeeds state corruption on start_streaming failure (git- fixes). * media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections (git-fixes). * media: vidtv: fix pass-by-value structs causing MSAN warnings (git-fixes). * memory: tegra30-emc: Fix dll_change check (git-fixes). * memory: tegra124-emc: Fix dll_change check (git-fixes). * mfd: mc13xxx-core: Fix memory leak in mc13xxx_add_subdevice_pdata() (git- fixes). * mkspec: Add signature to source list only when it exists. * mmc: sdhci-of-dwcmshc: Disable clock before DLL configuration (git-fixes). * mmc: vub300: fix NULL-deref on disconnect (git-fixes). * modpost: Amend ppc64 save/restfpr symnames for -Os build (bsc#1215199). * mtd: docg3: Convert to platform remove callback returning void (stable- fixes). * mtd: docg3: fix use-after-free in docg3_release() (git-fixes). * mtd: parsers: ofpart: call of_node_get() for dedicated subpartitions (git- fixes). * mtd: parsers: ofpart: call of_node_put() only in ofpart_fail path (git- fixes). * mtd: physmap_of_gemini: Fix disabled pinctrl state check (git-fixes). * mtd: rawnand: sunxi: fix sunxi_nfc_hw_ecc_read_extra_oob (git-fixes). * mtd: spi-nor: core: correct the op.dummy.nbytes when check read operations (git-fixes). * mtd: spi-nor: debugfs: fix out-of-bounds read in spi_nor_params_show() (git- fixes). * mtd: spi-nor: sst: Factor out common write operation to `sst_nor_write_data()` (stable-fixes). * mtd: spi-nor: sst: Fix SST write failure (git-fixes). * mtd: spi-nor: sst: Fix write enable before AAI sequence (git-fixes). * mtd: spi-nor: swp: check SR_TB flag when getting tb_mask (git-fixes). * net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * net/sched: cls_fw: fix NULL dereference of "old" filters before change() (git-fixes). * net/sched: fix pedit partial COW leading to page cache corruption (bsc#1265421). * net: gro: don't merge zcopy skbs (git-fixes). * net: mana: Add MAC address to vPort logs and clarify error messages (git- fixes). * net: mana: check xdp_rxq registration before unreg in mana_destroy_rxq() (git-fixes). * net: mana: Don't overwrite port probe error with add_adev result (git- fixes). * net: mana: Fix crash from unvalidated SHM offset read from BAR0 during FLR (bsc#1265846). * net: mana: Fix EQ leak in mana_remove on NULL port (git-fixes). * net: mana: Fix RX skb truesize accounting (bsc#1248754). * net: mana: fix use-after-free in mana_hwc_destroy_channel() by reordering teardown (git-fixes). * net: mana: Guard mana_remove against double invocation (git-fixes). * net: mana: hardening: Validate adapter_mtu from MANA_QUERY_DEV_CONFIG (git- fixes). * net: mana: hardening: Validate doorbell ID from GDMA_REGISTER_DEVICE response (git-fixes). * net: mana: Init gf_stats_work before potential error paths in probe (git- fixes). * net: mana: Init link_change_work before potential error paths in probe (git- fixes). * net: mana: remove double CQ cleanup in mana_create_rxq error path (git- fixes). * net: mana: Set default number of queues to 16 (bsc#1261648). * net: mana: Skip WQ object destruction for uninitialized RXQ (git-fixes). * net: mana: Use at least SZ_4K in doorbell ID range check (git-fixes). * net: mana: Use pci_name() for debugfs directory naming (git-fixes). * net: phy: dp83869: fix setting CLK_O_SEL field (git-fixes). * net: stmmac: Fix PTP ref clock for Tegra234 (git-fixes). * net: usb: asix: ax88772: re-add usbnet_link_change() in phylink callbacks (git-fixes). * net: usb: cdc-phonet: fix skb frags[] overflow in rx_complete() (git-fixes). * net: usb: rtl8150: fix use-after-free in rtl8150_start_xmit() (git-fixes). * net: usb: rtl8150: free skb on usb_submit_urb() failure in xmit (git-fixes). * net: wan: fsl_ucc_hdlc: fix ucc_hdlc_remove (git-fixes). * net: wan: fsl_ucc_hdlc: fix uhdlc_memclean (git-fixes). * net: wan: fsl_ucc_hdlc: free tx_skbuff in uhdlc_memclean (git-fixes). * NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (git- fixes). * nfc: llcp: add missing return after LLCP_CLOSED checks (git-fixes). * nfc: pn533: allocate rx skb before consuming bytes (git-fixes). * nfc: s3fwrn5: allocate rx skb before consuming bytes (git-fixes). * NFC: trf7970a: Ignore antenna noise when checking for RF field (git-fixes). * nvme-auth: Include SC_C in RVAL controller hash (bsc#1260428). * nvme-fabrics: use kfree_sensitive() for DHCHAP secrets (git-fixes). * nvme-loop: do not cancel I/O and admin tagset during ctrl reset/shutdown (bsc#1262709). * nvme-pci: cap queue creation to used queues (git-fixes). * nvme-pci: ensure we're polling a polled queue (git-fixes). * nvme: Allow reauth from sysfs (bsc#1259672). * nvme: Expose the tls_configured sysfs for secure concat connections (bsc#1259672). * nvme: expose TLS mode (bsc#1259672). * nvme: fix PCIe subsystem reset controller state transition (bsc#1261738). * nvmet-tcp: propagate nvmet_tcp_build_pdu_iovec() errors to its callers (git- fixes). * ocfs2: fix possible deadlock between unlink and dio_end_io_write (bsc#1258718). * ocfs2: split transactions in dio completion to avoid credit exhaustion (bsc#1258718). * Partial revert "x86/xen: fix balloon target initialization for PVH dom0" (bsc#1262599). * PCI/AER: Clear only error bits in PCIe Device Status (git-fixes). * PCI/AER: Stop ruling out unbound devices as error source (git-fixes). * PCI: dwc: Apply ECRC workaround to DesignWare 5.00a as well (git-fixes). * PCI: Enable AtomicOps only if Root Port supports them (git-fixes). * PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown (git-fixes). * PCI: hv: Set default NUMA node to 0 for devices without affinity info (git- fixes). * PCI: mediatek-gen3: Prevent leaking IRQ domains when IRQ not found (git- fixes). * PCI: tegra194: Allow system suspend when the Endpoint link is not up (git- fixes). * PCI: tegra194: Disable direct speed change for Endpoint mode (git-fixes). * PCI: tegra194: Disable LTSSM after transition to Detect on surprise link down (git-fixes). * PCI: tegra194: Disable PERST# IRQ only in Endpoint mode (git-fixes). * PCI: tegra194: Fix polling delay for L2 state (git-fixes). * PCI: tegra194: Increase LTSSM poll time on surprise link down (git-fixes). * PCI: tegra194: Set LTR message request before PCIe link up in Endpoint mode (git-fixes). * PCI: tegra194: Use devm_gpiod_get_optional() to parse "nvidia,refclk-select" (git-fixes). * PCI: tegra194: Use DWC IP core version (git-fixes). * pinctrl: abx500: Fix type of 'argument' variable (git-fixes). * pinctrl: Fix spelling problem (git-fixes). * pinctrl: intel: Fix the revision for new features (1kOhm PD, HW debouncer) (stable-fixes). * pinctrl: pic32: change all cases of bare 'unsigned' to 'unsigned int' (git- fixes). * pinctrl: pic32: use consistent spacing around '+' (git-fixes). * pinctrl: pinctrl-pic32: Fix resource leak (git-fixes). * platform/chrome: chromeos_tbmc: Drop wakeup source on remove (git-fixes). * platform/surface: surfacepro3_button: Drop wakeup source on remove (git- fixes). * platform/x86/amd: pmc: Add Thinkpad L14 Gen3 to quirk_s2idle_bug (stable- fixes). * platform/x86/intel-uncore-freq: Handle autonomous UFS status bit (git- fixes). * platform/x86/intel: power-domains: Add Clearwater Forest support (jsc#PED-16221). * platform/x86: dell-wmi-sysman: bound enumeration string aggregation (git- fixes). * platform/x86: dell_rbu: avoid uninit value usage in packet_size_write() (git-fixes). * platform/x86: hp-wmi: Ignore backlight and FnLock events (stable-fixes). * platform/x86: ISST: Add Clearwater Forest to support list (jsc#PED-16221). * platform/x86: panasonic-laptop: Fix OPTD notifier registration and cleanup (git-fixes). * power: supply: axp288_charger: Do not cancel work before initializing it (git-fixes). * power: supply: max17042: avoid overflow when determining health (git-fixes). * powerpc/crash: adjust the elfcorehdr size (jsc#PED-11175 git-fixes). * powerpc/crash: fix backup region offset update to elfcorehdr (bsc#1259535). * powerpc/crash: Update backup region offset in elfcorehdr on memory hotplug (bsc#1259535). * powerpc/kdump: Fix size calculation for hot-removed memory ranges (jsc#PED-11175 git-fixes). * RDMA/mana: Fix error unwind in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Fix mana_destroy_wq_obj() cleanup in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Validate rx_hash_key_len (git-fixes). * RDMA/mana_ib: cleanup the usage of mana_gd_send_request() (git-fixes). * RDMA/mana_ib: Disable RX steering on RSS QP destroy (git-fixes). * RDMA/mana_ib: Support memory windows (git-fixes). * regulator: act8945a: fix OF node reference imbalance (git-fixes). * regulator: bd9571mwv: fix OF node reference imbalance (git-fixes). * regulator: max77650: fix OF node reference imbalance (git-fixes). * regulator: mt6357: fix OF node reference imbalance (git-fixes). * remoteproc: xlnx: Only access buffer information if IPI is buffered (git- fixes). * Revert "ALSA: usb: Increase volume range that triggers a warning" (git- fixes). * rtc: abx80x: Disable alarm feature if no interrupt attached (git-fixes). * rtc: ntxec: fix OF node reference imbalance (git-fixes). * s390/dasd: Copy detected format information to secondary device (bsc#1259995). * s390/dasd: Fix gendisk parent after copy pair swap (bsc#1259995). * s390/dasd: Move quiesce state with pprc swap (bsc#1259995). * sched/balancing: Switch the 'DEFINE_SPINLOCK(balancing)' spinlock into an 'atomic_t sched_balance_running' flag (bsc#1253754). * sched/fair: Change likelyhood of nohz.nr_cpus (bsc#1234634 bsc#1258961). * sched/fair: Have SD_SERIALIZE affect newidle balancing (bsc#1253754). * sched/fair: Move checking for nohz cpus after time check (bsc#1234634 bsc#1258961). * sched/fair: Remove nohz.nr_cpus and use weight of cpumask instead (bsc#1234634 bsc#1258961). * sched/fair: Skip sched_balance_running cmpxchg when balance is not due (bsc#1253754). * scsi: lpfc: Add clean up of aborted NVMe commands during PCI fcn reset (bsc#1262019). * scsi: lpfc: Add log messages to fabric login error labels (bsc#1262019). * scsi: lpfc: Add PCI ID support for LPe42100 series adapters (bsc#1262019). * scsi: lpfc: Add REG_VFI mailbox cmd error handling (bsc#1262019). * scsi: lpfc: Break out of IRQ affinity assignment when mask reaches nr_cpu_ids (bsc#1262019). * scsi: lpfc: Check ASIC_ID register to aid diagnostics during failed fw updates (bsc#1262019). * scsi: lpfc: Cleanup error exit paths in lpfc_fdmi_cmd() and associated messages (bsc#1262019). * scsi: lpfc: ELIMINATE kernel-doc warnings in lpfc.h (bsc#1262019). * scsi: lpfc: Fix incorrect txcmplq_cnt during cleanup in lpfc_sli_abort_ring() (bsc#1262019). * scsi: lpfc: Introduce 128G link speed selection and support (bsc#1262019). * scsi: lpfc: Log discarded and insufficient RQE buffer events (bsc#1262019). * scsi: lpfc: Log MCQE contents for mbox commands with no context (bsc#1262019). * scsi: lpfc: Properly set WC for DPP mapping (bsc#1262019). * scsi: lpfc: Reduce pointer chasing when accessing vmid_flag (bsc#1262019). * scsi: lpfc: Remove deprecated PBDE feature (bsc#1262019). * scsi: lpfc: Remove unnecessary ndlp kref get in lpfc_check_nlp_post_devloss (bsc#1262019). * scsi: lpfc: Restrict first burst to non-FCoE and SLI4 adapters only (bsc#1262019). * scsi: lpfc: Select mailbox rq_create cmd version based on SLI4 if_type (bsc#1262019). * scsi: lpfc: Update class of service bit field to 3 bits for WQE submissions (bsc#1262019). * scsi: lpfc: Update construction of SGL when XPSGL is enabled (bsc#1262019). * scsi: lpfc: Update copyright year string for 2026 (bsc#1262019). * scsi: lpfc: Update log message when ndlp kref get is unsuccessful (bsc#1262019). * scsi: lpfc: Update lpfc version to 14.4.0.14 (bsc#1262019). * scsi: lpfc: Update lpfc version to 15.0.0.0 (bsc#1262019). * scsi: lpfc: Update outdated comment for renamed lpfc_freenode() (bsc#1262019). * scsi: lpfc: Use min_t() instead of min() in lpfc_sli4_driver_resource_setup (bsc#1262019). * scsi: storvsc: Handle PERSISTENT_RESERVE_IN truncation for Hyper-V vFC (git- fixes). * scsi: target: iscsi: validate CHAP_R length before base64 decode (bsc#1265449). * selftests/powerpc: make sub-folders buildable on their own (bsc#1261669 ltc#212590). * selftests/powerpc: Re-order *FLAGS to follow lib.mk (bsc#1261669 ltc#212590). * selftests/powerpc: Suppress -Wmaybe-uninitialized with GCC 15 (bsc#1261669 ltc#212590). * serial: 8250: Add serial8250_handle_irq_locked() (bsc#1262480). * serial: 8250: Protect LCR write in shutdown (bsc#1262480). * serial: 8250_dw: Avoid unnecessary LCR writes (bsc#1262480). * serial: 8250_dw: Ensure BUSY is deasserted (bsc#1262480). * serial: 8250_dw: Rework dw8250_handle_irq() locking and IIR handling (bsc#1262480). * serial: 8250_dw: Rework IIR_NO_INT handling to stop interrupt storm (bsc#1262480). * soc/tegra: cbb: Set ERD on resume for err interrupt (git-fixes). * soc: qcom: aoss: compare against normalized cooling state (git-fixes). * soc: qcom: llcc: fix v1 SB syndrome register offset (git-fixes). * sound: ua101: fix division by zero at probe (git-fixes). * soundwire: bus: demote UNATTACHED state warnings to dev_dbg() (git-fixes). * soundwire: cadence: Clear message complete before signaling waiting thread (git-fixes). * spi: at91-usart: fix controller deregistration (git-fixes). * spi: atmel: fix controller deregistration (git-fixes). * spi: cadence: fix controller deregistration (git-fixes). * spi: fix controller cleanup() documentation (git-fixes). * spi: fix misleading controller deregistration kernel-doc (git-fixes). * spi: fix misleading controller registration kernel-doc (git-fixes). * spi: fsl-qspi: Use reinit_completion() for repeated operations (git-fixes). * spi: hisi-kunpeng: prevent infinite while() loop in hisi_spi_flush_fifo (git-fixes). * spi: imx: fix runtime pm leak on probe deferral (git-fixes). * spi: imx: fix use-after-free on unbind (git-fixes). * spi: microchip-core-qspi: fix controller deregistration (git-fixes). * spi: microchip-core-qspi: Use helper function devm_clk_get_enabled() (stable-fixes). * spi: mpc52xx: fix use-after-free on unbind (git-fixes). * spi: mtk-nor: fix controller deregistration (git-fixes). * spi: mtk-snfi: unregister ECC engine on probe failure and remove() callback (git-fixes). * spi: omap2-mcspi: fix controller deregistration (git-fixes). * spi: orion: fix clock imbalance on registration failure (git-fixes). * spi: orion: fix runtime pm leak on unbind (git-fixes). * spi: rockchip: fix controller deregistration (git-fixes). * spi: rspi: fix controller deregistration (git-fixes). * spi: sh-hspi: fix controller deregistration (git-fixes). * spi: spi-ti-qspi: Convert to platform remove callback returning void (stable-fixes). * spi: sprd: fix controller deregistration (git-fixes). * spi: sun4i: fix controller deregistration (git-fixes). * spi: sun4i: switch to use modern name (stable-fixes). * spi: syncuacer: fix controller deregistration (git-fixes). * spi: synquacer: switch to use modern name (stable-fixes). * spi: uniphier: fix controller deregistration (git-fixes). * spi: uniphier: Simplify clock handling with devm_clk_get_enabled() (stable- fixes). * spi: uniphier: switch to use modern name (stable-fixes). * spi: zynq-qspi: switch to use modern name (stable-fixes). * spi: zynqmp-gqspi: fix controller deregistration (git-fixes). * staging: media: atomisp: Disallow all private IOCTLs (git-fixes). * staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify() (git-fixes). * staging: sm750fb: fix division by zero in ps_to_hz() (git-fixes). * staging: vme_user: added bound check to geoid (stable-fixes). * staging: vme_user: fix root device leak on init failure (git-fixes). * tg3: Fix race for querying speed/duplex (bsc#1257183). * tg3: replace placeholder MAC address with device property (git-fixes). * thermal/drivers/spear: Fix error condition for reading st,thermal-flags (git-fixes). * thermal/drivers/sprd: Fix raw temperature clamping in sprd_thm_rawdata_to_temp (git-fixes). * thermal/drivers/sprd: Fix temperature clamping in sprd_thm_temp_to_rawdata (git-fixes). * tpm: avoid -Wunused-but-set-variable (git-fixes). * tpm: tpm_tis: add error logging for data transfer (git-fixes). * tpm: tpm_tis: stop transmit if retries are exhausted (git-fixes). * tty: tty_io: update timestamps on all device nodes (bsc#1262020). * unshare: fix unshare_fs() handling (git-fixes). * USB: cdc-acm: Add quirks for Yoga Book 9 14IAH10 INGENIC touchscreen (stable-fixes). * usb: chipidea: core: allow ci_irq_handler() handle both ID and VBUS change (git-fixes). * usb: chipidea: otg: not wait vbus drop if use role_switch (git-fixes). * USB: core: add NO_LPM quirk for Razer Kiyo Pro webcam (stable-fixes). * usb: gadget: dummy_hcd: fix premature URB completion when ZLP follows partial transfer (stable-fixes). * usb: gadget: f_ncm: validate minimum block_len in ncm_unwrap_ntb() (git- fixes). * usb: gadget: f_phonet: fix skb frags[] overflow in pn_rx_complete() (stable- fixes). * usb: gadget: f_uac1_legacy: validate control request size (stable-fixes). * usb: gadget: renesas_usb3: validate endpoint index in standard request handlers (git-fixes). * USB: omap_udc: DMA: Don't enable burst 4 mode (git-fixes). * usb: port: add delay after usb_hub_set_port_power() (git-fixes). * usb: quirks: add DELAY_INIT quirk for another Silicon Motion flash drive (stable-fixes). * USB: serial: io_edgeport: add support for Blackbox IC135A (stable-fixes). * USB: serial: option: add MeiG Smart SRM825WN (stable-fixes). * USB: serial: option: add support for Rolling Wireless RW135R-GL (stable- fixes). * USB: serial: option: add Telit Cinterion FN990A MBIM composition (stable- fixes). * USB: serial: option: add Telit Cinterion LE910Cx compositions (stable- fixes). * usb: storage: Expand range of matched versions for VL817 quirks entry (stable-fixes). * usb: typec: tcpm: reset internal port states on soft reset AMS (git-fixes). * usb: ulpi: fix memory leak on ulpi_register() error paths (git-fixes). * usb: usblp: fix heap leak in IEEE 1284 device ID via short response (stable- fixes). * usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl (stable- fixes). * usb: xhci: Make usb_host_endpoint.hcpriv survive endpoint_disable() (git- fixes). * usbip: validate number_of_packets in usbip_pack_ret_submit() (git-fixes). * virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (git- fixes). * virt: tdx-guest: Return error for GetQuote failures (git-fixes). * wifi: ath5k: do not access array OOB (git-fixes). * wifi: ath9k: Fix typo (git-fixes). * wifi: ath11k: Pass the correct value of each TID during a stop AMPDU session (git-fixes). * wifi: ath11k: skip status ring entry processing (stable-fixes). * wifi: ath11k: Use dma_alloc_noncoherent for rx_tid buffer allocation (stable-fixes). * wifi: ath12k: fix leak in some ath12k_wmi_xxx() functions (git-fixes). * wifi: b43: enforce bounds check on firmware key index in b43_rx() (git- fixes). * wifi: b43legacy: enforce bounds check on firmware key index in RX path (git- fixes). * wifi: brcmfmac: Fix error pointer dereference (git-fixes). * wifi: brcmfmac: validate bsscfg indices in IF events (stable-fixes). * wifi: brcmsmac: Fix dma_free_coherent() size (git-fixes). * wifi: cw1200: Revert "Fix locking in error paths" (git-fixes). * wifi: libertas: notify firmware load wait on disconnect (git-fixes). * wifi: mac80211: check ieee80211_rx_data_set_link return in pubsta MLO path (git-fixes). * wifi: mac80211: check tdls flag in ieee80211_tdls_oper (stable-fixes). * wifi: mac80211: drop stray 'static' from fast-RX rx_result (git-fixes). * wifi: mac80211: handle VHT EXT NSS in ieee80211_determine_our_sta_mode() (git-fixes). * wifi: mac80211: remove station if connection prep fails (git-fixes). * wifi: mac80211: use safe list iteration in radar detect work (git-fixes). * wifi: mt76: mt792x: describe USB WFSYS reset with a descriptor (stable- fixes). * wifi: mt76: mt792x: fix mt7925u USB WFSYS reset handling (git-fixes). * wifi: mt76: mt7615: fix use_cts_prot support (git-fixes). * wifi: mt76: mt7915: fix use-after-free bugs in mt7915_mac_dump_work() (git- fixes). * wifi: mt76: mt7915: fix use_cts_prot support (git-fixes). * wifi: mt76: mt7921: fix 6GHz regulatory update on connection (git-fixes). * wifi: mt76: mt7921: fix a potential clc buffer length underflow (git-fixes). * wifi: mt76: mt7921: fix ROC abort flow interruption in mt7921_roc_work (git- fixes). * wifi: mt76: mt7921: Reset ampdu_state state in case of failure in mt76_connac2_tx_check_aggr() (git-fixes). * wifi: mt76: mt7925: fix incorrect length field in txpower command (git- fixes). * wifi: mt76: mt7996: fix FCS error flag check in RX descriptor (git-fixes). * wifi: mt76: mt7996: fix struct mt7996_mcu_uni_event (git-fixes). * wifi: mwifiex: Fix memory leak in mwifiex_11n_aggregate_pkt() (git-fixes). * wifi: nl80211: fix NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST usage (git- fixes). * wifi: nl80211: require admin perm on SET_PMK / DEL_PMK (git-fixes). * wifi: rsi: fix kthread lifetime race between self-exit and external-stop (git-fixes). * wifi: rt2x00usb: fix devres lifetime (git-fixes). * wifi: rtlwifi: pci: fix possible use-after-free caused by unfinished irq_prepare_bcn_tasklet (git-fixes). * wifi: rtw88: check for PCI upstream bridge existence (git-fixes). * wifi: rtw88: fix device leak on probe failure (git-fixes). * wifi: rtw89: phy: fix uninitialized variable access in rtw89_phy_cfo_set_crystal_cap() (git-fixes). * wifi: wl1251: validate packet IDs before indexing tx_frames (stable-fixes). * workqueue: Break up enum definitions and give names to the types (bsc#1260522). * workqueue: Clean up enum work_bits and related constants (bsc#1260522). * workqueue: Factor out work_grab_pending() from __cancel_work_sync() (bsc#1260522). * workqueue: Fix UBSAN 'subtraction overflow' error in shift_and_mask() (bsc#1260522). * workqueue: Implement disable/enable for (delayed) work items (bsc#1260522). * workqueue: Introduce work_cancel_flags (bsc#1260522). * workqueue: Make @flags handling consistent across set_work_data() and friends (bsc#1260522). * workqueue: Preserve OFFQ bits in cancel[_sync] paths (bsc#1260522). * workqueue: Rename __cancel_work_timer() to __cancel_timer_sync() (bsc#1260522). * workqueue: Reorganize flush and cancel[_sync] functions (bsc#1260522). * x86/boot/64: Clear most of CR4 in startup_64(), except PAE, MCE and LA57 (git-fixes). * x86/boot/sev: Avoid shared GHCB page for early memory acceptance (git- fixes). * x86/boot: Don't add the EFI stub to targets, again (git-fixes). * x86/boot: Fix page table access in 5-level to 4-level paging transition (git-fixes). * x86/CPU/AMD: Add models 0x60-0x6f to the Zen5 range (bsc#1263255). * x86/CPU/AMD: Add X86_FEATURE_ZEN6 (bsc#1263255). * x86/cpu: Remove X86_CR4_FRED from the CR4 pinned bits mask (git-fixes). * x86/cpufeatures: Free up unused feature bits (bsc#1263255). * x86/fred: Remove ENDBR64 from FRED entry points (git-fixes). * x86: KVM: Advertise CPUIDs for new instructions in Clearwater Forest (jsc#PED-16245). * X.509: Fix out-of-bounds access when parsing extensions (git-fixes). * Xarray: do not return sibling entries from xas_find_marked() (bsc#1263815). * xfrm: esp: avoid in-place decrypt on shared skb frags (bsc#1264449). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-2217=1 * SUSE Real Time Module 15-SP7 zypper in -t patch SUSE-SLE-Module-RT-15-SP7-2026-2217=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (x86_64) * kernel-livepatch-6_4_0-150700_7_54-rt-debuginfo-1-150700.1.3.1 * kernel-livepatch-SLE15-SP7-RT_Update_15-debugsource-1-150700.1.3.1 * kernel-livepatch-6_4_0-150700_7_54-rt-1-150700.1.3.1 * SUSE Real Time Module 15-SP7 (x86_64) * dlm-kmp-rt-6.4.0-150700.7.54.1 * ocfs2-kmp-rt-debuginfo-6.4.0-150700.7.54.1 * kernel-rt-devel-6.4.0-150700.7.54.1 * dlm-kmp-rt-debuginfo-6.4.0-150700.7.54.1 * kernel-rt-devel-debuginfo-6.4.0-150700.7.54.1 * kernel-rt-debuginfo-6.4.0-150700.7.54.1 * cluster-md-kmp-rt-debuginfo-6.4.0-150700.7.54.1 * kernel-rt-debugsource-6.4.0-150700.7.54.1 * gfs2-kmp-rt-6.4.0-150700.7.54.1 * kernel-syms-rt-6.4.0-150700.7.54.1 * ocfs2-kmp-rt-6.4.0-150700.7.54.1 * cluster-md-kmp-rt-6.4.0-150700.7.54.1 * gfs2-kmp-rt-debuginfo-6.4.0-150700.7.54.1 * SUSE Real Time Module 15-SP7 (noarch) * kernel-devel-rt-6.4.0-150700.7.54.1 * kernel-source-rt-6.4.0-150700.7.54.1 * SUSE Real Time Module 15-SP7 (nosrc x86_64) * kernel-rt-6.4.0-150700.7.54.1 ## References: * https://www.suse.com/security/cve/CVE-2023-20585.html * https://www.suse.com/security/cve/CVE-2025-40219.html * https://www.suse.com/security/cve/CVE-2025-68310.html * https://www.suse.com/security/cve/CVE-2025-71183.html * https://www.suse.com/security/cve/CVE-2025-71238.html * https://www.suse.com/security/cve/CVE-2026-23168.html * https://www.suse.com/security/cve/CVE-2026-23209.html * https://www.suse.com/security/cve/CVE-2026-23236.html * https://www.suse.com/security/cve/CVE-2026-23237.html * https://www.suse.com/security/cve/CVE-2026-23239.html * https://www.suse.com/security/cve/CVE-2026-23240.html * https://www.suse.com/security/cve/CVE-2026-23245.html * https://www.suse.com/security/cve/CVE-2026-23246.html * https://www.suse.com/security/cve/CVE-2026-23253.html * https://www.suse.com/security/cve/CVE-2026-23260.html * https://www.suse.com/security/cve/CVE-2026-23261.html * https://www.suse.com/security/cve/CVE-2026-23262.html * https://www.suse.com/security/cve/CVE-2026-23264.html * https://www.suse.com/security/cve/CVE-2026-23266.html * https://www.suse.com/security/cve/CVE-2026-23268.html * https://www.suse.com/security/cve/CVE-2026-23269.html * https://www.suse.com/security/cve/CVE-2026-23271.html * https://www.suse.com/security/cve/CVE-2026-23273.html * https://www.suse.com/security/cve/CVE-2026-23276.html * https://www.suse.com/security/cve/CVE-2026-23279.html * https://www.suse.com/security/cve/CVE-2026-23290.html * https://www.suse.com/security/cve/CVE-2026-23291.html * https://www.suse.com/security/cve/CVE-2026-23298.html * https://www.suse.com/security/cve/CVE-2026-23300.html * https://www.suse.com/security/cve/CVE-2026-23304.html * https://www.suse.com/security/cve/CVE-2026-23306.html * https://www.suse.com/security/cve/CVE-2026-23307.html * https://www.suse.com/security/cve/CVE-2026-23308.html * https://www.suse.com/security/cve/CVE-2026-23312.html * https://www.suse.com/security/cve/CVE-2026-23313.html * https://www.suse.com/security/cve/CVE-2026-23315.html * https://www.suse.com/security/cve/CVE-2026-23318.html * https://www.suse.com/security/cve/CVE-2026-23321.html * https://www.suse.com/security/cve/CVE-2026-23324.html * https://www.suse.com/security/cve/CVE-2026-23325.html * https://www.suse.com/security/cve/CVE-2026-23335.html * https://www.suse.com/security/cve/CVE-2026-23336.html * https://www.suse.com/security/cve/CVE-2026-23339.html * https://www.suse.com/security/cve/CVE-2026-23340.html * https://www.suse.com/security/cve/CVE-2026-23343.html * https://www.suse.com/security/cve/CVE-2026-23346.html * https://www.suse.com/security/cve/CVE-2026-23351.html * https://www.suse.com/security/cve/CVE-2026-23354.html * https://www.suse.com/security/cve/CVE-2026-23357.html * https://www.suse.com/security/cve/CVE-2026-23362.html * https://www.suse.com/security/cve/CVE-2026-23363.html * https://www.suse.com/security/cve/CVE-2026-23365.html * https://www.suse.com/security/cve/CVE-2026-23367.html * https://www.suse.com/security/cve/CVE-2026-23368.html * https://www.suse.com/security/cve/CVE-2026-23370.html * https://www.suse.com/security/cve/CVE-2026-23372.html * https://www.suse.com/security/cve/CVE-2026-23373.html * https://www.suse.com/security/cve/CVE-2026-23374.html * https://www.suse.com/security/cve/CVE-2026-23378.html * https://www.suse.com/security/cve/CVE-2026-23382.html * https://www.suse.com/security/cve/CVE-2026-23383.html * https://www.suse.com/security/cve/CVE-2026-23391.html * https://www.suse.com/security/cve/CVE-2026-23392.html * https://www.suse.com/security/cve/CVE-2026-23393.html * https://www.suse.com/security/cve/CVE-2026-23395.html * https://www.suse.com/security/cve/CVE-2026-23396.html * https://www.suse.com/security/cve/CVE-2026-23397.html * https://www.suse.com/security/cve/CVE-2026-23399.html * https://www.suse.com/security/cve/CVE-2026-23403.html * https://www.suse.com/security/cve/CVE-2026-23404.html * https://www.suse.com/security/cve/CVE-2026-23405.html * https://www.suse.com/security/cve/CVE-2026-23406.html * https://www.suse.com/security/cve/CVE-2026-23407.html * https://www.suse.com/security/cve/CVE-2026-23408.html * https://www.suse.com/security/cve/CVE-2026-23409.html * https://www.suse.com/security/cve/CVE-2026-23410.html * https://www.suse.com/security/cve/CVE-2026-23411.html * https://www.suse.com/security/cve/CVE-2026-23412.html * https://www.suse.com/security/cve/CVE-2026-23418.html * https://www.suse.com/security/cve/CVE-2026-23419.html * https://www.suse.com/security/cve/CVE-2026-23420.html * https://www.suse.com/security/cve/CVE-2026-23426.html * https://www.suse.com/security/cve/CVE-2026-23434.html * https://www.suse.com/security/cve/CVE-2026-23440.html * https://www.suse.com/security/cve/CVE-2026-23441.html * https://www.suse.com/security/cve/CVE-2026-23442.html * https://www.suse.com/security/cve/CVE-2026-23443.html * https://www.suse.com/security/cve/CVE-2026-23445.html * https://www.suse.com/security/cve/CVE-2026-23446.html * https://www.suse.com/security/cve/CVE-2026-23447.html * https://www.suse.com/security/cve/CVE-2026-23448.html * https://www.suse.com/security/cve/CVE-2026-23449.html * https://www.suse.com/security/cve/CVE-2026-23450.html * https://www.suse.com/security/cve/CVE-2026-23452.html * https://www.suse.com/security/cve/CVE-2026-23454.html * https://www.suse.com/security/cve/CVE-2026-23455.html * https://www.suse.com/security/cve/CVE-2026-23456.html * https://www.suse.com/security/cve/CVE-2026-23457.html * https://www.suse.com/security/cve/CVE-2026-23458.html * https://www.suse.com/security/cve/CVE-2026-23460.html * https://www.suse.com/security/cve/CVE-2026-23461.html * https://www.suse.com/security/cve/CVE-2026-23462.html * https://www.suse.com/security/cve/CVE-2026-23463.html * https://www.suse.com/security/cve/CVE-2026-23465.html * https://www.suse.com/security/cve/CVE-2026-23466.html * https://www.suse.com/security/cve/CVE-2026-23468.html * https://www.suse.com/security/cve/CVE-2026-23470.html * https://www.suse.com/security/cve/CVE-2026-23472.html * https://www.suse.com/security/cve/CVE-2026-23473.html * https://www.suse.com/security/cve/CVE-2026-23474.html * https://www.suse.com/security/cve/CVE-2026-23475.html * https://www.suse.com/security/cve/CVE-2026-31389.html * https://www.suse.com/security/cve/CVE-2026-31392.html * https://www.suse.com/security/cve/CVE-2026-31393.html * https://www.suse.com/security/cve/CVE-2026-31394.html * https://www.suse.com/security/cve/CVE-2026-31395.html * https://www.suse.com/security/cve/CVE-2026-31400.html * https://www.suse.com/security/cve/CVE-2026-31402.html * https://www.suse.com/security/cve/CVE-2026-31403.html * https://www.suse.com/security/cve/CVE-2026-31404.html * https://www.suse.com/security/cve/CVE-2026-31405.html * https://www.suse.com/security/cve/CVE-2026-31407.html * https://www.suse.com/security/cve/CVE-2026-31408.html * https://www.suse.com/security/cve/CVE-2026-31411.html * https://www.suse.com/security/cve/CVE-2026-31412.html * https://www.suse.com/security/cve/CVE-2026-31415.html * https://www.suse.com/security/cve/CVE-2026-31416.html * https://www.suse.com/security/cve/CVE-2026-31417.html * https://www.suse.com/security/cve/CVE-2026-31420.html * https://www.suse.com/security/cve/CVE-2026-31421.html * https://www.suse.com/security/cve/CVE-2026-31422.html * https://www.suse.com/security/cve/CVE-2026-31423.html * https://www.suse.com/security/cve/CVE-2026-31424.html * https://www.suse.com/security/cve/CVE-2026-31425.html * https://www.suse.com/security/cve/CVE-2026-31426.html * https://www.suse.com/security/cve/CVE-2026-31427.html * https://www.suse.com/security/cve/CVE-2026-31428.html * https://www.suse.com/security/cve/CVE-2026-31436.html * https://www.suse.com/security/cve/CVE-2026-31449.html * https://www.suse.com/security/cve/CVE-2026-31470.html * https://www.suse.com/security/cve/CVE-2026-31488.html * https://www.suse.com/security/cve/CVE-2026-31494.html * https://www.suse.com/security/cve/CVE-2026-31496.html * https://www.suse.com/security/cve/CVE-2026-31504.html * https://www.suse.com/security/cve/CVE-2026-31505.html * https://www.suse.com/security/cve/CVE-2026-31507.html * https://www.suse.com/security/cve/CVE-2026-31512.html * https://www.suse.com/security/cve/CVE-2026-31515.html * https://www.suse.com/security/cve/CVE-2026-31519.html * https://www.suse.com/security/cve/CVE-2026-31525.html * https://www.suse.com/security/cve/CVE-2026-31528.html * https://www.suse.com/security/cve/CVE-2026-31533.html * https://www.suse.com/security/cve/CVE-2026-31547.html * https://www.suse.com/security/cve/CVE-2026-31550.html * https://www.suse.com/security/cve/CVE-2026-31565.html * https://www.suse.com/security/cve/CVE-2026-31570.html * https://www.suse.com/security/cve/CVE-2026-31586.html * https://www.suse.com/security/cve/CVE-2026-31588.html * https://www.suse.com/security/cve/CVE-2026-31602.html * https://www.suse.com/security/cve/CVE-2026-31607.html * https://www.suse.com/security/cve/CVE-2026-31622.html * https://www.suse.com/security/cve/CVE-2026-31649.html * https://www.suse.com/security/cve/CVE-2026-31656.html * https://www.suse.com/security/cve/CVE-2026-31662.html * https://www.suse.com/security/cve/CVE-2026-31668.html * https://www.suse.com/security/cve/CVE-2026-31669.html * https://www.suse.com/security/cve/CVE-2026-31675.html * https://www.suse.com/security/cve/CVE-2026-31679.html * https://www.suse.com/security/cve/CVE-2026-31681.html * https://www.suse.com/security/cve/CVE-2026-31682.html * https://www.suse.com/security/cve/CVE-2026-31684.html * https://www.suse.com/security/cve/CVE-2026-31685.html * https://www.suse.com/security/cve/CVE-2026-31694.html * https://www.suse.com/security/cve/CVE-2026-31700.html * https://www.suse.com/security/cve/CVE-2026-31738.html * https://www.suse.com/security/cve/CVE-2026-31787.html * https://www.suse.com/security/cve/CVE-2026-43009.html * https://www.suse.com/security/cve/CVE-2026-43025.html * https://www.suse.com/security/cve/CVE-2026-43027.html * https://www.suse.com/security/cve/CVE-2026-43037.html * https://www.suse.com/security/cve/CVE-2026-43038.html * https://www.suse.com/security/cve/CVE-2026-43044.html * https://www.suse.com/security/cve/CVE-2026-43050.html * https://www.suse.com/security/cve/CVE-2026-43060.html * https://www.suse.com/security/cve/CVE-2026-43088.html * https://www.suse.com/security/cve/CVE-2026-43110.html * https://www.suse.com/security/cve/CVE-2026-43120.html * https://www.suse.com/security/cve/CVE-2026-43126.html * https://www.suse.com/security/cve/CVE-2026-43190.html * https://www.suse.com/security/cve/CVE-2026-43214.html * https://www.suse.com/security/cve/CVE-2026-43265.html * https://www.suse.com/security/cve/CVE-2026-43329.html * https://www.suse.com/security/cve/CVE-2026-43330.html * https://www.suse.com/security/cve/CVE-2026-43334.html * https://www.suse.com/security/cve/CVE-2026-43365.html * https://www.suse.com/security/cve/CVE-2026-43366.html * https://www.suse.com/security/cve/CVE-2026-43419.html * https://www.suse.com/security/cve/CVE-2026-43437.html * https://www.suse.com/security/cve/CVE-2026-43441.html * https://www.suse.com/security/cve/CVE-2026-43494.html * https://www.suse.com/security/cve/CVE-2026-43503.html * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1225897 * https://bugzilla.suse.com/show_bug.cgi?id=1234634 * https://bugzilla.suse.com/show_bug.cgi?id=1237452 * https://bugzilla.suse.com/show_bug.cgi?id=1241166 * https://bugzilla.suse.com/show_bug.cgi?id=1243603 * https://bugzilla.suse.com/show_bug.cgi?id=1248754 * https://bugzilla.suse.com/show_bug.cgi?id=1249104 * https://bugzilla.suse.com/show_bug.cgi?id=1253122 * https://bugzilla.suse.com/show_bug.cgi?id=1253754 * https://bugzilla.suse.com/show_bug.cgi?id=1254518 * https://bugzilla.suse.com/show_bug.cgi?id=1255160 * https://bugzilla.suse.com/show_bug.cgi?id=1255752 * https://bugzilla.suse.com/show_bug.cgi?id=1256863 * https://bugzilla.suse.com/show_bug.cgi?id=1257183 * https://bugzilla.suse.com/show_bug.cgi?id=1257631 * https://bugzilla.suse.com/show_bug.cgi?id=1258518 * https://bugzilla.suse.com/show_bug.cgi?id=1258718 * https://bugzilla.suse.com/show_bug.cgi?id=1258826 * https://bugzilla.suse.com/show_bug.cgi?id=1258849 * https://bugzilla.suse.com/show_bug.cgi?id=1258850 * https://bugzilla.suse.com/show_bug.cgi?id=1258854 * https://bugzilla.suse.com/show_bug.cgi?id=1258855 * https://bugzilla.suse.com/show_bug.cgi?id=1258856 * https://bugzilla.suse.com/show_bug.cgi?id=1258857 * https://bugzilla.suse.com/show_bug.cgi?id=1258961 * https://bugzilla.suse.com/show_bug.cgi?id=1259186 * https://bugzilla.suse.com/show_bug.cgi?id=1259199 * https://bugzilla.suse.com/show_bug.cgi?id=1259222 * https://bugzilla.suse.com/show_bug.cgi?id=1259461 * https://bugzilla.suse.com/show_bug.cgi?id=1259484 * https://bugzilla.suse.com/show_bug.cgi?id=1259485 * https://bugzilla.suse.com/show_bug.cgi?id=1259535 * https://bugzilla.suse.com/show_bug.cgi?id=1259672 * https://bugzilla.suse.com/show_bug.cgi?id=1259799 * https://bugzilla.suse.com/show_bug.cgi?id=1259806 * https://bugzilla.suse.com/show_bug.cgi?id=1259857 * https://bugzilla.suse.com/show_bug.cgi?id=1259868 * https://bugzilla.suse.com/show_bug.cgi?id=1259869 * https://bugzilla.suse.com/show_bug.cgi?id=1259870 * https://bugzilla.suse.com/show_bug.cgi?id=1259871 * https://bugzilla.suse.com/show_bug.cgi?id=1259873 * https://bugzilla.suse.com/show_bug.cgi?id=1259878 * https://bugzilla.suse.com/show_bug.cgi?id=1259995 * https://bugzilla.suse.com/show_bug.cgi?id=1260010 * https://bugzilla.suse.com/show_bug.cgi?id=1260012 * https://bugzilla.suse.com/show_bug.cgi?id=1260018 * https://bugzilla.suse.com/show_bug.cgi?id=1260428 * https://bugzilla.suse.com/show_bug.cgi?id=1260468 * https://bugzilla.suse.com/show_bug.cgi?id=1260483 * https://bugzilla.suse.com/show_bug.cgi?id=1260484 * https://bugzilla.suse.com/show_bug.cgi?id=1260485 * https://bugzilla.suse.com/show_bug.cgi?id=1260489 * https://bugzilla.suse.com/show_bug.cgi?id=1260497 * https://bugzilla.suse.com/show_bug.cgi?id=1260501 * https://bugzilla.suse.com/show_bug.cgi?id=1260504 * https://bugzilla.suse.com/show_bug.cgi?id=1260505 * https://bugzilla.suse.com/show_bug.cgi?id=1260507 * https://bugzilla.suse.com/show_bug.cgi?id=1260522 * https://bugzilla.suse.com/show_bug.cgi?id=1260523 * https://bugzilla.suse.com/show_bug.cgi?id=1260526 * https://bugzilla.suse.com/show_bug.cgi?id=1260527 * https://bugzilla.suse.com/show_bug.cgi?id=1260528 * https://bugzilla.suse.com/show_bug.cgi?id=1260529 * https://bugzilla.suse.com/show_bug.cgi?id=1260530 * https://bugzilla.suse.com/show_bug.cgi?id=1260531 * https://bugzilla.suse.com/show_bug.cgi?id=1260532 * https://bugzilla.suse.com/show_bug.cgi?id=1260533 * https://bugzilla.suse.com/show_bug.cgi?id=1260536 * https://bugzilla.suse.com/show_bug.cgi?id=1260537 * https://bugzilla.suse.com/show_bug.cgi?id=1260538 * https://bugzilla.suse.com/show_bug.cgi?id=1260541 * https://bugzilla.suse.com/show_bug.cgi?id=1260544 * https://bugzilla.suse.com/show_bug.cgi?id=1260546 * https://bugzilla.suse.com/show_bug.cgi?id=1260549 * https://bugzilla.suse.com/show_bug.cgi?id=1260550 * https://bugzilla.suse.com/show_bug.cgi?id=1260551 * https://bugzilla.suse.com/show_bug.cgi?id=1260552 * https://bugzilla.suse.com/show_bug.cgi?id=1260553 * https://bugzilla.suse.com/show_bug.cgi?id=1260555 * https://bugzilla.suse.com/show_bug.cgi?id=1260561 * https://bugzilla.suse.com/show_bug.cgi?id=1260566 * https://bugzilla.suse.com/show_bug.cgi?id=1260572 * https://bugzilla.suse.com/show_bug.cgi?id=1260580 * https://bugzilla.suse.com/show_bug.cgi?id=1260581 * https://bugzilla.suse.com/show_bug.cgi?id=1260728 * https://bugzilla.suse.com/show_bug.cgi?id=1260729 * https://bugzilla.suse.com/show_bug.cgi?id=1260731 * https://bugzilla.suse.com/show_bug.cgi?id=1260800 * https://bugzilla.suse.com/show_bug.cgi?id=1260801 * https://bugzilla.suse.com/show_bug.cgi?id=1260811 * https://bugzilla.suse.com/show_bug.cgi?id=1260989 * https://bugzilla.suse.com/show_bug.cgi?id=1261020 * https://bugzilla.suse.com/show_bug.cgi?id=1261287 * https://bugzilla.suse.com/show_bug.cgi?id=1261295 * https://bugzilla.suse.com/show_bug.cgi?id=1261348 * https://bugzilla.suse.com/show_bug.cgi?id=1261412 * https://bugzilla.suse.com/show_bug.cgi?id=1261503 * https://bugzilla.suse.com/show_bug.cgi?id=1261504 * https://bugzilla.suse.com/show_bug.cgi?id=1261505 * https://bugzilla.suse.com/show_bug.cgi?id=1261507 * https://bugzilla.suse.com/show_bug.cgi?id=1261555 * https://bugzilla.suse.com/show_bug.cgi?id=1261581 * https://bugzilla.suse.com/show_bug.cgi?id=1261582 * https://bugzilla.suse.com/show_bug.cgi?id=1261584 * https://bugzilla.suse.com/show_bug.cgi?id=1261585 * https://bugzilla.suse.com/show_bug.cgi?id=1261601 * https://bugzilla.suse.com/show_bug.cgi?id=1261602 * https://bugzilla.suse.com/show_bug.cgi?id=1261618 * https://bugzilla.suse.com/show_bug.cgi?id=1261628 * https://bugzilla.suse.com/show_bug.cgi?id=1261632 * https://bugzilla.suse.com/show_bug.cgi?id=1261636 * https://bugzilla.suse.com/show_bug.cgi?id=1261637 * https://bugzilla.suse.com/show_bug.cgi?id=1261638 * https://bugzilla.suse.com/show_bug.cgi?id=1261641 * https://bugzilla.suse.com/show_bug.cgi?id=1261644 * https://bugzilla.suse.com/show_bug.cgi?id=1261645 * https://bugzilla.suse.com/show_bug.cgi?id=1261648 * https://bugzilla.suse.com/show_bug.cgi?id=1261669 * https://bugzilla.suse.com/show_bug.cgi?id=1261679 * https://bugzilla.suse.com/show_bug.cgi?id=1261685 * https://bugzilla.suse.com/show_bug.cgi?id=1261686 * https://bugzilla.suse.com/show_bug.cgi?id=1261687 * https://bugzilla.suse.com/show_bug.cgi?id=1261692 * https://bugzilla.suse.com/show_bug.cgi?id=1261694 * https://bugzilla.suse.com/show_bug.cgi?id=1261700 * https://bugzilla.suse.com/show_bug.cgi?id=1261702 * https://bugzilla.suse.com/show_bug.cgi?id=1261703 * https://bugzilla.suse.com/show_bug.cgi?id=1261707 * https://bugzilla.suse.com/show_bug.cgi?id=1261710 * https://bugzilla.suse.com/show_bug.cgi?id=1261713 * https://bugzilla.suse.com/show_bug.cgi?id=1261714 * https://bugzilla.suse.com/show_bug.cgi?id=1261719 * https://bugzilla.suse.com/show_bug.cgi?id=1261738 * https://bugzilla.suse.com/show_bug.cgi?id=1261750 * https://bugzilla.suse.com/show_bug.cgi?id=1261751 * https://bugzilla.suse.com/show_bug.cgi?id=1261752 * https://bugzilla.suse.com/show_bug.cgi?id=1261768 * https://bugzilla.suse.com/show_bug.cgi?id=1261778 * https://bugzilla.suse.com/show_bug.cgi?id=1261779 * https://bugzilla.suse.com/show_bug.cgi?id=1261780 * https://bugzilla.suse.com/show_bug.cgi?id=1261781 * https://bugzilla.suse.com/show_bug.cgi?id=1261786 * https://bugzilla.suse.com/show_bug.cgi?id=1261788 * https://bugzilla.suse.com/show_bug.cgi?id=1261789 * https://bugzilla.suse.com/show_bug.cgi?id=1261796 * https://bugzilla.suse.com/show_bug.cgi?id=1261797 * https://bugzilla.suse.com/show_bug.cgi?id=1261896 * https://bugzilla.suse.com/show_bug.cgi?id=1262019 * https://bugzilla.suse.com/show_bug.cgi?id=1262020 * https://bugzilla.suse.com/show_bug.cgi?id=1262053 * https://bugzilla.suse.com/show_bug.cgi?id=1262054 * https://bugzilla.suse.com/show_bug.cgi?id=1262055 * https://bugzilla.suse.com/show_bug.cgi?id=1262061 * https://bugzilla.suse.com/show_bug.cgi?id=1262063 * https://bugzilla.suse.com/show_bug.cgi?id=1262074 * https://bugzilla.suse.com/show_bug.cgi?id=1262078 * https://bugzilla.suse.com/show_bug.cgi?id=1262086 * https://bugzilla.suse.com/show_bug.cgi?id=1262087 * https://bugzilla.suse.com/show_bug.cgi?id=1262099 * https://bugzilla.suse.com/show_bug.cgi?id=1262100 * https://bugzilla.suse.com/show_bug.cgi?id=1262101 * https://bugzilla.suse.com/show_bug.cgi?id=1262179 * https://bugzilla.suse.com/show_bug.cgi?id=1262181 * https://bugzilla.suse.com/show_bug.cgi?id=1262250 * https://bugzilla.suse.com/show_bug.cgi?id=1262480 * https://bugzilla.suse.com/show_bug.cgi?id=1262526 * https://bugzilla.suse.com/show_bug.cgi?id=1262599 * https://bugzilla.suse.com/show_bug.cgi?id=1262602 * https://bugzilla.suse.com/show_bug.cgi?id=1262616 * https://bugzilla.suse.com/show_bug.cgi?id=1262665 * https://bugzilla.suse.com/show_bug.cgi?id=1262671 * https://bugzilla.suse.com/show_bug.cgi?id=1262673 * https://bugzilla.suse.com/show_bug.cgi?id=1262709 * https://bugzilla.suse.com/show_bug.cgi?id=1262725 * https://bugzilla.suse.com/show_bug.cgi?id=1262731 * https://bugzilla.suse.com/show_bug.cgi?id=1262734 * https://bugzilla.suse.com/show_bug.cgi?id=1262746 * https://bugzilla.suse.com/show_bug.cgi?id=1262752 * https://bugzilla.suse.com/show_bug.cgi?id=1262758 * https://bugzilla.suse.com/show_bug.cgi?id=1263001 * https://bugzilla.suse.com/show_bug.cgi?id=1263012 * https://bugzilla.suse.com/show_bug.cgi?id=1263018 * https://bugzilla.suse.com/show_bug.cgi?id=1263064 * https://bugzilla.suse.com/show_bug.cgi?id=1263065 * https://bugzilla.suse.com/show_bug.cgi?id=1263085 * https://bugzilla.suse.com/show_bug.cgi?id=1263093 * https://bugzilla.suse.com/show_bug.cgi?id=1263095 * https://bugzilla.suse.com/show_bug.cgi?id=1263104 * https://bugzilla.suse.com/show_bug.cgi?id=1263131 * https://bugzilla.suse.com/show_bug.cgi?id=1263140 * https://bugzilla.suse.com/show_bug.cgi?id=1263141 * https://bugzilla.suse.com/show_bug.cgi?id=1263149 * https://bugzilla.suse.com/show_bug.cgi?id=1263165 * https://bugzilla.suse.com/show_bug.cgi?id=1263170 * https://bugzilla.suse.com/show_bug.cgi?id=1263176 * https://bugzilla.suse.com/show_bug.cgi?id=1263255 * https://bugzilla.suse.com/show_bug.cgi?id=1263556 * https://bugzilla.suse.com/show_bug.cgi?id=1263582 * https://bugzilla.suse.com/show_bug.cgi?id=1263592 * https://bugzilla.suse.com/show_bug.cgi?id=1263593 * https://bugzilla.suse.com/show_bug.cgi?id=1263595 * https://bugzilla.suse.com/show_bug.cgi?id=1263596 * https://bugzilla.suse.com/show_bug.cgi?id=1263600 * https://bugzilla.suse.com/show_bug.cgi?id=1263668 * https://bugzilla.suse.com/show_bug.cgi?id=1263723 * https://bugzilla.suse.com/show_bug.cgi?id=1263797 * https://bugzilla.suse.com/show_bug.cgi?id=1263815 * https://bugzilla.suse.com/show_bug.cgi?id=1263877 * https://bugzilla.suse.com/show_bug.cgi?id=1263882 * https://bugzilla.suse.com/show_bug.cgi?id=1263901 * https://bugzilla.suse.com/show_bug.cgi?id=1263931 * https://bugzilla.suse.com/show_bug.cgi?id=1263933 * https://bugzilla.suse.com/show_bug.cgi?id=1263995 * https://bugzilla.suse.com/show_bug.cgi?id=1264014 * https://bugzilla.suse.com/show_bug.cgi?id=1264059 * https://bugzilla.suse.com/show_bug.cgi?id=1264082 * https://bugzilla.suse.com/show_bug.cgi?id=1264087 * https://bugzilla.suse.com/show_bug.cgi?id=1264097 * https://bugzilla.suse.com/show_bug.cgi?id=1264183 * https://bugzilla.suse.com/show_bug.cgi?id=1264427 * https://bugzilla.suse.com/show_bug.cgi?id=1264449 * https://bugzilla.suse.com/show_bug.cgi?id=1264469 * https://bugzilla.suse.com/show_bug.cgi?id=1264482 * https://bugzilla.suse.com/show_bug.cgi?id=1264634 * https://bugzilla.suse.com/show_bug.cgi?id=1264651 * https://bugzilla.suse.com/show_bug.cgi?id=1264661 * https://bugzilla.suse.com/show_bug.cgi?id=1264674 * https://bugzilla.suse.com/show_bug.cgi?id=1264801 * https://bugzilla.suse.com/show_bug.cgi?id=1264848 * https://bugzilla.suse.com/show_bug.cgi?id=1265085 * https://bugzilla.suse.com/show_bug.cgi?id=1265090 * https://bugzilla.suse.com/show_bug.cgi?id=1265116 * https://bugzilla.suse.com/show_bug.cgi?id=1265119 * https://bugzilla.suse.com/show_bug.cgi?id=1265126 * https://bugzilla.suse.com/show_bug.cgi?id=1265144 * https://bugzilla.suse.com/show_bug.cgi?id=1265421 * https://bugzilla.suse.com/show_bug.cgi?id=1265449 * https://bugzilla.suse.com/show_bug.cgi?id=1265456 * https://bugzilla.suse.com/show_bug.cgi?id=1265626 * https://bugzilla.suse.com/show_bug.cgi?id=1265846 * https://bugzilla.suse.com/show_bug.cgi?id=1265960 * https://jira.suse.com/browse/PED-10383 * https://jira.suse.com/browse/PED-10664 * https://jira.suse.com/browse/PED-11175 * https://jira.suse.com/browse/PED-16221 * https://jira.suse.com/browse/PED-16245 * https://jira.suse.com/browse/PED-7249 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 12:36:42 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 12:36:42 -0000 Subject: SUSE-SU-2026:2219-1: important: Security update for python-Twisted Message-ID: <178040380286.1312.16187940155745697752@28a6f8bc0cea> # Security update for python-Twisted Announcement ID: SUSE-SU-2026:2219-1 Release Date: 2026-06-02T06:02:09Z Rating: important References: * bsc#1265265 Cross-References: * CVE-2026-42304 CVSS scores: * CVE-2026-42304 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42304 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * Public Cloud Module 15-SP4 * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python-Twisted fixes the following issue * CVE-2026-42304: Prior to 26.4.0rc2, the twisted.names module is vulnerable to a Denial of Service (DoS) attack via resource exhaustion during DNS name decompression (bsc#1265265). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2219=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2026-2219=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2219=1 * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-2219=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2219=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2219=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2219=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2219=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2219=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2219=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2219=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2219=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2219=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-Twisted-contextvars-22.10.0-150400.5.26.1 * python311-Twisted-conch_nacl-22.10.0-150400.5.26.1 * python311-Twisted-all_non_platform-22.10.0-150400.5.26.1 * python311-Twisted-serial-22.10.0-150400.5.26.1 * python311-Twisted-tls-22.10.0-150400.5.26.1 * python311-Twisted-conch-22.10.0-150400.5.26.1 * python311-Twisted-http2-22.10.0-150400.5.26.1 * python311-Twisted-22.10.0-150400.5.26.1 * Public Cloud Module 15-SP4 (noarch) * python311-Twisted-22.10.0-150400.5.26.1 * python311-Twisted-tls-22.10.0-150400.5.26.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * python311-Twisted-contextvars-22.10.0-150400.5.26.1 * python311-Twisted-conch_nacl-22.10.0-150400.5.26.1 * python311-Twisted-all_non_platform-22.10.0-150400.5.26.1 * python311-Twisted-tls-22.10.0-150400.5.26.1 * python311-Twisted-serial-22.10.0-150400.5.26.1 * python311-Twisted-conch-22.10.0-150400.5.26.1 * python311-Twisted-http2-22.10.0-150400.5.26.1 * python311-Twisted-22.10.0-150400.5.26.1 * Python 3 Module 15-SP7 (noarch) * python311-Twisted-contextvars-22.10.0-150400.5.26.1 * python311-Twisted-conch_nacl-22.10.0-150400.5.26.1 * python311-Twisted-all_non_platform-22.10.0-150400.5.26.1 * python311-Twisted-serial-22.10.0-150400.5.26.1 * python311-Twisted-tls-22.10.0-150400.5.26.1 * python311-Twisted-conch-22.10.0-150400.5.26.1 * python311-Twisted-http2-22.10.0-150400.5.26.1 * python311-Twisted-22.10.0-150400.5.26.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * python311-Twisted-contextvars-22.10.0-150400.5.26.1 * python311-Twisted-conch_nacl-22.10.0-150400.5.26.1 * python311-Twisted-all_non_platform-22.10.0-150400.5.26.1 * python311-Twisted-tls-22.10.0-150400.5.26.1 * python311-Twisted-serial-22.10.0-150400.5.26.1 * python311-Twisted-conch-22.10.0-150400.5.26.1 * python311-Twisted-http2-22.10.0-150400.5.26.1 * python311-Twisted-22.10.0-150400.5.26.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * python311-Twisted-contextvars-22.10.0-150400.5.26.1 * python311-Twisted-conch_nacl-22.10.0-150400.5.26.1 * python311-Twisted-all_non_platform-22.10.0-150400.5.26.1 * python311-Twisted-serial-22.10.0-150400.5.26.1 * python311-Twisted-tls-22.10.0-150400.5.26.1 * python311-Twisted-conch-22.10.0-150400.5.26.1 * python311-Twisted-http2-22.10.0-150400.5.26.1 * python311-Twisted-22.10.0-150400.5.26.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * python311-Twisted-contextvars-22.10.0-150400.5.26.1 * python311-Twisted-conch_nacl-22.10.0-150400.5.26.1 * python311-Twisted-all_non_platform-22.10.0-150400.5.26.1 * python311-Twisted-serial-22.10.0-150400.5.26.1 * python311-Twisted-tls-22.10.0-150400.5.26.1 * python311-Twisted-conch-22.10.0-150400.5.26.1 * python311-Twisted-http2-22.10.0-150400.5.26.1 * python311-Twisted-22.10.0-150400.5.26.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * python311-Twisted-contextvars-22.10.0-150400.5.26.1 * python311-Twisted-conch_nacl-22.10.0-150400.5.26.1 * python311-Twisted-all_non_platform-22.10.0-150400.5.26.1 * python311-Twisted-serial-22.10.0-150400.5.26.1 * python311-Twisted-tls-22.10.0-150400.5.26.1 * python311-Twisted-conch-22.10.0-150400.5.26.1 * python311-Twisted-http2-22.10.0-150400.5.26.1 * python311-Twisted-22.10.0-150400.5.26.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * python311-Twisted-contextvars-22.10.0-150400.5.26.1 * python311-Twisted-conch_nacl-22.10.0-150400.5.26.1 * python311-Twisted-all_non_platform-22.10.0-150400.5.26.1 * python311-Twisted-serial-22.10.0-150400.5.26.1 * python311-Twisted-tls-22.10.0-150400.5.26.1 * python311-Twisted-conch-22.10.0-150400.5.26.1 * python311-Twisted-http2-22.10.0-150400.5.26.1 * python311-Twisted-22.10.0-150400.5.26.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * python311-Twisted-contextvars-22.10.0-150400.5.26.1 * python311-Twisted-conch_nacl-22.10.0-150400.5.26.1 * python311-Twisted-all_non_platform-22.10.0-150400.5.26.1 * python311-Twisted-serial-22.10.0-150400.5.26.1 * python311-Twisted-tls-22.10.0-150400.5.26.1 * python311-Twisted-conch-22.10.0-150400.5.26.1 * python311-Twisted-http2-22.10.0-150400.5.26.1 * python311-Twisted-22.10.0-150400.5.26.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * python311-Twisted-contextvars-22.10.0-150400.5.26.1 * python311-Twisted-conch_nacl-22.10.0-150400.5.26.1 * python311-Twisted-all_non_platform-22.10.0-150400.5.26.1 * python311-Twisted-serial-22.10.0-150400.5.26.1 * python311-Twisted-tls-22.10.0-150400.5.26.1 * python311-Twisted-conch-22.10.0-150400.5.26.1 * python311-Twisted-http2-22.10.0-150400.5.26.1 * python311-Twisted-22.10.0-150400.5.26.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * python311-Twisted-contextvars-22.10.0-150400.5.26.1 * python311-Twisted-conch_nacl-22.10.0-150400.5.26.1 * python311-Twisted-all_non_platform-22.10.0-150400.5.26.1 * python311-Twisted-serial-22.10.0-150400.5.26.1 * python311-Twisted-tls-22.10.0-150400.5.26.1 * python311-Twisted-conch-22.10.0-150400.5.26.1 * python311-Twisted-http2-22.10.0-150400.5.26.1 * python311-Twisted-22.10.0-150400.5.26.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * python311-Twisted-contextvars-22.10.0-150400.5.26.1 * python311-Twisted-conch_nacl-22.10.0-150400.5.26.1 * python311-Twisted-all_non_platform-22.10.0-150400.5.26.1 * python311-Twisted-serial-22.10.0-150400.5.26.1 * python311-Twisted-tls-22.10.0-150400.5.26.1 * python311-Twisted-conch-22.10.0-150400.5.26.1 * python311-Twisted-http2-22.10.0-150400.5.26.1 * python311-Twisted-22.10.0-150400.5.26.1 ## References: * https://www.suse.com/security/cve/CVE-2026-42304.html * https://bugzilla.suse.com/show_bug.cgi?id=1265265 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 12:36:48 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 12:36:48 -0000 Subject: SUSE-SU-2026:2218-1: important: Security update for python3-Twisted Message-ID: <178040380852.1312.10721543373534970930@28a6f8bc0cea> # Security update for python3-Twisted Announcement ID: SUSE-SU-2026:2218-1 Release Date: 2026-06-02T06:00:52Z Rating: important References: * bsc#1265265 Cross-References: * CVE-2026-42304 CVSS scores: * CVE-2026-42304 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42304 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * Server Applications Module 15-SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for python3-Twisted fixes the following issue * CVE-2026-42304: Prior to 26.4.0rc2, the twisted.names module is vulnerable to a Denial of Service (DoS) attack via resource exhaustion during DNS name decompression (bsc#1265265). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2218=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-2218=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2218=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2218=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2218=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2218=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2218=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2218=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2218=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2218=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2218=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2218=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python3-Twisted-22.2.0-150400.24.1 * python-Twisted-doc-22.2.0-150400.24.1 * Server Applications Module 15-SP7 (noarch) * python3-Twisted-22.2.0-150400.24.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * python3-Twisted-22.2.0-150400.24.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * python3-Twisted-22.2.0-150400.24.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * python3-Twisted-22.2.0-150400.24.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * python3-Twisted-22.2.0-150400.24.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * python3-Twisted-22.2.0-150400.24.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * python3-Twisted-22.2.0-150400.24.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * python3-Twisted-22.2.0-150400.24.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * python3-Twisted-22.2.0-150400.24.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * python3-Twisted-22.2.0-150400.24.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * python3-Twisted-22.2.0-150400.24.1 ## References: * https://www.suse.com/security/cve/CVE-2026-42304.html * https://bugzilla.suse.com/show_bug.cgi?id=1265265 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 12:38:30 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 12:38:30 -0000 Subject: SUSE-SU-2026:2216-1: important: Security update for the Linux Kernel Message-ID: <178040391082.1312.468037185855822449@28a6f8bc0cea> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:2216-1 Release Date: 2026-06-02T05:58:23Z Rating: important References: * bsc#1243603 * bsc#1245109 * bsc#1256504 * bsc#1258518 * bsc#1258718 * bsc#1258849 * bsc#1258850 * bsc#1258854 * bsc#1258855 * bsc#1258856 * bsc#1258857 * bsc#1259484 * bsc#1259485 * bsc#1259857 * bsc#1260010 * bsc#1260018 * bsc#1260522 * bsc#1260526 * bsc#1261287 * bsc#1261295 * bsc#1261584 * bsc#1261638 * bsc#1261710 * bsc#1261779 * bsc#1261781 * bsc#1261796 * bsc#1261797 * bsc#1262179 * bsc#1262181 * bsc#1262602 * bsc#1262665 * bsc#1262734 * bsc#1262758 * bsc#1263065 * bsc#1263085 * bsc#1263093 * bsc#1263095 * bsc#1263131 * bsc#1263141 * bsc#1263165 * bsc#1263170 * bsc#1263176 * bsc#1263582 * bsc#1263600 * bsc#1263668 * bsc#1263723 * bsc#1263882 * bsc#1263901 * bsc#1263931 * bsc#1263933 * bsc#1264059 * bsc#1264082 * bsc#1264450 * bsc#1264482 * bsc#1264634 * bsc#1264651 * bsc#1264848 * bsc#1265085 * bsc#1265090 * bsc#1265119 * bsc#1265126 * bsc#1265456 * bsc#1265626 * bsc#1265960 Cross-References: * CVE-2022-49979 * CVE-2023-20585 * CVE-2026-23209 * CVE-2026-23239 * CVE-2026-23240 * CVE-2026-23268 * CVE-2026-23269 * CVE-2026-23271 * CVE-2026-23273 * CVE-2026-23351 * CVE-2026-23393 * CVE-2026-23403 * CVE-2026-23404 * CVE-2026-23405 * CVE-2026-23406 * CVE-2026-23407 * CVE-2026-23408 * CVE-2026-23409 * CVE-2026-23410 * CVE-2026-23411 * CVE-2026-23449 * CVE-2026-23450 * CVE-2026-23458 * CVE-2026-23462 * CVE-2026-31402 * CVE-2026-31403 * CVE-2026-31408 * CVE-2026-31436 * CVE-2026-31470 * CVE-2026-31504 * CVE-2026-31505 * CVE-2026-31507 * CVE-2026-31512 * CVE-2026-31533 * CVE-2026-31570 * CVE-2026-31586 * CVE-2026-31588 * CVE-2026-31602 * CVE-2026-31607 * CVE-2026-31649 * CVE-2026-31656 * CVE-2026-31662 * CVE-2026-31669 * CVE-2026-31685 * CVE-2026-31694 * CVE-2026-31700 * CVE-2026-31738 * CVE-2026-31787 * CVE-2026-43025 * CVE-2026-43027 * CVE-2026-43050 * CVE-2026-43110 * CVE-2026-43126 * CVE-2026-43190 * CVE-2026-43214 * CVE-2026-43329 * CVE-2026-43334 * CVE-2026-43365 * CVE-2026-43437 * CVE-2026-43494 * CVE-2026-43500 * CVE-2026-43503 CVSS scores: * CVE-2022-49979 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49979 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49979 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-20585 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2023-20585 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2023-20585 ( NVD ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23209 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23209 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23239 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23239 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23240 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23268 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23269 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23269 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23269 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23271 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23271 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23273 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23351 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23393 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23403 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23403 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23404 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23406 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23406 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23407 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23407 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23407 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23408 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23409 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23409 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23410 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23410 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23411 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23450 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23458 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23458 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23458 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23462 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31402 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31402 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-31402 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31403 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31408 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31408 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31408 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31436 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31436 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31436 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31470 ( SUSE ): 6.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31470 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31470 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31504 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31504 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31504 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31505 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31507 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31512 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31512 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-31512 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31533 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31533 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:N/SA:N * CVE-2026-31570 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31586 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31588 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-31602 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31602 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31602 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31607 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31607 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2026-31607 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31649 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31656 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31662 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31662 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31662 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31669 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31669 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31685 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31685 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31685 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31694 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31694 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31694 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31700 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31738 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-43027 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43027 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43050 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43110 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43110 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43110 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43126 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43190 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43190 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43190 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43214 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43214 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43214 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43329 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43329 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43329 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43334 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-43334 ( SUSE ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-43334 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43365 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43365 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43365 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43437 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43437 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43494 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43500 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43500 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43500 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43503 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43503 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43503 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Micro 5.5 An update that solves 62 vulnerabilities and has two security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: * CVE-2022-49979: net: fix refcount bug in sk_psock_get (bsc#1245109). * CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1 (bsc#1243603). * CVE-2026-23239: espintcp: Fix race condition in espintcp_close() (bsc#1259485). * CVE-2026-23240: tls: Fix race condition in tls_sw_cancel_work_tx() (bsc#1259484). * CVE-2026-23271: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race (bsc#1260018). * CVE-2026-23351: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase (bsc#1260526). * CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260522). * CVE-2026-23449: net/sched: teql: Fix double-free in teql_master_xmit (bsc#1261779). * CVE-2026-23450: net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock() (bsc#1261584). * CVE-2026-23458: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() (bsc#1261781). * CVE-2026-23462: Bluetooth: HIDP: Fix possible UAF (bsc#1261710). * CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (bsc#1261638). * CVE-2026-31403: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd (bsc#1261796). * CVE-2026-31408: Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold (bsc#1261797). * CVE-2026-31436: dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() (bsc#1262602). * CVE-2026-31470: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (bsc#1262665). * CVE-2026-31504: net: fix fanout UAF in packet_release() via NETDEV_UP race (bsc#1263085). * CVE-2026-31505: iavf: fix out-of-bounds writes in iavf_get_ethtool_stats() (bsc#1263093). * CVE-2026-31507: net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer (bsc#1263095). * CVE-2026-31512: Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv() (bsc#1262734). * CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (bsc#1262758). * CVE-2026-31570: can: gw: fix OOB heap access in cgw_csum_crc8_rel() (bsc#1263065). * CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (bsc#1263176). * CVE-2026-31588: KVM: x86: Use scratch field in MMIO fragment to hold small write values (bsc#1263165). * CVE-2026-31602: ALSA: ctxfi: Limit PTP to a single page (bsc#1263723). * CVE-2026-31607: usbip: validate number_of_packets in usbip_pack_ret_submit() (bsc#1263600). * CVE-2026-31649: net: stmmac: fix integer underflow in chain mode (bsc#1263582). * CVE-2026-31656: drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (bsc#1263170). * CVE-2026-31662: tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG (bsc#1263131). * CVE-2026-31669: mptcp: fix slab-use-after-free in __inet_lookup_established (bsc#1263141). * CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263668). * CVE-2026-31694: fuse: reject oversized dirents in page cache (bsc#1263901). * CVE-2026-31700: net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (bsc#1263882). * CVE-2026-31738: vxlan: validate ND option lengths in vxlan_na_create (bsc#1264059). * CVE-2026-31787: xen/privcmd: fix double free via VMA splitting (bsc#1262181). * CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new expectations (bsc#1263931). * CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect cleanup (bsc#1263933). * CVE-2026-43050: atm: lec: fix use-after-free in sock_def_readable() (bsc#1264082). * CVE-2026-43110: wifi: brcmfmac: validate bsscfg indices in IF events (bsc#1264482). * CVE-2026-43126: ALSA: mixer: oss: Add card disconnect checkpoints (bsc#1264634). * CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264848). * CVE-2026-43214: KVM: x86: Add SRCU protection for reading PDPTRs in __get_sregs2() (bsc#1264651). * CVE-2026-43329: netfilter: flowtable: strictly check for maximum number of actions (bsc#1265085). * CVE-2026-43334: Bluetooth: SMP: force responder MITM requirements before building the pairing response (bsc#1265090). * CVE-2026-43365: xfs: fix undersized l_iclog_roundoff values (bsc#1265119). * CVE-2026-43437: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (bsc#1265126). * CVE-2026-43494: net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * CVE-2026-43500: supported.conf: drop rxrpc and af_kfs (bsc#1264450). * CVE-2026-43503: net: skbuff: propagate shared-frag marker through frag- transfer helpers (bsc#1265960). The following non security issues were fixed: * check-for-config-changes: Exclude CC_MS_EXTENSIONS. * check-for-config-changes: Exclude HAVE_CFI_ICALL_NORMALIZE_INTEGERS{,_RUSTC}. * dm init: ensure device probing has finished in dm-mod.waitfor= (git-fixes). * mkspec: Add signature to source list only when it exists. * net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * net: gro: don't merge zcopy skbs (git-fixes). * ocfs2: fix possible deadlock between unlink and dio_end_io_write (bsc#1258718). * ocfs2: split transactions in dio completion to avoid credit exhaustion (bsc#1258718). * tcp: derive delack_max from rto_min (git-fixes). * virt: tdx-guest: Return error for GetQuote failures (git-fixes). * watchdog/perf: properly initialize the turbo mode timestamp and rearm counter (bsc#1256504). * xfrm: esp: avoid in-place decrypt on shared skb frags. ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2216=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2216=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-rt-extra-5.14.21-150500.13.140.1 * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.140.1 * kernel-rt-devel-5.14.21-150500.13.140.1 * kernel-rt_debug-devel-5.14.21-150500.13.140.1 * gfs2-kmp-rt-5.14.21-150500.13.140.1 * kernel-rt-livepatch-5.14.21-150500.13.140.1 * kernel-rt-debuginfo-5.14.21-150500.13.140.1 * kernel-rt-livepatch-devel-5.14.21-150500.13.140.1 * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.140.1 * kernel-rt-extra-debuginfo-5.14.21-150500.13.140.1 * kselftests-kmp-rt-5.14.21-150500.13.140.1 * kernel-rt-debugsource-5.14.21-150500.13.140.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.140.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.140.1 * reiserfs-kmp-rt-5.14.21-150500.13.140.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.140.1 * kernel-rt-optional-5.14.21-150500.13.140.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.140.1 * kernel-rt-vdso-5.14.21-150500.13.140.1 * dlm-kmp-rt-5.14.21-150500.13.140.1 * kernel-syms-rt-5.14.21-150500.13.140.1 * cluster-md-kmp-rt-5.14.21-150500.13.140.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.140.1 * kernel-rt_debug-vdso-5.14.21-150500.13.140.1 * ocfs2-kmp-rt-5.14.21-150500.13.140.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.140.1 * kernel-rt-optional-debuginfo-5.14.21-150500.13.140.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.140.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.140.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.140.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.140.1 * openSUSE Leap 15.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.140.1 * kernel-rt_debug-5.14.21-150500.13.140.1 * openSUSE Leap 15.5 (noarch) * kernel-source-rt-5.14.21-150500.13.140.1 * kernel-devel-rt-5.14.21-150500.13.140.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-source-rt-5.14.21-150500.13.140.1 * kernel-devel-rt-5.14.21-150500.13.140.1 * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.140.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kernel-rt-debuginfo-5.14.21-150500.13.140.1 * kernel-rt-debugsource-5.14.21-150500.13.140.1 ## References: * https://www.suse.com/security/cve/CVE-2022-49979.html * https://www.suse.com/security/cve/CVE-2023-20585.html * https://www.suse.com/security/cve/CVE-2026-23209.html * https://www.suse.com/security/cve/CVE-2026-23239.html * https://www.suse.com/security/cve/CVE-2026-23240.html * https://www.suse.com/security/cve/CVE-2026-23268.html * https://www.suse.com/security/cve/CVE-2026-23269.html * https://www.suse.com/security/cve/CVE-2026-23271.html * https://www.suse.com/security/cve/CVE-2026-23273.html * https://www.suse.com/security/cve/CVE-2026-23351.html * https://www.suse.com/security/cve/CVE-2026-23393.html * https://www.suse.com/security/cve/CVE-2026-23403.html * https://www.suse.com/security/cve/CVE-2026-23404.html * https://www.suse.com/security/cve/CVE-2026-23405.html * https://www.suse.com/security/cve/CVE-2026-23406.html * https://www.suse.com/security/cve/CVE-2026-23407.html * https://www.suse.com/security/cve/CVE-2026-23408.html * https://www.suse.com/security/cve/CVE-2026-23409.html * https://www.suse.com/security/cve/CVE-2026-23410.html * https://www.suse.com/security/cve/CVE-2026-23411.html * https://www.suse.com/security/cve/CVE-2026-23449.html * https://www.suse.com/security/cve/CVE-2026-23450.html * https://www.suse.com/security/cve/CVE-2026-23458.html * https://www.suse.com/security/cve/CVE-2026-23462.html * https://www.suse.com/security/cve/CVE-2026-31402.html * https://www.suse.com/security/cve/CVE-2026-31403.html * https://www.suse.com/security/cve/CVE-2026-31408.html * https://www.suse.com/security/cve/CVE-2026-31436.html * https://www.suse.com/security/cve/CVE-2026-31470.html * https://www.suse.com/security/cve/CVE-2026-31504.html * https://www.suse.com/security/cve/CVE-2026-31505.html * https://www.suse.com/security/cve/CVE-2026-31507.html * https://www.suse.com/security/cve/CVE-2026-31512.html * https://www.suse.com/security/cve/CVE-2026-31533.html * https://www.suse.com/security/cve/CVE-2026-31570.html * https://www.suse.com/security/cve/CVE-2026-31586.html * https://www.suse.com/security/cve/CVE-2026-31588.html * https://www.suse.com/security/cve/CVE-2026-31602.html * https://www.suse.com/security/cve/CVE-2026-31607.html * https://www.suse.com/security/cve/CVE-2026-31649.html * https://www.suse.com/security/cve/CVE-2026-31656.html * https://www.suse.com/security/cve/CVE-2026-31662.html * https://www.suse.com/security/cve/CVE-2026-31669.html * https://www.suse.com/security/cve/CVE-2026-31685.html * https://www.suse.com/security/cve/CVE-2026-31694.html * https://www.suse.com/security/cve/CVE-2026-31700.html * https://www.suse.com/security/cve/CVE-2026-31738.html * https://www.suse.com/security/cve/CVE-2026-31787.html * https://www.suse.com/security/cve/CVE-2026-43025.html * https://www.suse.com/security/cve/CVE-2026-43027.html * https://www.suse.com/security/cve/CVE-2026-43050.html * https://www.suse.com/security/cve/CVE-2026-43110.html * https://www.suse.com/security/cve/CVE-2026-43126.html * https://www.suse.com/security/cve/CVE-2026-43190.html * https://www.suse.com/security/cve/CVE-2026-43214.html * https://www.suse.com/security/cve/CVE-2026-43329.html * https://www.suse.com/security/cve/CVE-2026-43334.html * https://www.suse.com/security/cve/CVE-2026-43365.html * https://www.suse.com/security/cve/CVE-2026-43437.html * https://www.suse.com/security/cve/CVE-2026-43494.html * https://www.suse.com/security/cve/CVE-2026-43500.html * https://www.suse.com/security/cve/CVE-2026-43503.html * https://bugzilla.suse.com/show_bug.cgi?id=1243603 * https://bugzilla.suse.com/show_bug.cgi?id=1245109 * https://bugzilla.suse.com/show_bug.cgi?id=1256504 * https://bugzilla.suse.com/show_bug.cgi?id=1258518 * https://bugzilla.suse.com/show_bug.cgi?id=1258718 * https://bugzilla.suse.com/show_bug.cgi?id=1258849 * https://bugzilla.suse.com/show_bug.cgi?id=1258850 * https://bugzilla.suse.com/show_bug.cgi?id=1258854 * https://bugzilla.suse.com/show_bug.cgi?id=1258855 * https://bugzilla.suse.com/show_bug.cgi?id=1258856 * https://bugzilla.suse.com/show_bug.cgi?id=1258857 * https://bugzilla.suse.com/show_bug.cgi?id=1259484 * https://bugzilla.suse.com/show_bug.cgi?id=1259485 * https://bugzilla.suse.com/show_bug.cgi?id=1259857 * https://bugzilla.suse.com/show_bug.cgi?id=1260010 * https://bugzilla.suse.com/show_bug.cgi?id=1260018 * https://bugzilla.suse.com/show_bug.cgi?id=1260522 * https://bugzilla.suse.com/show_bug.cgi?id=1260526 * https://bugzilla.suse.com/show_bug.cgi?id=1261287 * https://bugzilla.suse.com/show_bug.cgi?id=1261295 * https://bugzilla.suse.com/show_bug.cgi?id=1261584 * https://bugzilla.suse.com/show_bug.cgi?id=1261638 * https://bugzilla.suse.com/show_bug.cgi?id=1261710 * https://bugzilla.suse.com/show_bug.cgi?id=1261779 * https://bugzilla.suse.com/show_bug.cgi?id=1261781 * https://bugzilla.suse.com/show_bug.cgi?id=1261796 * https://bugzilla.suse.com/show_bug.cgi?id=1261797 * https://bugzilla.suse.com/show_bug.cgi?id=1262179 * https://bugzilla.suse.com/show_bug.cgi?id=1262181 * https://bugzilla.suse.com/show_bug.cgi?id=1262602 * https://bugzilla.suse.com/show_bug.cgi?id=1262665 * https://bugzilla.suse.com/show_bug.cgi?id=1262734 * https://bugzilla.suse.com/show_bug.cgi?id=1262758 * https://bugzilla.suse.com/show_bug.cgi?id=1263065 * https://bugzilla.suse.com/show_bug.cgi?id=1263085 * https://bugzilla.suse.com/show_bug.cgi?id=1263093 * https://bugzilla.suse.com/show_bug.cgi?id=1263095 * https://bugzilla.suse.com/show_bug.cgi?id=1263131 * https://bugzilla.suse.com/show_bug.cgi?id=1263141 * https://bugzilla.suse.com/show_bug.cgi?id=1263165 * https://bugzilla.suse.com/show_bug.cgi?id=1263170 * https://bugzilla.suse.com/show_bug.cgi?id=1263176 * https://bugzilla.suse.com/show_bug.cgi?id=1263582 * https://bugzilla.suse.com/show_bug.cgi?id=1263600 * https://bugzilla.suse.com/show_bug.cgi?id=1263668 * https://bugzilla.suse.com/show_bug.cgi?id=1263723 * https://bugzilla.suse.com/show_bug.cgi?id=1263882 * https://bugzilla.suse.com/show_bug.cgi?id=1263901 * https://bugzilla.suse.com/show_bug.cgi?id=1263931 * https://bugzilla.suse.com/show_bug.cgi?id=1263933 * https://bugzilla.suse.com/show_bug.cgi?id=1264059 * https://bugzilla.suse.com/show_bug.cgi?id=1264082 * https://bugzilla.suse.com/show_bug.cgi?id=1264450 * https://bugzilla.suse.com/show_bug.cgi?id=1264482 * https://bugzilla.suse.com/show_bug.cgi?id=1264634 * https://bugzilla.suse.com/show_bug.cgi?id=1264651 * https://bugzilla.suse.com/show_bug.cgi?id=1264848 * https://bugzilla.suse.com/show_bug.cgi?id=1265085 * https://bugzilla.suse.com/show_bug.cgi?id=1265090 * https://bugzilla.suse.com/show_bug.cgi?id=1265119 * https://bugzilla.suse.com/show_bug.cgi?id=1265126 * https://bugzilla.suse.com/show_bug.cgi?id=1265456 * https://bugzilla.suse.com/show_bug.cgi?id=1265626 * https://bugzilla.suse.com/show_bug.cgi?id=1265960 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 12:40:20 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 12:40:20 -0000 Subject: SUSE-SU-2026:2215-1: important: Security update for the Linux Kernel Message-ID: <178040402019.1312.4672370262539896814@28a6f8bc0cea> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:2215-1 Release Date: 2026-06-02T05:58:01Z Rating: important References: * bsc#1243603 * bsc#1245109 * bsc#1256504 * bsc#1258518 * bsc#1258718 * bsc#1258849 * bsc#1258850 * bsc#1258854 * bsc#1258855 * bsc#1258856 * bsc#1258857 * bsc#1259484 * bsc#1259485 * bsc#1259857 * bsc#1260010 * bsc#1260018 * bsc#1260522 * bsc#1260526 * bsc#1261287 * bsc#1261295 * bsc#1261584 * bsc#1261638 * bsc#1261710 * bsc#1261779 * bsc#1261781 * bsc#1261796 * bsc#1261797 * bsc#1262179 * bsc#1262181 * bsc#1262602 * bsc#1262665 * bsc#1262734 * bsc#1262758 * bsc#1263065 * bsc#1263085 * bsc#1263093 * bsc#1263095 * bsc#1263131 * bsc#1263141 * bsc#1263165 * bsc#1263170 * bsc#1263176 * bsc#1263582 * bsc#1263600 * bsc#1263668 * bsc#1263723 * bsc#1263882 * bsc#1263901 * bsc#1263931 * bsc#1263933 * bsc#1264059 * bsc#1264082 * bsc#1264450 * bsc#1264482 * bsc#1264634 * bsc#1264651 * bsc#1264848 * bsc#1265085 * bsc#1265090 * bsc#1265119 * bsc#1265126 * bsc#1265308 * bsc#1265456 * bsc#1265626 * bsc#1265960 Cross-References: * CVE-2022-49979 * CVE-2023-20585 * CVE-2026-23209 * CVE-2026-23239 * CVE-2026-23240 * CVE-2026-23268 * CVE-2026-23269 * CVE-2026-23271 * CVE-2026-23273 * CVE-2026-23351 * CVE-2026-23393 * CVE-2026-23403 * CVE-2026-23404 * CVE-2026-23405 * CVE-2026-23406 * CVE-2026-23407 * CVE-2026-23408 * CVE-2026-23409 * CVE-2026-23410 * CVE-2026-23411 * CVE-2026-23449 * CVE-2026-23450 * CVE-2026-23458 * CVE-2026-23462 * CVE-2026-31402 * CVE-2026-31403 * CVE-2026-31408 * CVE-2026-31436 * CVE-2026-31470 * CVE-2026-31504 * CVE-2026-31505 * CVE-2026-31507 * CVE-2026-31512 * CVE-2026-31533 * CVE-2026-31570 * CVE-2026-31586 * CVE-2026-31588 * CVE-2026-31602 * CVE-2026-31607 * CVE-2026-31649 * CVE-2026-31656 * CVE-2026-31662 * CVE-2026-31669 * CVE-2026-31685 * CVE-2026-31694 * CVE-2026-31700 * CVE-2026-31738 * CVE-2026-31787 * CVE-2026-43025 * CVE-2026-43027 * CVE-2026-43050 * CVE-2026-43110 * CVE-2026-43126 * CVE-2026-43190 * CVE-2026-43214 * CVE-2026-43329 * CVE-2026-43334 * CVE-2026-43365 * CVE-2026-43437 * CVE-2026-43494 * CVE-2026-43500 * CVE-2026-43503 * CVE-2026-46333 CVSS scores: * CVE-2022-49979 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49979 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49979 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-20585 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2023-20585 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2023-20585 ( NVD ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23209 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23209 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23239 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23239 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23240 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23268 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23269 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23269 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23269 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23271 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23271 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23273 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23351 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23393 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23403 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23403 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23404 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23406 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23406 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23407 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23407 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23407 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23408 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23409 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23409 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23410 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23410 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23411 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23450 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23458 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23458 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23458 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23462 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31402 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31402 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-31402 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31403 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31408 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31408 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31408 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31436 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31436 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31436 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31470 ( SUSE ): 6.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31470 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31470 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31504 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31504 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31504 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31505 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31507 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31512 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31512 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-31512 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31533 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31533 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:N/SA:N * CVE-2026-31570 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31586 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31588 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-31602 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31602 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31602 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31607 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31607 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2026-31607 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31649 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31656 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31662 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31662 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31662 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31669 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31669 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31685 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31685 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31685 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31694 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31694 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31694 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31700 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31738 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-43027 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43027 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43050 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43110 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43110 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43110 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43126 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43190 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43190 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43190 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43214 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43214 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43214 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43329 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43329 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43329 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43334 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-43334 ( SUSE ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-43334 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43365 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43365 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43365 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43437 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43437 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43494 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43500 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43500 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43500 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43503 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43503 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43503 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 63 vulnerabilities and has two security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2022-49979: net: fix refcount bug in sk_psock_get (bsc#1245109). * CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1 (bsc#1243603). * CVE-2026-23239: espintcp: Fix race condition in espintcp_close() (bsc#1259485). * CVE-2026-23240: tls: Fix race condition in tls_sw_cancel_work_tx() (bsc#1259484). * CVE-2026-23271: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race (bsc#1260018). * CVE-2026-23351: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase (bsc#1260526). * CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260522). * CVE-2026-23449: net/sched: teql: Fix double-free in teql_master_xmit (bsc#1261779). * CVE-2026-23450: net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock() (bsc#1261584). * CVE-2026-23458: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() (bsc#1261781). * CVE-2026-23462: Bluetooth: HIDP: Fix possible UAF (bsc#1261710). * CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (bsc#1261638). * CVE-2026-31403: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd (bsc#1261796). * CVE-2026-31408: Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold (bsc#1261797). * CVE-2026-31436: dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() (bsc#1262602). * CVE-2026-31470: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (bsc#1262665). * CVE-2026-31504: net: fix fanout UAF in packet_release() via NETDEV_UP race (bsc#1263085). * CVE-2026-31505: iavf: fix out-of-bounds writes in iavf_get_ethtool_stats() (bsc#1263093). * CVE-2026-31507: net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer (bsc#1263095). * CVE-2026-31512: Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv() (bsc#1262734). * CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (bsc#1262758). * CVE-2026-31570: can: gw: fix OOB heap access in cgw_csum_crc8_rel() (bsc#1263065). * CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (bsc#1263176). * CVE-2026-31588: KVM: x86: Use scratch field in MMIO fragment to hold small write values (bsc#1263165). * CVE-2026-31602: ALSA: ctxfi: Limit PTP to a single page (bsc#1263723). * CVE-2026-31607: usbip: validate number_of_packets in usbip_pack_ret_submit() (bsc#1263600). * CVE-2026-31649: net: stmmac: fix integer underflow in chain mode (bsc#1263582). * CVE-2026-31656: drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (bsc#1263170). * CVE-2026-31662: tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG (bsc#1263131). * CVE-2026-31669: mptcp: fix slab-use-after-free in __inet_lookup_established (bsc#1263141). * CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263668). * CVE-2026-31694: fuse: reject oversized dirents in page cache (bsc#1263901). * CVE-2026-31700: net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (bsc#1263882). * CVE-2026-31738: vxlan: validate ND option lengths in vxlan_na_create (bsc#1264059). * CVE-2026-31787: xen/privcmd: fix double free via VMA splitting (bsc#1262181). * CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new expectations (bsc#1263931). * CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect cleanup (bsc#1263933). * CVE-2026-43050: atm: lec: fix use-after-free in sock_def_readable() (bsc#1264082). * CVE-2026-43110: wifi: brcmfmac: validate bsscfg indices in IF events (bsc#1264482). * CVE-2026-43126: ALSA: mixer: oss: Add card disconnect checkpoints (bsc#1264634). * CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264848). * CVE-2026-43214: KVM: x86: Add SRCU protection for reading PDPTRs in __get_sregs2() (bsc#1264651). * CVE-2026-43329: netfilter: flowtable: strictly check for maximum number of actions (bsc#1265085). * CVE-2026-43334: Bluetooth: SMP: force responder MITM requirements before building the pairing response (bsc#1265090). * CVE-2026-43365: xfs: fix undersized l_iclog_roundoff values (bsc#1265119). * CVE-2026-43437: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (bsc#1265126). * CVE-2026-43494: net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * CVE-2026-43500: supported.conf: drop rxrpc and af_kfs (bsc#1264450). * CVE-2026-43503: net: skbuff: propagate shared-frag marker through frag- transfer helpers (bsc#1265960). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265308). The following non security issues were fixed: * check-for-config-changes: Exclude CC_MS_EXTENSIONS. * check-for-config-changes: Exclude HAVE_CFI_ICALL_NORMALIZE_INTEGERS{,_RUSTC}. * dm init: ensure device probing has finished in dm-mod.waitfor= (git-fixes). * mkspec: Add signature to source list only when it exists. * net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * net: gro: don't merge zcopy skbs (git-fixes). * ocfs2: fix possible deadlock between unlink and dio_end_io_write (bsc#1258718). * ocfs2: split transactions in dio completion to avoid credit exhaustion (bsc#1258718). * tcp: derive delack_max from rto_min (git-fixes). (cherry picked from commit 681cef669f5a14ab844195d5b0e3dab01e42b3b7). * virt: tdx-guest: Return error for GetQuote failures (git-fixes). * watchdog/perf: properly initialize the turbo mode timestamp and rearm counter (bsc#1256504). * xfrm: esp: avoid in-place decrypt on shared skb frags. ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2215=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2215=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2215=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-2215=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2215=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2215=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2215=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * kernel-default-devel-5.14.21-150500.55.166.1 * kernel-obs-build-debugsource-5.14.21-150500.55.166.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.166.1 * kernel-default-debuginfo-5.14.21-150500.55.166.1 * kernel-default-base-5.14.21-150500.55.166.1.150500.6.77.1 * dlm-kmp-default-5.14.21-150500.55.166.1 * cluster-md-kmp-default-5.14.21-150500.55.166.1 * kernel-syms-5.14.21-150500.55.166.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.166.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.166.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.166.1 * kernel-obs-build-5.14.21-150500.55.166.1 * gfs2-kmp-default-5.14.21-150500.55.166.1 * kernel-default-debugsource-5.14.21-150500.55.166.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.166.1 * ocfs2-kmp-default-5.14.21-150500.55.166.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150500.55.166.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * kernel-source-5.14.21-150500.55.166.1 * kernel-devel-5.14.21-150500.55.166.1 * kernel-macros-5.14.21-150500.55.166.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.166.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.166.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64) * kernel-64kb-devel-5.14.21-150500.55.166.1 * kernel-64kb-debugsource-5.14.21-150500.55.166.1 * kernel-64kb-debuginfo-5.14.21-150500.55.166.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.166.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.166.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150500.55.166.1.150500.6.77.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * kernel-default-devel-5.14.21-150500.55.166.1 * kernel-obs-build-debugsource-5.14.21-150500.55.166.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.166.1 * kernel-default-debuginfo-5.14.21-150500.55.166.1 * dlm-kmp-default-5.14.21-150500.55.166.1 * cluster-md-kmp-default-5.14.21-150500.55.166.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.166.1 * kernel-syms-5.14.21-150500.55.166.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.166.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.166.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.166.1 * reiserfs-kmp-default-5.14.21-150500.55.166.1 * kernel-obs-build-5.14.21-150500.55.166.1 * gfs2-kmp-default-5.14.21-150500.55.166.1 * kernel-default-debugsource-5.14.21-150500.55.166.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.166.1 * ocfs2-kmp-default-5.14.21-150500.55.166.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * kernel-source-5.14.21-150500.55.166.1 * kernel-devel-5.14.21-150500.55.166.1 * kernel-macros-5.14.21-150500.55.166.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch nosrc) * kernel-docs-5.14.21-150500.55.166.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.166.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (s390x) * kernel-zfcpdump-debugsource-5.14.21-150500.55.166.1 * kernel-zfcpdump-debuginfo-5.14.21-150500.55.166.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.166.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64) * kernel-64kb-devel-5.14.21-150500.55.166.1 * kernel-64kb-debugsource-5.14.21-150500.55.166.1 * kernel-64kb-debuginfo-5.14.21-150500.55.166.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.166.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * kernel-default-devel-5.14.21-150500.55.166.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.166.1 * kernel-obs-build-debugsource-5.14.21-150500.55.166.1 * kernel-default-debuginfo-5.14.21-150500.55.166.1 * dlm-kmp-default-5.14.21-150500.55.166.1 * cluster-md-kmp-default-5.14.21-150500.55.166.1 * kernel-default-base-5.14.21-150500.55.166.1.150500.6.77.1 * kernel-syms-5.14.21-150500.55.166.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.166.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.166.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.166.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.166.1 * reiserfs-kmp-default-5.14.21-150500.55.166.1 * kernel-obs-build-5.14.21-150500.55.166.1 * gfs2-kmp-default-5.14.21-150500.55.166.1 * kernel-default-debugsource-5.14.21-150500.55.166.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.166.1 * ocfs2-kmp-default-5.14.21-150500.55.166.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (nosrc ppc64le x86_64) * kernel-default-5.14.21-150500.55.166.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * kernel-source-5.14.21-150500.55.166.1 * kernel-devel-5.14.21-150500.55.166.1 * kernel-macros-5.14.21-150500.55.166.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.166.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-default-debuginfo-5.14.21-150500.55.166.1 * kernel-livepatch-5_14_21-150500_55_166-default-1-150500.11.3.1 * kernel-default-livepatch-devel-5.14.21-150500.55.166.1 * kernel-default-debugsource-5.14.21-150500.55.166.1 * kernel-livepatch-5_14_21-150500_55_166-default-debuginfo-1-150500.11.3.1 * kernel-default-livepatch-5.14.21-150500.55.166.1 * kernel-livepatch-SLE15-SP5_Update_40-debugsource-1-150500.11.3.1 * SUSE Linux Enterprise Live Patching 15-SP5 (nosrc) * kernel-default-5.14.21-150500.55.166.1 * openSUSE Leap 15.5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.166.1 * openSUSE Leap 15.5 (noarch) * kernel-source-5.14.21-150500.55.166.1 * kernel-source-vanilla-5.14.21-150500.55.166.1 * kernel-devel-5.14.21-150500.55.166.1 * kernel-macros-5.14.21-150500.55.166.1 * kernel-docs-html-5.14.21-150500.55.166.1 * openSUSE Leap 15.5 (aarch64 ppc64le x86_64) * kernel-kvmsmall-debugsource-5.14.21-150500.55.166.1 * kernel-kvmsmall-devel-debuginfo-5.14.21-150500.55.166.1 * kernel-kvmsmall-debuginfo-5.14.21-150500.55.166.1 * kernel-default-base-5.14.21-150500.55.166.1.150500.6.77.1 * kernel-kvmsmall-devel-5.14.21-150500.55.166.1 * kernel-default-base-rebuild-5.14.21-150500.55.166.1.150500.6.77.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-debugsource-5.14.21-150500.55.166.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.166.1 * kernel-syms-5.14.21-150500.55.166.1 * kernel-default-extra-5.14.21-150500.55.166.1 * ocfs2-kmp-default-5.14.21-150500.55.166.1 * kernel-default-optional-5.14.21-150500.55.166.1 * kernel-default-optional-debuginfo-5.14.21-150500.55.166.1 * dlm-kmp-default-5.14.21-150500.55.166.1 * kselftests-kmp-default-5.14.21-150500.55.166.1 * kernel-obs-qa-5.14.21-150500.55.166.1 * gfs2-kmp-default-5.14.21-150500.55.166.1 * kernel-default-livepatch-5.14.21-150500.55.166.1 * kernel-default-devel-5.14.21-150500.55.166.1 * kernel-default-extra-debuginfo-5.14.21-150500.55.166.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.166.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.166.1 * kernel-default-debugsource-5.14.21-150500.55.166.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.166.1 * kernel-default-debuginfo-5.14.21-150500.55.166.1 * cluster-md-kmp-default-5.14.21-150500.55.166.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.166.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.166.1 * kselftests-kmp-default-debuginfo-5.14.21-150500.55.166.1 * reiserfs-kmp-default-5.14.21-150500.55.166.1 * kernel-obs-build-5.14.21-150500.55.166.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.166.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_166-default-debuginfo-1-150500.11.3.1 * kernel-livepatch-5_14_21-150500_55_166-default-1-150500.11.3.1 * kernel-livepatch-SLE15-SP5_Update_40-debugsource-1-150500.11.3.1 * kernel-default-livepatch-devel-5.14.21-150500.55.166.1 * openSUSE Leap 15.5 (x86_64) * kernel-default-vdso-5.14.21-150500.55.166.1 * kernel-kvmsmall-vdso-debuginfo-5.14.21-150500.55.166.1 * kernel-default-vdso-debuginfo-5.14.21-150500.55.166.1 * kernel-kvmsmall-vdso-5.14.21-150500.55.166.1 * openSUSE Leap 15.5 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150500.55.166.1 * openSUSE Leap 15.5 (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.166.1 * openSUSE Leap 15.5 (s390x) * kernel-zfcpdump-debugsource-5.14.21-150500.55.166.1 * kernel-zfcpdump-debuginfo-5.14.21-150500.55.166.1 * openSUSE Leap 15.5 (nosrc) * dtb-aarch64-5.14.21-150500.55.166.1 * openSUSE Leap 15.5 (aarch64) * dtb-broadcom-5.14.21-150500.55.166.1 * gfs2-kmp-64kb-debuginfo-5.14.21-150500.55.166.1 * dtb-lg-5.14.21-150500.55.166.1 * gfs2-kmp-64kb-5.14.21-150500.55.166.1 * kselftests-kmp-64kb-debuginfo-5.14.21-150500.55.166.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.166.1 * kernel-64kb-optional-5.14.21-150500.55.166.1 * dtb-nvidia-5.14.21-150500.55.166.1 * dlm-kmp-64kb-5.14.21-150500.55.166.1 * dtb-hisilicon-5.14.21-150500.55.166.1 * cluster-md-kmp-64kb-debuginfo-5.14.21-150500.55.166.1 * kernel-64kb-debugsource-5.14.21-150500.55.166.1 * dtb-renesas-5.14.21-150500.55.166.1 * kernel-64kb-extra-5.14.21-150500.55.166.1 * dtb-freescale-5.14.21-150500.55.166.1 * kselftests-kmp-64kb-5.14.21-150500.55.166.1 * dtb-apm-5.14.21-150500.55.166.1 * dtb-qcom-5.14.21-150500.55.166.1 * dtb-allwinner-5.14.21-150500.55.166.1 * reiserfs-kmp-64kb-5.14.21-150500.55.166.1 * dtb-apple-5.14.21-150500.55.166.1 * kernel-64kb-devel-5.14.21-150500.55.166.1 * dlm-kmp-64kb-debuginfo-5.14.21-150500.55.166.1 * kernel-64kb-optional-debuginfo-5.14.21-150500.55.166.1 * dtb-altera-5.14.21-150500.55.166.1 * dtb-mediatek-5.14.21-150500.55.166.1 * dtb-amazon-5.14.21-150500.55.166.1 * kernel-64kb-extra-debuginfo-5.14.21-150500.55.166.1 * dtb-arm-5.14.21-150500.55.166.1 * dtb-rockchip-5.14.21-150500.55.166.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150500.55.166.1 * dtb-socionext-5.14.21-150500.55.166.1 * dtb-marvell-5.14.21-150500.55.166.1 * dtb-amlogic-5.14.21-150500.55.166.1 * ocfs2-kmp-64kb-5.14.21-150500.55.166.1 * ocfs2-kmp-64kb-debuginfo-5.14.21-150500.55.166.1 * dtb-amd-5.14.21-150500.55.166.1 * kernel-64kb-debuginfo-5.14.21-150500.55.166.1 * cluster-md-kmp-64kb-5.14.21-150500.55.166.1 * dtb-sprd-5.14.21-150500.55.166.1 * dtb-xilinx-5.14.21-150500.55.166.1 * dtb-exynos-5.14.21-150500.55.166.1 * dtb-cavium-5.14.21-150500.55.166.1 * openSUSE Leap 15.5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.166.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.166.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64) * kernel-default-base-5.14.21-150500.55.166.1.150500.6.77.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150500.55.166.1 * kernel-default-debuginfo-5.14.21-150500.55.166.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-source-5.14.21-150500.55.166.1 * kernel-macros-5.14.21-150500.55.166.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * kernel-default-devel-5.14.21-150500.55.166.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.166.1 * kernel-obs-build-debugsource-5.14.21-150500.55.166.1 * kernel-default-debuginfo-5.14.21-150500.55.166.1 * dlm-kmp-default-5.14.21-150500.55.166.1 * cluster-md-kmp-default-5.14.21-150500.55.166.1 * kernel-default-base-5.14.21-150500.55.166.1.150500.6.77.1 * kernel-syms-5.14.21-150500.55.166.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.166.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.166.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.166.1 * kernel-obs-build-5.14.21-150500.55.166.1 * gfs2-kmp-default-5.14.21-150500.55.166.1 * kernel-default-debugsource-5.14.21-150500.55.166.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.166.1 * ocfs2-kmp-default-5.14.21-150500.55.166.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.166.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64) * kernel-64kb-devel-5.14.21-150500.55.166.1 * kernel-64kb-debugsource-5.14.21-150500.55.166.1 * kernel-64kb-debuginfo-5.14.21-150500.55.166.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.166.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150500.55.166.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * kernel-source-5.14.21-150500.55.166.1 * kernel-devel-5.14.21-150500.55.166.1 * kernel-macros-5.14.21-150500.55.166.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.166.1 ## References: * https://www.suse.com/security/cve/CVE-2022-49979.html * https://www.suse.com/security/cve/CVE-2023-20585.html * https://www.suse.com/security/cve/CVE-2026-23209.html * https://www.suse.com/security/cve/CVE-2026-23239.html * https://www.suse.com/security/cve/CVE-2026-23240.html * https://www.suse.com/security/cve/CVE-2026-23268.html * https://www.suse.com/security/cve/CVE-2026-23269.html * https://www.suse.com/security/cve/CVE-2026-23271.html * https://www.suse.com/security/cve/CVE-2026-23273.html * https://www.suse.com/security/cve/CVE-2026-23351.html * https://www.suse.com/security/cve/CVE-2026-23393.html * https://www.suse.com/security/cve/CVE-2026-23403.html * https://www.suse.com/security/cve/CVE-2026-23404.html * https://www.suse.com/security/cve/CVE-2026-23405.html * https://www.suse.com/security/cve/CVE-2026-23406.html * https://www.suse.com/security/cve/CVE-2026-23407.html * https://www.suse.com/security/cve/CVE-2026-23408.html * https://www.suse.com/security/cve/CVE-2026-23409.html * https://www.suse.com/security/cve/CVE-2026-23410.html * https://www.suse.com/security/cve/CVE-2026-23411.html * https://www.suse.com/security/cve/CVE-2026-23449.html * https://www.suse.com/security/cve/CVE-2026-23450.html * https://www.suse.com/security/cve/CVE-2026-23458.html * https://www.suse.com/security/cve/CVE-2026-23462.html * https://www.suse.com/security/cve/CVE-2026-31402.html * https://www.suse.com/security/cve/CVE-2026-31403.html * https://www.suse.com/security/cve/CVE-2026-31408.html * https://www.suse.com/security/cve/CVE-2026-31436.html * https://www.suse.com/security/cve/CVE-2026-31470.html * https://www.suse.com/security/cve/CVE-2026-31504.html * https://www.suse.com/security/cve/CVE-2026-31505.html * https://www.suse.com/security/cve/CVE-2026-31507.html * https://www.suse.com/security/cve/CVE-2026-31512.html * https://www.suse.com/security/cve/CVE-2026-31533.html * https://www.suse.com/security/cve/CVE-2026-31570.html * https://www.suse.com/security/cve/CVE-2026-31586.html * https://www.suse.com/security/cve/CVE-2026-31588.html * https://www.suse.com/security/cve/CVE-2026-31602.html * https://www.suse.com/security/cve/CVE-2026-31607.html * https://www.suse.com/security/cve/CVE-2026-31649.html * https://www.suse.com/security/cve/CVE-2026-31656.html * https://www.suse.com/security/cve/CVE-2026-31662.html * https://www.suse.com/security/cve/CVE-2026-31669.html * https://www.suse.com/security/cve/CVE-2026-31685.html * https://www.suse.com/security/cve/CVE-2026-31694.html * https://www.suse.com/security/cve/CVE-2026-31700.html * https://www.suse.com/security/cve/CVE-2026-31738.html * https://www.suse.com/security/cve/CVE-2026-31787.html * https://www.suse.com/security/cve/CVE-2026-43025.html * https://www.suse.com/security/cve/CVE-2026-43027.html * https://www.suse.com/security/cve/CVE-2026-43050.html * https://www.suse.com/security/cve/CVE-2026-43110.html * https://www.suse.com/security/cve/CVE-2026-43126.html * https://www.suse.com/security/cve/CVE-2026-43190.html * https://www.suse.com/security/cve/CVE-2026-43214.html * https://www.suse.com/security/cve/CVE-2026-43329.html * https://www.suse.com/security/cve/CVE-2026-43334.html * https://www.suse.com/security/cve/CVE-2026-43365.html * https://www.suse.com/security/cve/CVE-2026-43437.html * https://www.suse.com/security/cve/CVE-2026-43494.html * https://www.suse.com/security/cve/CVE-2026-43500.html * https://www.suse.com/security/cve/CVE-2026-43503.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1243603 * https://bugzilla.suse.com/show_bug.cgi?id=1245109 * https://bugzilla.suse.com/show_bug.cgi?id=1256504 * https://bugzilla.suse.com/show_bug.cgi?id=1258518 * https://bugzilla.suse.com/show_bug.cgi?id=1258718 * https://bugzilla.suse.com/show_bug.cgi?id=1258849 * https://bugzilla.suse.com/show_bug.cgi?id=1258850 * https://bugzilla.suse.com/show_bug.cgi?id=1258854 * https://bugzilla.suse.com/show_bug.cgi?id=1258855 * https://bugzilla.suse.com/show_bug.cgi?id=1258856 * https://bugzilla.suse.com/show_bug.cgi?id=1258857 * https://bugzilla.suse.com/show_bug.cgi?id=1259484 * https://bugzilla.suse.com/show_bug.cgi?id=1259485 * https://bugzilla.suse.com/show_bug.cgi?id=1259857 * https://bugzilla.suse.com/show_bug.cgi?id=1260010 * https://bugzilla.suse.com/show_bug.cgi?id=1260018 * https://bugzilla.suse.com/show_bug.cgi?id=1260522 * https://bugzilla.suse.com/show_bug.cgi?id=1260526 * https://bugzilla.suse.com/show_bug.cgi?id=1261287 * https://bugzilla.suse.com/show_bug.cgi?id=1261295 * https://bugzilla.suse.com/show_bug.cgi?id=1261584 * https://bugzilla.suse.com/show_bug.cgi?id=1261638 * https://bugzilla.suse.com/show_bug.cgi?id=1261710 * https://bugzilla.suse.com/show_bug.cgi?id=1261779 * https://bugzilla.suse.com/show_bug.cgi?id=1261781 * https://bugzilla.suse.com/show_bug.cgi?id=1261796 * https://bugzilla.suse.com/show_bug.cgi?id=1261797 * https://bugzilla.suse.com/show_bug.cgi?id=1262179 * https://bugzilla.suse.com/show_bug.cgi?id=1262181 * https://bugzilla.suse.com/show_bug.cgi?id=1262602 * https://bugzilla.suse.com/show_bug.cgi?id=1262665 * https://bugzilla.suse.com/show_bug.cgi?id=1262734 * https://bugzilla.suse.com/show_bug.cgi?id=1262758 * https://bugzilla.suse.com/show_bug.cgi?id=1263065 * https://bugzilla.suse.com/show_bug.cgi?id=1263085 * https://bugzilla.suse.com/show_bug.cgi?id=1263093 * https://bugzilla.suse.com/show_bug.cgi?id=1263095 * https://bugzilla.suse.com/show_bug.cgi?id=1263131 * https://bugzilla.suse.com/show_bug.cgi?id=1263141 * https://bugzilla.suse.com/show_bug.cgi?id=1263165 * https://bugzilla.suse.com/show_bug.cgi?id=1263170 * https://bugzilla.suse.com/show_bug.cgi?id=1263176 * https://bugzilla.suse.com/show_bug.cgi?id=1263582 * https://bugzilla.suse.com/show_bug.cgi?id=1263600 * https://bugzilla.suse.com/show_bug.cgi?id=1263668 * https://bugzilla.suse.com/show_bug.cgi?id=1263723 * https://bugzilla.suse.com/show_bug.cgi?id=1263882 * https://bugzilla.suse.com/show_bug.cgi?id=1263901 * https://bugzilla.suse.com/show_bug.cgi?id=1263931 * https://bugzilla.suse.com/show_bug.cgi?id=1263933 * https://bugzilla.suse.com/show_bug.cgi?id=1264059 * https://bugzilla.suse.com/show_bug.cgi?id=1264082 * https://bugzilla.suse.com/show_bug.cgi?id=1264450 * https://bugzilla.suse.com/show_bug.cgi?id=1264482 * https://bugzilla.suse.com/show_bug.cgi?id=1264634 * https://bugzilla.suse.com/show_bug.cgi?id=1264651 * https://bugzilla.suse.com/show_bug.cgi?id=1264848 * https://bugzilla.suse.com/show_bug.cgi?id=1265085 * https://bugzilla.suse.com/show_bug.cgi?id=1265090 * https://bugzilla.suse.com/show_bug.cgi?id=1265119 * https://bugzilla.suse.com/show_bug.cgi?id=1265126 * https://bugzilla.suse.com/show_bug.cgi?id=1265308 * https://bugzilla.suse.com/show_bug.cgi?id=1265456 * https://bugzilla.suse.com/show_bug.cgi?id=1265626 * https://bugzilla.suse.com/show_bug.cgi?id=1265960 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:30:19 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:30:19 -0000 Subject: SUSE-SU-2026:21948-1: important: Security update for vim Message-ID: <178041781968.42.6470181261893582146@b0da085613fb> # Security update for vim Announcement ID: SUSE-SU-2026:21948-1 Release Date: 2026-06-01T10:45:03Z Rating: important References: * bsc#1262395 * bsc#1264706 * bsc#1264707 * bsc#1264708 * bsc#1265349 * bsc#1265360 Cross-References: * CVE-2026-42307 * CVE-2026-43961 * CVE-2026-44656 * CVE-2026-45130 * CVE-2026-46483 CVSS scores: * CVE-2026-42307 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-43961 ( SUSE ): 5.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43961 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2026-44656 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-44656 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-44656 ( NVD ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-44656 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-45130 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2026-45130 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2026-45130 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-46483 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46483 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-46483 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-46483 ( NVD ): 3.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Micro 6.1 * SUSE Linux Micro Extras 6.1 An update that solves five vulnerabilities and has one fix can now be installed. ## Description: This update for vim fixes the following issues * CVE-2026-42307: Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim (bsc#1264706). * CVE-2026-43961: Vimscript Code Injection in netrw NetrwMarkFile() via crafted filename (bsc#1265349). * CVE-2026-44656: Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's: find command-line completion (bsc#1264707). * CVE-2026-45130: Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 encoding active (bsc#1264708). * CVE-2026-46483: command injection via `tar#Vimuntar()` in `runtime/autoload/tar.vim` when decompressing `.tgz` archives on Unix-like systems (bsc#1265360). Changes for vim: * Update to v9.2.0530. * Fix for incorrectly detecting scientific parameter files as bitbake recipies. (bsc#1262395) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro Extras 6.1 zypper in -t patch SUSE-SLE-Micro-Extras-6.1-557=1 ## Package List: * SUSE Linux Micro Extras 6.1 (aarch64 ppc64le s390x x86_64) * vim-debugsource-9.2.0530-slfo.1.1_1.1 * vim-9.2.0530-slfo.1.1_1.1 * vim-debuginfo-9.2.0530-slfo.1.1_1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-42307.html * https://www.suse.com/security/cve/CVE-2026-43961.html * https://www.suse.com/security/cve/CVE-2026-44656.html * https://www.suse.com/security/cve/CVE-2026-45130.html * https://www.suse.com/security/cve/CVE-2026-46483.html * https://bugzilla.suse.com/show_bug.cgi?id=1262395 * https://bugzilla.suse.com/show_bug.cgi?id=1264706 * https://bugzilla.suse.com/show_bug.cgi?id=1264707 * https://bugzilla.suse.com/show_bug.cgi?id=1264708 * https://bugzilla.suse.com/show_bug.cgi?id=1265349 * https://bugzilla.suse.com/show_bug.cgi?id=1265360 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:35:22 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:35:22 -0000 Subject: SUSE-SU-2026:21947-1: important: Security update for the Linux Kernel Message-ID: <178041812282.42.4859220056832989002@b0da085613fb> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:21947-1 Release Date: 2026-05-29T17:53:27Z Rating: important References: * bsc#1215199 * bsc#1234634 * bsc#1243603 * bsc#1248754 * bsc#1253122 * bsc#1253754 * bsc#1254518 * bsc#1256863 * bsc#1257631 * bsc#1258518 * bsc#1258718 * bsc#1258826 * bsc#1258849 * bsc#1258850 * bsc#1258854 * bsc#1258855 * bsc#1258856 * bsc#1258857 * bsc#1258961 * bsc#1259186 * bsc#1259199 * bsc#1259222 * bsc#1259484 * bsc#1259485 * bsc#1259535 * bsc#1259799 * bsc#1259806 * bsc#1259857 * bsc#1259868 * bsc#1259869 * bsc#1259873 * bsc#1259878 * bsc#1260010 * bsc#1260012 * bsc#1260018 * bsc#1260468 * bsc#1260483 * bsc#1260484 * bsc#1260485 * bsc#1260489 * bsc#1260501 * bsc#1260504 * bsc#1260505 * bsc#1260507 * bsc#1260522 * bsc#1260523 * bsc#1260526 * bsc#1260528 * bsc#1260529 * bsc#1260530 * bsc#1260531 * bsc#1260532 * bsc#1260533 * bsc#1260536 * bsc#1260537 * bsc#1260538 * bsc#1260541 * bsc#1260546 * bsc#1260549 * bsc#1260551 * bsc#1260552 * bsc#1260553 * bsc#1260555 * bsc#1260561 * bsc#1260566 * bsc#1260572 * bsc#1260581 * bsc#1260728 * bsc#1260729 * bsc#1260731 * bsc#1260800 * bsc#1260811 * bsc#1261020 * bsc#1261287 * bsc#1261295 * bsc#1261348 * bsc#1261503 * bsc#1261504 * bsc#1261581 * bsc#1261582 * bsc#1261584 * bsc#1261601 * bsc#1261602 * bsc#1261618 * bsc#1261628 * bsc#1261632 * bsc#1261636 * bsc#1261638 * bsc#1261641 * bsc#1261644 * bsc#1261645 * bsc#1261648 * bsc#1261679 * bsc#1261685 * bsc#1261686 * bsc#1261687 * bsc#1261692 * bsc#1261694 * bsc#1261700 * bsc#1261703 * bsc#1261707 * bsc#1261710 * bsc#1261713 * bsc#1261719 * bsc#1261750 * bsc#1261751 * bsc#1261752 * bsc#1261768 * bsc#1261778 * bsc#1261779 * bsc#1261781 * bsc#1261789 * bsc#1261796 * bsc#1261797 * bsc#1261896 * bsc#1262020 * bsc#1262053 * bsc#1262054 * bsc#1262055 * bsc#1262061 * bsc#1262063 * bsc#1262074 * bsc#1262078 * bsc#1262086 * bsc#1262087 * bsc#1262099 * bsc#1262100 * bsc#1262101 * bsc#1262179 * bsc#1262181 * bsc#1262602 * bsc#1262616 * bsc#1262665 * bsc#1262671 * bsc#1262673 * bsc#1262725 * bsc#1262731 * bsc#1262734 * bsc#1262746 * bsc#1262752 * bsc#1262758 * bsc#1263001 * bsc#1263012 * bsc#1263064 * bsc#1263065 * bsc#1263085 * bsc#1263093 * bsc#1263095 * bsc#1263104 * bsc#1263131 * bsc#1263140 * bsc#1263141 * bsc#1263149 * bsc#1263165 * bsc#1263170 * bsc#1263176 * bsc#1263556 * bsc#1263582 * bsc#1263592 * bsc#1263593 * bsc#1263595 * bsc#1263596 * bsc#1263600 * bsc#1263668 * bsc#1263723 * bsc#1263797 * bsc#1263815 * bsc#1263882 * bsc#1263901 * bsc#1263931 * bsc#1263933 * bsc#1263995 * bsc#1264014 * bsc#1264059 * bsc#1264082 * bsc#1264087 * bsc#1264097 * bsc#1264183 * bsc#1264427 * bsc#1264469 * bsc#1264482 * bsc#1264634 * bsc#1264651 * bsc#1264661 * bsc#1264674 * bsc#1264801 * bsc#1264848 * bsc#1265085 * bsc#1265090 * bsc#1265116 * bsc#1265119 * bsc#1265126 * bsc#1265144 * bsc#1265308 * bsc#1265421 * bsc#1265449 * bsc#1265456 * bsc#1265626 * bsc#1265846 * bsc#1265960 * jsc#PED-7249 Cross-References: * CVE-2023-2058 * CVE-2025-40219 * CVE-2025-71183 * CVE-2025-71238 * CVE-2026-23168 * CVE-2026-23209 * CVE-2026-23236 * CVE-2026-23237 * CVE-2026-23239 * CVE-2026-23240 * CVE-2026-23245 * CVE-2026-23246 * CVE-2026-23253 * CVE-2026-23260 * CVE-2026-23264 * CVE-2026-23266 * CVE-2026-23268 * CVE-2026-23269 * CVE-2026-23271 * CVE-2026-23273 * CVE-2026-23276 * CVE-2026-23279 * CVE-2026-23290 * CVE-2026-23291 * CVE-2026-23298 * CVE-2026-23300 * CVE-2026-23306 * CVE-2026-23307 * CVE-2026-23308 * CVE-2026-23312 * CVE-2026-23313 * CVE-2026-23315 * CVE-2026-23318 * CVE-2026-23321 * CVE-2026-23324 * CVE-2026-23325 * CVE-2026-23336 * CVE-2026-23339 * CVE-2026-23340 * CVE-2026-23346 * CVE-2026-23351 * CVE-2026-23357 * CVE-2026-23362 * CVE-2026-23363 * CVE-2026-23365 * CVE-2026-23367 * CVE-2026-23368 * CVE-2026-23370 * CVE-2026-23372 * CVE-2026-23373 * CVE-2026-23374 * CVE-2026-23378 * CVE-2026-23382 * CVE-2026-23391 * CVE-2026-23392 * CVE-2026-23393 * CVE-2026-23396 * CVE-2026-23397 * CVE-2026-23399 * CVE-2026-23403 * CVE-2026-23404 * CVE-2026-23405 * CVE-2026-23406 * CVE-2026-23407 * CVE-2026-23408 * CVE-2026-23409 * CVE-2026-23410 * CVE-2026-23411 * CVE-2026-23420 * CVE-2026-23426 * CVE-2026-23434 * CVE-2026-23440 * CVE-2026-23441 * CVE-2026-23442 * CVE-2026-23443 * CVE-2026-23446 * CVE-2026-23447 * CVE-2026-23448 * CVE-2026-23449 * CVE-2026-23450 * CVE-2026-23452 * CVE-2026-23455 * CVE-2026-23456 * CVE-2026-23457 * CVE-2026-23458 * CVE-2026-23460 * CVE-2026-23461 * CVE-2026-23462 * CVE-2026-23463 * CVE-2026-23465 * CVE-2026-23468 * CVE-2026-23472 * CVE-2026-23473 * CVE-2026-23474 * CVE-2026-23475 * CVE-2026-31389 * CVE-2026-31393 * CVE-2026-31400 * CVE-2026-31402 * CVE-2026-31403 * CVE-2026-31404 * CVE-2026-31405 * CVE-2026-31407 * CVE-2026-31408 * CVE-2026-31411 * CVE-2026-31412 * CVE-2026-31415 * CVE-2026-31416 * CVE-2026-31417 * CVE-2026-31420 * CVE-2026-31421 * CVE-2026-31422 * CVE-2026-31423 * CVE-2026-31424 * CVE-2026-31425 * CVE-2026-31426 * CVE-2026-31427 * CVE-2026-31428 * CVE-2026-31436 * CVE-2026-31449 * CVE-2026-31470 * CVE-2026-31488 * CVE-2026-31494 * CVE-2026-31496 * CVE-2026-31504 * CVE-2026-31505 * CVE-2026-31507 * CVE-2026-31512 * CVE-2026-31515 * CVE-2026-31519 * CVE-2026-31525 * CVE-2026-31528 * CVE-2026-31533 * CVE-2026-31550 * CVE-2026-31565 * CVE-2026-31570 * CVE-2026-31586 * CVE-2026-31588 * CVE-2026-31602 * CVE-2026-31607 * CVE-2026-31622 * CVE-2026-31649 * CVE-2026-31656 * CVE-2026-31662 * CVE-2026-31668 * CVE-2026-31669 * CVE-2026-31675 * CVE-2026-31679 * CVE-2026-31681 * CVE-2026-31682 * CVE-2026-31684 * CVE-2026-31685 * CVE-2026-31694 * CVE-2026-31700 * CVE-2026-31738 * CVE-2026-31787 * CVE-2026-43009 * CVE-2026-43025 * CVE-2026-43027 * CVE-2026-43037 * CVE-2026-43038 * CVE-2026-43044 * CVE-2026-43050 * CVE-2026-43060 * CVE-2026-43088 * CVE-2026-43110 * CVE-2026-43120 * CVE-2026-43126 * CVE-2026-43190 * CVE-2026-43214 * CVE-2026-43265 * CVE-2026-43329 * CVE-2026-43330 * CVE-2026-43334 * CVE-2026-43365 * CVE-2026-43366 * CVE-2026-43419 * CVE-2026-43437 * CVE-2026-43441 * CVE-2026-43494 * CVE-2026-43503 CVSS scores: * CVE-2023-2058 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2023-2058 ( NVD ): 2.4 CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N * CVE-2025-40219 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40219 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-71183 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71183 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71238 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-71238 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-71238 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23168 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23168 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23168 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23209 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23209 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23236 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23236 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23236 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23236 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2026-23237 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23237 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23239 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23239 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23240 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23245 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23245 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23245 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23246 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23253 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23253 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23260 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23260 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23260 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23264 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23264 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23266 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23266 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23266 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23268 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23268 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23269 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23269 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23269 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23271 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23271 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23273 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23276 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23276 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23279 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23279 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23279 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23290 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23290 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23290 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23291 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23291 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23298 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23298 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23298 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23300 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23300 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23300 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23306 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23306 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H * CVE-2026-23306 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23307 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23308 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23308 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23312 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23312 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23312 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23313 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23315 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23315 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23318 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23318 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23321 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23321 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23321 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23324 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23324 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23324 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23325 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23325 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23336 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23336 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23339 ( SUSE ): 2.3 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23339 ( SUSE ): 3.1 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23339 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23340 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23340 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23340 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23346 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23346 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23346 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23357 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23357 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23357 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23362 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23363 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23365 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23365 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23365 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23367 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-23367 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-23367 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23368 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23368 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23368 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23370 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23370 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23372 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23372 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23373 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23373 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23374 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23374 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23374 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23378 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23378 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23378 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23378 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23382 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23382 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23382 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23391 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23391 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23392 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23393 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23396 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23396 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23396 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23397 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23397 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23397 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23399 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23399 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23399 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23403 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23403 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23404 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23406 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23406 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23407 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23407 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23407 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23408 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23409 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23409 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23410 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23410 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23411 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23420 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23426 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23426 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23426 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23434 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23434 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23434 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23434 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23440 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23440 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23440 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23440 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23441 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23441 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23442 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23442 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23442 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23443 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23443 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23443 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23446 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23446 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23446 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23447 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23447 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23448 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23448 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23448 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23450 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23452 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23452 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23452 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23455 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23455 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23455 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23456 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23456 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-23456 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23457 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23457 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23457 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23458 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23458 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23458 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23460 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23460 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23460 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23461 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23461 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23461 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23462 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23463 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23463 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2026-23463 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23465 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2026-23465 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2026-23465 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23468 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23472 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23472 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23472 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23473 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23473 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23474 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23474 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23474 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23475 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23475 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23475 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31389 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31389 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31389 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31393 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31393 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31393 ( NVD ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31400 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31400 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31400 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31402 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31402 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-31402 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31403 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31404 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31404 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31404 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31405 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31405 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31407 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31407 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31407 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31408 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31408 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31408 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31411 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31411 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31411 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31412 ( SUSE ): 7.0 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31412 ( SUSE ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31412 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31415 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31415 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31415 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31416 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31416 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-31416 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31417 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31417 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31417 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31420 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31421 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31421 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31421 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31422 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31422 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31422 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31423 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31423 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31423 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31424 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31424 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31424 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31425 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31425 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31426 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31426 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-31426 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31427 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-31427 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2026-31427 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31428 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31428 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31428 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31436 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31436 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31436 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31449 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-31470 ( SUSE ): 6.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31470 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31470 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31488 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31488 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31488 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31494 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-31494 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2026-31494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31496 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31496 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31496 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31504 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31504 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31504 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31505 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31507 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31512 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31512 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-31512 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31515 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31515 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31515 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31519 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31519 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31525 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31525 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31525 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31528 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31528 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31528 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31533 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31550 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31550 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31550 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31565 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31565 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31565 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31570 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:N/SA:N * CVE-2026-31570 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31586 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31588 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-31602 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31602 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31602 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31607 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31607 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2026-31607 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31622 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31622 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31622 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31649 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31656 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31662 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31662 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31662 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31668 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-31668 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2026-31668 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31669 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31675 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31675 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2026-31675 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31679 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31679 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31679 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31681 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31681 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31681 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31682 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31682 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31682 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31684 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31684 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-31684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31685 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31685 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31685 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31694 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31694 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31694 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31700 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31738 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43009 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-43027 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43027 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43038 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43038 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43044 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43044 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43044 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43050 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43060 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43060 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43088 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-43088 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-43110 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43110 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43110 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43120 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43126 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43190 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43190 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43190 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43214 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43214 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43214 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43265 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43265 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43265 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43329 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43329 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43329 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43330 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43330 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43330 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43334 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-43334 ( SUSE ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-43334 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43365 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43365 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43365 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43366 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43366 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43366 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43419 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-43419 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-43437 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43437 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43441 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43441 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43494 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43494 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43503 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43503 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43503 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 * SUSE Linux Micro Extras 6.1 An update that solves 181 vulnerabilities, contains one feature and has 19 fixes can now be installed. ## Description: The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2023-2058: x86/CPU: Fix FPDSS on Zen1 (bsc#1243603). * CVE-2025-71183: btrfs: always detect conflicting inodes when logging inode refs (bsc#1257631). * CVE-2026-23168: flex_proportions: make fprop_new_period() hardirq safe (bsc#1258826). * CVE-2026-23239: espintcp: Fix race condition in espintcp_close() (bsc#1259485). * CVE-2026-23240: tls: Fix race condition in tls_sw_cancel_work_tx() (bsc#1259484). * CVE-2026-23245: net/sched: act_gate: snapshot parameters with RCU on replace (bsc#1259799). * CVE-2026-23271: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race (bsc#1260018). * CVE-2026-23276: net: move dev_xmit_recursion() helpers to net/core/dev.h (bsc#1260012). * CVE-2026-23300: net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop (bsc#1260538). * CVE-2026-23306: scsi: pm8001: Fix use-after-free in pm8001_queue_command() (bsc#1260501). * CVE-2026-23313: i40e: Fix preempt count leak in napi poll tracepoint (bsc#1260555). * CVE-2026-23321: mptcp: pm: in-kernel: always mark signal+subflow endp as used (bsc#1260505). * CVE-2026-23340: net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs (bsc#1260523). * CVE-2026-23346: mm/ioremap: define generic_ioremap_prot() and generic_iounmap() (bsc#1260529). * CVE-2026-23351: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase (bsc#1260526). * CVE-2026-23368: net: phy: register phy led_triggers during probe to avoid AB-BA deadlock (bsc#1260530). * CVE-2026-23374: blktrace: fix __this_cpu_read/write in preemptible context (bsc#1260811). * CVE-2026-23378: net/sched: act_ife: Fix metalist update behavior (bsc#1260546). * CVE-2026-23391: netfilter: xt_CT: drop pending enqueued packets on template removal (bsc#1260566). * CVE-2026-23392: netfilter: nf_tables: release flowtable after rcu grace period on error (bsc#1260531). * CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260522). * CVE-2026-23397: nfnetlink_osf: validate individual option lengths in fingerprints (bsc#1260728). * CVE-2026-23399: nf_tables: nft_dynset: fix possible stateful expression memleak in error path (bsc#1261020). * CVE-2026-23440: net/mlx5e: Fix race condition during IPSec ESN update (bsc#1261641). * CVE-2026-23441: net/mlx5e: Prevent concurrent access to IPSec ASO context (bsc#1261768). * CVE-2026-23442: ipv6: add NULL checks for idev in SRv6 paths (bsc#1261581). * CVE-2026-23449: net/sched: teql: Fix double-free in teql_master_xmit (bsc#1261779). * CVE-2026-23450: net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock() (bsc#1261584). * CVE-2026-23455: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() (bsc#1261687). * CVE-2026-23456: netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case (bsc#1261703). * CVE-2026-23457: netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp() (bsc#1261686). * CVE-2026-23458: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() (bsc#1261781). * CVE-2026-23461: Bluetooth: L2CAP: Fix use-after-free in l2cap_unregister_user (bsc#1261707). * CVE-2026-23462: Bluetooth: HIDP: Fix possible UAF (bsc#1261710). * CVE-2026-23468: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion (bsc#1261692). * CVE-2026-23472: serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN (bsc#1261636). * CVE-2026-23473: io_uring/poll: fix multishot recv missing EOF on wakeup race (bsc#1261694). * CVE-2026-31400: sunrpc: fix cache_request leak in cache_release (bsc#1261645). * CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (bsc#1261638). * CVE-2026-31403: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd (bsc#1261796). * CVE-2026-31404: xfs: avoid dereferencing log items after push callbacks (bsc#1261628). * CVE-2026-31407: netfilter: conntrack: add missing netlink policy validations (bsc#1261632). * CVE-2026-31411: net: atm: fix crash due to unvalidated vcc pointer in sigd_send() (bsc#1261752). * CVE-2026-31415: ipv6: avoid overflows in ip6_datagram_send_ctl() (bsc#1262099). * CVE-2026-31416: netfilter: nfnetlink_log: account for netlink header size (bsc#1262100). * CVE-2026-31420: bridge: mrp: reject zero test interval to avoid OOM panic (bsc#1262055). * CVE-2026-31421: net/sched: cls_fw: fix NULL pointer dereference on shared blocks (bsc#1262061). * CVE-2026-31422: net/sched: cls_flow: fix NULL pointer dereference on shared blocks (bsc#1262054). * CVE-2026-31423: net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() (bsc#1262063). * CVE-2026-31424: netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP (bsc#1262053). * CVE-2026-31425: rds: ib: reject FRMR registration before IB connection is established (bsc#1262074). * CVE-2026-31427: netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp (bsc#1262086). * CVE-2026-31428: netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD (bsc#1262087). * CVE-2026-31436: dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() (bsc#1262602). * CVE-2026-31449: ext4: validate p_idx bounds in ext4_ext_correct_indexes (bsc#1262616). * CVE-2026-31470: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (bsc#1262665). * CVE-2026-31488: drm/amd/display: Do not skip unrelated mode changes in DSC validation (bsc#1262746). * CVE-2026-31494: net: cadence: macb: Synchronize stats calculations (bsc#1262671). * CVE-2026-31496: netfilter: nf_conntrack_expect: skip expectations in other netns via proc (bsc#1262673). * CVE-2026-31504: net: fix fanout UAF in packet_release() via NETDEV_UP race (bsc#1263085). * CVE-2026-31505: iavf: fix out-of-bounds writes in iavf_get_ethtool_stats() (bsc#1263093). * CVE-2026-31507: net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer (bsc#1263095). * CVE-2026-31512: Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv() (bsc#1262734). * CVE-2026-31515: af_key: validate families in pfkey_send_migrate() (bsc#1262752). * CVE-2026-31519: btrfs: set BTRFS_ROOT_ORPHAN_CLEANUP during subvol create (bsc#1263012). * CVE-2026-31525: bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN (bsc#1262725). * CVE-2026-31528: perf: Make sure to use pmu_ctx->pmu for groups (bsc#1263001). * CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (bsc#1262758). * CVE-2026-31550: pmdomain: bcm: bcm2835-power: Increase ASB control timeout (bsc#1263104). * CVE-2026-31565: RDMA/irdma: Fix deadlock during netdev reset with active connections (bsc#1263064). * CVE-2026-31570: can: gw: fix OOB heap access in cgw_csum_crc8_rel() (bsc#1263065). * CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (bsc#1263176). * CVE-2026-31588: KVM: x86: Use scratch field in MMIO fragment to hold small write values (bsc#1263165). * CVE-2026-31602: ALSA: ctxfi: Limit PTP to a single page (bsc#1263723). * CVE-2026-31607: usbip: validate number_of_packets in usbip_pack_ret_submit() (bsc#1263600). * CVE-2026-31622: NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (bsc#1263797). * CVE-2026-31649: net: stmmac: fix integer underflow in chain mode (bsc#1263582). * CVE-2026-31656: drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (bsc#1263170). * CVE-2026-31662: tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG (bsc#1263131). * CVE-2026-31668: seg6: separate dst_cache for input and output paths in seg6 lwtunnel (bsc#1263140). * CVE-2026-31669: mptcp: fix slab-use-after-free in __inet_lookup_established (bsc#1263141). * CVE-2026-31675: net/sched: sch_netem: fix out-of-bounds access in packet corruption (bsc#1263556). * CVE-2026-31679: openvswitch: validate MPLS set/set_masked payload length (bsc#1263592). * CVE-2026-31681: netfilter: xt_multiport: validate range encoding in checkentry (bsc#1263593). * CVE-2026-31682: bridge: br_nd_send: linearize skb before parsing ND options (bsc#1263595). * CVE-2026-31684: net: sched: act_csum: validate nested VLAN headers (bsc#1263596). * CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263668). * CVE-2026-31694: fuse: reject oversized dirents in page cache (bsc#1263901). * CVE-2026-31700: net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (bsc#1263882). * CVE-2026-31738: vxlan: validate ND option lengths in vxlan_na_create (bsc#1264059). * CVE-2026-31787: xen/privcmd: fix double free via VMA splitting (bsc#1262181). * CVE-2026-43009: bpf: Fix incorrect pruning due to atomic fetch precision tracking (bsc#1264014). * CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new expectations (bsc#1263931). * CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect cleanup (bsc#1263933). * CVE-2026-43037: ip6_tunnel: clear skb2->cb in ip4ip6_err() (bsc#1263995). * CVE-2026-43038: ipv6: icmp: clear skb2->cb in ip6_err_gen_icmpv6_unreach() (bsc#1264097). * CVE-2026-43044: crypto: caam - fix DMA corruption on long hmac keys (bsc#1264087). * CVE-2026-43050: atm: lec: fix use-after-free in sock_def_readable() (bsc#1264082). * CVE-2026-43060: netfilter: nft_ct: drop pending enqueued packets on removal (bsc#1264183). * CVE-2026-43088: net: af_key: zero aligned sockaddr tail in PF_KEY exports (bsc#1264469). * CVE-2026-43110: wifi: brcmfmac: validate bsscfg indices in IF events (bsc#1264482). * CVE-2026-43120: RDMA/irdma: Fix double free related to rereg_user_mr. * CVE-2026-43126: ALSA: mixer: oss: Add card disconnect checkpoints (bsc#1264634). * CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264848). * CVE-2026-43214: KVM: x86: Add SRCU protection for reading PDPTRs in __get_sregs2() (bsc#1264651). * CVE-2026-43265: KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block() (bsc#1264427). * CVE-2026-43329: netfilter: flowtable: strictly check for maximum number of actions (bsc#1265085). * CVE-2026-43330: crypto: caam - fix overflow on long hmac keys (bsc#1264801). * CVE-2026-43334: Bluetooth: SMP: force responder MITM requirements before building the pairing response (bsc#1265090). * CVE-2026-43365: xfs: fix undersized l_iclog_roundoff values (bsc#1265119). * CVE-2026-43366: io_uring/kbuf: check if target buffer list is still legacy on recycle (bsc#1265116). * CVE-2026-43419: ceph: fix memory leaks in ceph_mdsc_build_path() (bsc#1264661). * CVE-2026-43437: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (bsc#1265126). * CVE-2026-43441: net: bonding: Fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1264674). * CVE-2026-43494: net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * CVE-2026-43503: net: skbuff: propagate shared-frag marker through frag- transfer helpers (bsc#1265960). The following non security issues were fixed: * accel/qaic: Add overflow check to remap_pfn_range during mmap (git-fixes). * ACPI: AGDI: fix missing newline in error message (git-fixes). * ACPI: CPPC: Fix related_cpus inconsistency during CPU hotplug (git-fixes). * ACPI: scan: Use acpi_dev_put() in object add error paths (git-fixes). * ACPI: video: force native backlight on HP OMEN 16 (8A44) (stable-fixes). * ALSA: 6fire: Fix input volume change detection (git-fixes). * ALSA: 6fire: fix use-after-free on disconnect (git-fixes). * ALSA: aoa: i2sbus: clear stale prepared state (git-fixes). * ALSA: aoa: i2sbus: fix OF node lifetime handling (git-fixes). * ALSA: aoa: Skip devices with no codecs in i2sbus_resume() (git-fixes). * ALSA: aoa: Use guard() for mutex locks (stable-fixes). * ALSA: asihpi: avoid write overflow check warning (stable-fixes). * ALSA: caiaq: Don't abort when no input device is available (git-fixes). * ALSA: caiaq: Fix control_put() result and cache rollback (git-fixes). * ALSA: caiaq: Fix potentially leftover ep1_in_urb at error path (git-fixes). * ALSA: caiaq: fix usb_dev refcount leak on probe failure (git-fixes). * ALSA: caiaq: Handle probe errors properly (git-fixes). * ALSA: caiaq: take a reference on the USB device in create_card() (git- fixes). * ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names() (git-fixes). * ALSA: core: Fix potential data race at fasync handling (git-fixes). * ALSA: core: Serialize deferred fasync state checks (git-fixes). * ALSA: core: Validate compress device numbers without dynamic minors (git- fixes). * ALSA: ctxfi: Add fallback to default RSR for S/PDIF (git-fixes). * ALSA: ctxfi: Fix missing SPDIFI1 index handling (stable-fixes). * ALSA: ctxfi: Limit PTP to a single page (git-fixes). * ALSA: firewire-tascam: Do not drop unread control events (git-fixes). * ALSA: fireworks: bound device-supplied status before string array lookup (git-fixes). * ALSA: hda/realtek - fixed speaker no sound update (git-fixes). * ALSA: hda/realtek: Add HP ENVY Laptop 13-ba0xxx quirk (stable-fixes). * ALSA: hda/realtek: Add mute LED quirk for HP Pavilion 15-eg0xxx (stable- fixes). * ALSA: hda/realtek: Add quirk for ASUS ROG Flow Z13-KJP GZ302EAC (stable- fixes). * ALSA: hda/realtek: add quirk for Framework F111:000F (stable-fixes). * ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14IAH10 (stable-fixes). * ALSA: hda/realtek: fix code style (ERROR: else should follow close brace '}') (git-fixes). * ALSA: misc: Use guard() for spin locks (stable-fixes). * ALSA: scarlett2: Add missing sentinel initializer field (git-fixes). * ALSA: seq: Notify client and port info changes (stable-fixes). * ALSA: seq_oss: return full count for successful SEQ_FULLSIZE writes (stable- fixes). * ALSA: usb-audio: apply quirk for MOONDROP JU Jiu (stable-fixes). * ALSA: usb-audio: Avoid false E-MU sample-rate notifications (git-fixes). * ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3() (git- fixes). * ALSA: usb-audio: Evaluate packsize caps at the right place (git-fixes). * ALSA: usb-audio: Fix Audio Advantage Micro II SPDIF switch (git-fixes). * ALSA: usb-audio: Fix potential leak of pd at parsing UAC3 streams (git- fixes). * ALSA: usb-audio: Fix quirk flags for NeuralDSP Quad Cortex (stable-fixes). * ALSA: usb-audio: Fix UAC3 cluster descriptor size check (git-fixes). * ALSA: usb-audio: midi2: Restart output URBs on resume (git-fixes). * ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES (git-fixes). * ASoC: amd: yc: Add DMI entry for HP Laptop 15-fc0xxx (stable-fixes). * ASoC: amd: yc: Add DMI quirk for ASUS EXPERTBOOK BM1403CDA (stable-fixes). * ASoC: amd: yc: Add DMI quirk for Thin A15 B7VF (stable-fixes). * ASoC: amd: yc: Add HP OMEN Gaming Laptop 16-ap0xxx product line in quirk table (stable-fixes). * ASoC: codecs: ab8500: Fix casting of private data (git-fixes). * ASoC: cs35l56: Destroy workqueue in probe error path (git-fixes). * ASoC: cs35l56: Don't use devres to unregister component (git-fixes). * ASoC: fsl_easrc: Change the type for iec958 channel status controls (git- fixes). * ASoC: fsl_easrc: Check the variable range in fsl_easrc_iec958_put_bits() (git-fixes). * ASoC: fsl_easrc: fix comment typo (git-fixes). * ASoC: fsl_easrc: Fix value type in fsl_easrc_iec958_get_bits() (git-fixes). * ASoC: fsl_micfil: Add access property for "VAD Detected" (git-fixes). * ASoC: fsl_micfil: Fix event generation in hwvad_put_enable() (git-fixes). * ASoC: fsl_micfil: Fix event generation in hwvad_put_init_mode() (git-fixes). * ASoC: fsl_micfil: Fix event generation in micfil_put_dc_remover_state() (git-fixes). * ASoC: fsl_micfil: Fix event generation in micfil_quality_set() (git-fixes). * ASoC: fsl_xcvr: Fix event generation for cached controls (git-fixes). * ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_arc_mode_put() (git-fixes). * ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_mode_put() (git-fixes). * ASoC: Intel: bytcr_wm5102: Fix MCLK leak on platform_clock_control error (git-fixes). * ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens (git-fixes). * ASoC: qcom: q6apm: move component registration to unmanaged version (git- fixes). * ASoC: qcom: q6apm: remove child devices when apm is removed (git-fixes). * ASoC: qcom: qdsp6: topology: check widget type before accessing data (git- fixes). * ASoC: soc-core: call missing INIT_LIST_HEAD() for card_aux_list (stable- fixes). * ASoC: SOF: compress: return the configured codec from get_params (git- fixes). * ASoC: SOF: Don't allow pointer operations on unconfigured streams (git- fixes). * ASoC: SOF: Intel: hda: Place check before dereference (git-fixes). * ASoC: SOF: topology: reject invalid vendor array size in token parser (stable-fixes). * ASoC: sti: Return errors from regmap_field_alloc() (git-fixes). * ASoC: sti: use managed regmap_field allocations (git-fixes). * ASoC: stm32_sai: fix incorrect BCLK polarity for DSP_A/B, LEFT_J (stable- fixes). * ata: ahci: force 32-bit DMA for JMicron JMB582/JMB585 (stable-fixes). * batman-adv: bla: only purge non-released claims (git-fixes). * batman-adv: bla: prevent use-after-free when deleting claims (git-fixes). * batman-adv: bla: put backbone reference on failed claim hash insert (git- fixes). * batman-adv: fix integer overflow on buff_pos (git-fixes). * batman-adv: hold claim backbone gateways by reference (git-fixes). * batman-adv: reject new tp_meter sessions during teardown (git-fixes). * batman-adv: reject oversized global TT response buffers (git-fixes). * batman-adv: stop caching unowned originator pointers in BAT IV (git-fixes). * Bluetooth: bnep: fix incorrect length parsing in bnep_rx_frame() extension handling (git-fixes). * Bluetooth: fix locking in hci_conn_request_evt() with HCI_PROTO_DEFER (git- fixes). * Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt (git-fixes). * Bluetooth: hci_event: fix potential UAF in SSP passkey handlers (git-fixes). * Bluetooth: hci_ldisc: Clear HCI_UART_PROTO_INIT on error (git-fixes). * Bluetooth: HIDP: serialise l2cap_unregister_user via hidp_session_sem (git- fixes). * Bluetooth: ISO: Fix data-race on dst in iso_sock_connect() (git-fixes). * Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp (git- fixes). * Bluetooth: l2cap: fix MPS check in l2cap_ecred_reconf_req (git-fixes). * Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb() (git- fixes). * Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_state_change_cb() (git- fixes). * Bluetooth: L2CAP: Fix printing wrong information if SDU length exceeds MTU (git-fixes). * Bluetooth: RFCOMM: pull credit byte with skb_pull_data() (git-fixes). * Bluetooth: SCO: check for codecs->num_codecs == 1 before assigning to sco_pi(sk)->codec (git-fixes). * Bluetooth: SCO: fix sleeping under spinlock in sco_conn_ready (git-fixes). * Bluetooth: SCO: hold sk properly in sco_conn_ready (git-fixes). * Bluetooth: virtio_bt: clamp rx length before skb_put (git-fixes). * Bluetooth: virtio_bt: validate rx pkt_type header length (git-fixes). * btrfs: do not skip logging new dentries when logging a new name (git-fixes). * btrfs: reject root items with drop_progress and zero drop_level (git-fixes). * btrfs: replace BUG() with error handling in __btrfs_balance() (git-fixes). * can: mcp251x: add error handling for power enable in open and resume (stable-fixes). * can: raw: fix ro->uniq use-after-free in raw_rcv() (git-fixes). * can: ucan: fix devres lifetime (git-fixes). * cdc-acm: new quirk for EPSON HMD (stable-fixes). * check-for-config-changes: Exclude CC_MS_EXTENSIONS. * check-for-config-changes: Exclude HAVE_CFI_ICALL_NORMALIZE_INTEGERS{,_RUSTC}. * checkpatch: add support for Assisted-by tag (stable-fixes). * comedi: dt2815: add hardware detection to prevent crash (stable-fixes). * crypto: algif_aead - Fix minimum RX size check for decryption (git-fixes). * crypto: arm64/aes - Fix 32-bit aes_mac_update() arg treated as 64-bit (git- fixes). * crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup (git- fixes). * crypto: atmel-ecc - Release client on allocation failure (git-fixes). * crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path (git-fixes). * crypto: atmel-tdes - fix DMA sync direction (git-fixes). * crypto: authencesn - reject short ahash digests during instance creation (git-fixes). * crypto: ccp - copy IV using skcipher ivsize (git-fixes). * crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed (git-fixes). * crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed (git-fixes). * crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed (git-fixes). * crypto: ccree - fix a memory leak in cc_mac_digest() (git-fixes). * crypto: hisilicon - Fix dma_unmap_single() direction (git-fixes). * crypto: jitterentropy - replace long-held spinlock with mutex (git-fixes). * crypto: pcrypt - Fix handling of MAY_BACKLOG requests (git-fixes). * crypto: qat - fix type mismatch in RAS sysfs show functions (git-fixes). * crypto: qat - use swab32 macro (git-fixes). * crypto: sa2ul - Fix AEAD fallback algorithm names (git-fixes). * crypto: simd - reject compat registrations without __ prefixes (git-fixes). * crypto: talitos - fix SEC1 32k ahash request limitation (git-fixes). * crypto: testmgr - Hide ENOENT errors (stable-fixes). * crypto: testmgr - Hide ENOENT errors better (git-fixes). * devres: fix missing node debug info in devm_krealloc() (git-fixes). * dm init: ensure device probing has finished in dm-mod.waitfor= (git-fixes). * dmaengine: dw-axi-dmac: Remove unnecessary return statement from void function (git-fixes). * dmaengine: mxs-dma: Fix missing return value from of_dma_controller_register() (git-fixes). * drm/amd/display: Add NULL check for integrated_info in clk_mgr_construct (git-fixes). * drm/amd/display: Allow DCE link encoder without AUX registers (git-fixes). * drm/amd/display: Avoid NULL dereference in dc_dmub_srv error paths (git- fixes). * drm/amd/display: Disable 10-bit truncation and dithering on DCE 6.x (git- fixes). * drm/amd/display: Read EDID from VBIOS embedded panel info (git-fixes). * drm/amd/pm/ci: Clear EnabledForActivity field for memory levels (git-fixes). * drm/amd/pm/ci: Disable MCLK DPM on problematic CI ASICs (git-fixes). * drm/amd/pm/ci: Fill DW8 fields from SMC (git-fixes). * drm/amd/pm/ci: Fix powertune defaults for Hawaii 0x67B0 (git-fixes). * drm/amd/pm/ci: Use highest MCLK on CI when MCLK DPM is disabled (git-fixes). * drm/amd/pm/smu7: Add SCLK cap for quirky Hawaii board (git-fixes). * drm/amd/pm/smu7: Fix SMU7 voltage dependency on display clock (git-fixes). * drm/amdgpu/gfx6: Support harvested SI chips with disabled TCCs (v2) (git- fixes). * drm/amdgpu/gfx9: drop unnecessary 64-bit fence flag check in KIQ (stable- fixes). * drm/amdgpu/gfx10: look at the right prop for gfx queue priority (git-fixes). * drm/amdgpu/gmc: Fix AMDGPU_GART_PLACEMENT_LOW to not overlap with VRAM (git- fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v2.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v2.5 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v3.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.3 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.5 ring (git-fixes). * drm/amdgpu/pm: add missing revision check for CI (git-fixes). * drm/amdgpu/pm: align Hawaii mclk workaround with radeon (git-fixes). * drm/amdgpu/sdma4: replace BUG_ON with WARN_ON in fence emission (git-fixes). * drm/amdgpu/vce: Prevent partial address patches (stable-fixes). * drm/amdgpu/vcn3: Avoid overflow on msg bound check (git-fixes). * drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg (stable-fixes). * drm/amdgpu/vcn4: Avoid overflow on msg bound check (git-fixes). * drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg (stable-fixes). * drm/amdgpu/vcn4: Prevent OOB reads when parsing IB (stable-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v2.0 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v2.5 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v3.0 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0.3 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0.5 enc ring (git-fixes). * drm/amdgpu: Add bounds checking to ib_{get,set}_value (stable-fixes). * drm/amdgpu: fix AMDGPU_INFO_READ_MMR_REG (git-fixes). * drm/amdgpu: fix zero-size GDS range init on RDNA4 (stable-fixes). * drm/amdgpu: zero-initialize GART table on allocation (stable-fixes). * drm/amdkfd: Add upper bound check for num_of_nodes (stable-fixes). * drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure (stable- fixes). * drm/amdkfd: validate SVM ioctl nattr against buffer size (stable-fixes). * drm/arcpgu: fix device node leak (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Add mode_valid hook to drm_bridge_funcs (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Handle HDCP state in bridge atomic check (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Set the mhdp connector earlier in atomic_enable() (git-fixes). * drm/etnaviv: Fix armed job not being pushed to the DRM scheduler (git- fixes). * drm/fb-helper: Fix clipping when damage area spans a single scanline (git- fixes). * drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() (git-fixes). * drm/gma500/oaktrail_hdmi: fix i2c adapter leak on setup (git-fixes). * drm/gma500/oaktrail_lvds: fix hang on init failure (git-fixes). * drm/gma500/oaktrail_lvds: fix i2c adapter leaks on init (git-fixes). * drm/i915/dp: Fix VSC dynamic range signaling for RGB formats (git-fixes). * drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (git- fixes). * drm/i915/wm: Verify the correct plane DDB entry (git-fixes). * drm/i915: skip __i915_request_skip() for already signaled requests (git- fixes). * drm/komeda: fix integer overflow in AFBC framebuffer size check (git-fixes). * drm/msm/a6xx: Fix dumping A650+ debugbus blocks (git-fixes). * drm/msm/a6xx: Fix HLSQ register dumping (git-fixes). * drm/msm/a6xx: Use barriers while updating HFI Q headers (git-fixes). * drm/msm/dpu: fix mismatch between power and frequency (git-fixes). * drm/msm/dsi: add the missing parameter description (git-fixes). * drm/msm/dsi: fix bits_per_pclk (git-fixes). * drm/msm/dsi: fix hdisplay calculation for CMD mode panel (git-fixes). * drm/msm/dsi: rename MSM8998 DSI version from V2_2_0 to V2_0_0 (git-fixes). * drm/msm/shrinker: Fix can_block() logic (git-fixes). * drm/nouveau: fix u32 overflow in pushbuf reloc bounds check (git-fixes). * drm/panel: sharp-ls043t1le01: make use of prepare_prev_first (git-fixes). * drm/panel: simple: Correct G190EAN01 prepare timing (git-fixes). * drm/panfrost: Fix wait_bo ioctl leaking positive return from dma_resv_wait_timeout() (git-fixes). * drm/radeon: add missing revision check for CI (git-fixes). * drm/sun4i: backend: fix error pointer dereference (git-fixes). * drm/sun4i: Fix resource leaks (git-fixes). * drm/vc4: Fix a memory leak in hang state error path (git-fixes). * drm/vc4: Fix memory leak of BO array in hang state (git-fixes). * drm/vc4: platform_get_irq_byname() returns an int (stable-fixes). * drm/vc4: Protect madv read in vc4_gem_object_mmap() with madv_lock (git- fixes). * drm/vc4: Release runtime PM reference after binding V3D (git-fixes). * drm/vram: remove DRM_VRAM_MM_FILE_OPERATIONS from docs (git-fixes). * dt-bindings: net: Fix Tegra234 MGBE PTP clock (git-fixes). * efi/capsule-loader: fix incorrect sizeof in phys array reallocation (git- fixes). * efi: pstore: Drop efivar lock when efi_pstore_open() returns with an error (git-fixes). * ext4: fix fsync(2) for nojournal mode (git-fixes). * ext4: make recently_deleted() properly work with lazy itable initialization (git-fixes). * ext4: reject mount if bigalloc with s_first_data_block != 0 (git-fixes). * extcon: ptn5150: handle pending IRQ events during system resume (git-fixes). * fbdev: matroxfb: Mark variable with __maybe_unused to avoid W=1 build break (git-fixes). * fbdev: offb: fix PCI device reference leak on probe failure (git-fixes). * fbdev: tdfxfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (stable-fixes). * fbdev: udlfb: add vm_ops to dlfb_ops_mmap to prevent use-after-free (stable- fixes). * fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (git-fixes). * firmware: dmi: Correct an indexing error in dmi.h (git-fixes). * gpio: tegra: fix irq_release_resources calling enable instead of disable (git-fixes). * gtp: disable BH before calling udp_tunnel_xmit_skb() (git-fixes). * HID: alps: fix NULL pointer dereference in alps_raw_event() (git-fixes). * HID: asus: do not abort probe when not necessary (git-fixes). * HID: asus: make asus_resume adhere to linux kernel coding standards (git- fixes). * HID: core: clamp report_size in s32ton() to avoid undefined shift (stable- fixes). * HID: multitouch: Check to ensure report responses match the request (stable- fixes). * HID: playstation: Clamp num_touch_reports (git-fixes). * HID: quirks: add HID_QUIRK_ALWAYS_POLL for 8BitDo Pro 3 (stable-fixes). * HID: roccat: fix use-after-free in roccat_report_event (stable-fixes). * HID: usbhid: fix deadlock in hid_post_reset() (git-fixes). * HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq (stable-fixes). * hv_sock: fix ARM64 support (git-fixes). * hwmon: (ads7871) Fix endianness bug in 16-bit register reads (git-fixes). * hwmon: (corsair-psu) Close HID device on probe errors (git-fixes). * hwmon: (lm63) Add locking to avoid TOCTOU (git-fixes). * hwmon: (ltc2992) Clamp threshold writes to hardware range (git-fixes). * hwmon: (ltc2992) Fix u32 overflow in power read path (git-fixes). * i2c: s3c24xx: check the size of the SMBUS message before using it (stable- fixes). * i2c: smbus: reject oversized block transfers in the common path (git-fixes). * i2c: stm32f7: reinit_completion() per transfer not per msg (git-fixes). * i2c: stub: Reject I2C block transfers with invalid length (git-fixes). * i3c: master: Fix error codes at send_ccc_cmd (git-fixes). * i3c: mipi-i3c-hci: fix IBI payload length calculation for final status (git- fixes). * ibmveth: Disable GSO for packets with small MSS (bsc#1265144). * ice: set max queues in alloc_etherdev_mqs() (git-fixes). * iio: adc: ad7768-1: fix one-shot mode data acquisition (git-fixes). * iio: adc: ti-adc161s626: use DMA-safe memory for spi_read() (git-fixes). * iio: adc: ti-ads7950: use iio_push_to_buffers_with_ts_unaligned() (git- fixes). * Input: i8042 - add TUXEDO InfinityBook Max 16 Gen10 AMD to i8042 quirk table (stable-fixes). * Input: uinput - fix circular locking dependency with ff-core (git-fixes). * Input: uinput - take event lock when submitting FF request "event" (stable- fixes). * Input: xpad - add support for BETOP BTP-KP50B/C controller's wireless mode (stable-fixes). * Input: xpad - add support for Razer Wolverine V3 Pro (stable-fixes). * ipmi: Add limits to event and receive message requests (git-fixes). * ipmi: Check event message buffer response for bad data (git-fixes). * ipmi: ssif_bmc: change log level to dbg in irq callback (git-fixes). * ipmi: ssif_bmc: fix message desynchronization after truncated response (git- fixes). * ipmi: ssif_bmc: fix missing check for copy_to_user() partial failure (git- fixes). * irqchip/irq-pic32-evic: Address warning related to wrong printf() formatter (git-fixes). * kdump, documentation: describe craskernel CMA reservation (jsc#PED-7249). * KVM: Reject wrapped offset in kvm_reset_dirty_gfn() (git-fixes). * KVM: SVM: Mark VMCB_NPT as dirty on nested VMRUN (git-fixes). * KVM: SVM: Mark VMCB_PERM_MAP as dirty on nested VMRUN (git-fixes). * KVM: x86/mmu: Retry fault before acquiring mmu_lock if mapping is changing (bsc#1253122). * KVM: x86/xen: Fix cleanup logic in emulation of Xen schedop poll hypercalls (git-fixes). * KVM: x86: check for nEPT/nNPT in slow flush hypercalls (git-fixes). * KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (git- fixes). * KVM: x86: hyper-v: Validate all GVAs during PV TLB flush (git-fixes). * KVM: x86: Ignore cpuid faulting in SMM (git-fixes). * leds: lgm-sso: Remove duplicate assignments for priv->mmap (git-fixes). * lib/hexdump: print_hex_dump_bytes() calls print_hex_dump_debug() (git- fixes). * media: amphion: Fix race between m2m job_abort and device_run (git-fixes). * media: as102: fix to not free memory after the device is registered in as102_usb_probe() (git-fixes). * media: dib8000: avoid division by 0 in dib8000_set_dds() (git-fixes). * media: em28xx: fix use-after-free in em28xx_v4l2_open() (git-fixes). * media: hackrf: fix to not free memory after the device is registered in hackrf_probe() (git-fixes). * media: i2c: imx219: Check return value of devm_gpiod_get_optional() in imx219_probe() (git-fixes). * media: i2c: imx412: Assert reset GPIO during probe (git-fixes). * media: i2c: ov08d10: fix image vertical start setting (git-fixes). * media: i2c: ov8856: free control handler on error in ov8856_init_controls() (git-fixes). * media: mtk-jpeg: fix use-after-free in release path due to uncancelled work (git-fixes). * media: omap3isp: drop the use count of v4l2 pipeline (git-fixes). * media: pci: zoran: fix potential memory leak in zoran_probe() (git-fixes). * media: rc: streamzap: Error handling in probe (git-fixes). * media: rc: xbox_remote: heed DMA restrictions (git-fixes). * media: saa7164: add ioremap return checks and cleanups (git-fixes). * media: staging: imx: configure src_mux in csi_start (git-fixes). * media: staging: imx: request mbus_config in csi_start (git-fixes). * media: uvcvideo: Enable VB2_DMABUF for metadata stream (git-fixes). * media: videobuf2: Set vma_flags in vb2_dma_sg_mmap (git-fixes). * media: vidtv: fix nfeeds state corruption on start_streaming failure (git- fixes). * media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections (git-fixes). * media: vidtv: fix pass-by-value structs causing MSAN warnings (git-fixes). * memory: tegra30-emc: Fix dll_change check (git-fixes). * memory: tegra124-emc: Fix dll_change check (git-fixes). * mfd: mc13xxx-core: Fix memory leak in mc13xxx_add_subdevice_pdata() (git- fixes). * mkspec: Add signature to source list only when it exists. * mmc: sdhci-of-dwcmshc: Disable clock before DLL configuration (git-fixes). * mmc: vub300: fix NULL-deref on disconnect (git-fixes). * modpost: Amend ppc64 save/restfpr symnames for -Os build (bsc#1215199). * mtd: docg3: Convert to platform remove callback returning void (stable- fixes). * mtd: docg3: fix use-after-free in docg3_release() (git-fixes). * mtd: parsers: ofpart: call of_node_get() for dedicated subpartitions (git- fixes). * mtd: parsers: ofpart: call of_node_put() only in ofpart_fail path (git- fixes). * mtd: physmap_of_gemini: Fix disabled pinctrl state check (git-fixes). * mtd: rawnand: sunxi: fix sunxi_nfc_hw_ecc_read_extra_oob (git-fixes). * mtd: spi-nor: core: correct the op.dummy.nbytes when check read operations (git-fixes). * mtd: spi-nor: sst: Factor out common write operation to `sst_nor_write_data()` (stable-fixes). * mtd: spi-nor: sst: Fix SST write failure (git-fixes). * mtd: spi-nor: sst: Fix write enable before AAI sequence (git-fixes). * mtd: spi-nor: swp: check SR_TB flag when getting tb_mask (git-fixes). * net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * net/sched: cls_fw: fix NULL dereference of "old" filters before change() (git-fixes). * net/sched: fix pedit partial COW leading to page cache corruption (bsc#1265421). * net: gro: don't merge zcopy skbs (git-fixes). * net: mana: Add MAC address to vPort logs and clarify error messages (git- fixes). * net: mana: check xdp_rxq registration before unreg in mana_destroy_rxq() (git-fixes). * net: mana: Don't overwrite port probe error with add_adev result (git- fixes). * net: mana: Fix crash from unvalidated SHM offset read from BAR0 during FLR (bsc#1265846). * net: mana: Fix EQ leak in mana_remove on NULL port (git-fixes). * net: mana: Fix RX skb truesize accounting (bsc#1248754). * net: mana: fix use-after-free in mana_hwc_destroy_channel() by reordering teardown (git-fixes). * net: mana: Guard mana_remove against double invocation (git-fixes). * net: mana: hardening: Validate adapter_mtu from MANA_QUERY_DEV_CONFIG (git- fixes). * net: mana: hardening: Validate doorbell ID from GDMA_REGISTER_DEVICE response (git-fixes). * net: mana: Init gf_stats_work before potential error paths in probe (git- fixes). * net: mana: Init link_change_work before potential error paths in probe (git- fixes). * net: mana: remove double CQ cleanup in mana_create_rxq error path (git- fixes). * net: mana: Set default number of queues to 16 (bsc#1261648). * net: mana: Skip WQ object destruction for uninitialized RXQ (git-fixes). * net: mana: Use at least SZ_4K in doorbell ID range check (git-fixes). * net: mana: Use pci_name() for debugfs directory naming (git-fixes). * net: phy: dp83869: fix setting CLK_O_SEL field (git-fixes). * net: stmmac: Fix PTP ref clock for Tegra234 (git-fixes). * net: usb: asix: ax88772: re-add usbnet_link_change() in phylink callbacks (git-fixes). * net: usb: cdc-phonet: fix skb frags[] overflow in rx_complete() (git-fixes). * net: usb: rtl8150: fix use-after-free in rtl8150_start_xmit() (git-fixes). * net: usb: rtl8150: free skb on usb_submit_urb() failure in xmit (git-fixes). * net: wan: fsl_ucc_hdlc: fix ucc_hdlc_remove (git-fixes). * net: wan: fsl_ucc_hdlc: fix uhdlc_memclean (git-fixes). * net: wan: fsl_ucc_hdlc: free tx_skbuff in uhdlc_memclean (git-fixes). * NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (git- fixes). * nfc: llcp: add missing return after LLCP_CLOSED checks (git-fixes). * nfc: pn533: allocate rx skb before consuming bytes (git-fixes). * nfc: s3fwrn5: allocate rx skb before consuming bytes (git-fixes). * NFC: trf7970a: Ignore antenna noise when checking for RF field (git-fixes). * nvmet-tcp: propagate nvmet_tcp_build_pdu_iovec() errors to its callers (git- fixes). * ocfs2: fix possible deadlock between unlink and dio_end_io_write (bsc#1258718). * ocfs2: split transactions in dio completion to avoid credit exhaustion (bsc#1258718). * PCI/AER: Clear only error bits in PCIe Device Status (git-fixes). * PCI/AER: Stop ruling out unbound devices as error source (git-fixes). * PCI: dwc: Apply ECRC workaround to DesignWare 5.00a as well (git-fixes). * PCI: Enable AtomicOps only if Root Port supports them (git-fixes). * PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown (git-fixes). * PCI: hv: Set default NUMA node to 0 for devices without affinity info (git- fixes). * PCI: mediatek-gen3: Prevent leaking IRQ domains when IRQ not found (git- fixes). * PCI: tegra194: Allow system suspend when the Endpoint link is not up (git- fixes). * PCI: tegra194: Disable direct speed change for Endpoint mode (git-fixes). * PCI: tegra194: Disable LTSSM after transition to Detect on surprise link down (git-fixes). * PCI: tegra194: Disable PERST# IRQ only in Endpoint mode (git-fixes). * PCI: tegra194: Fix polling delay for L2 state (git-fixes). * PCI: tegra194: Increase LTSSM poll time on surprise link down (git-fixes). * PCI: tegra194: Set LTR message request before PCIe link up in Endpoint mode (git-fixes). * PCI: tegra194: Use devm_gpiod_get_optional() to parse "nvidia,refclk-select" (git-fixes). * PCI: tegra194: Use DWC IP core version (git-fixes). * pinctrl: abx500: Fix type of 'argument' variable (git-fixes). * pinctrl: Fix spelling problem (git-fixes). * pinctrl: intel: Fix the revision for new features (1kOhm PD, HW debouncer) (stable-fixes). * pinctrl: pic32: change all cases of bare 'unsigned' to 'unsigned int' (git- fixes). * pinctrl: pic32: use consistent spacing around '+' (git-fixes). * pinctrl: pinctrl-pic32: Fix resource leak (git-fixes). * platform/chrome: chromeos_tbmc: Drop wakeup source on remove (git-fixes). * platform/surface: surfacepro3_button: Drop wakeup source on remove (git- fixes). * platform/x86/amd: pmc: Add Thinkpad L14 Gen3 to quirk_s2idle_bug (stable- fixes). * platform/x86: dell-wmi-sysman: bound enumeration string aggregation (git- fixes). * platform/x86: dell_rbu: avoid uninit value usage in packet_size_write() (git-fixes). * platform/x86: hp-wmi: Ignore backlight and FnLock events (stable-fixes). * platform/x86: panasonic-laptop: Fix OPTD notifier registration and cleanup (git-fixes). * power: supply: axp288_charger: Do not cancel work before initializing it (git-fixes). * power: supply: max17042: avoid overflow when determining health (git-fixes). * powerpc/crash: fix backup region offset update to elfcorehdr (bsc#1259535). * RDMA/mana: Fix error unwind in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Fix mana_destroy_wq_obj() cleanup in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Validate rx_hash_key_len (git-fixes). * RDMA/mana_ib: cleanup the usage of mana_gd_send_request() (git-fixes). * RDMA/mana_ib: Disable RX steering on RSS QP destroy (git-fixes). * RDMA/mana_ib: Support memory windows (git-fixes). * regulator: act8945a: fix OF node reference imbalance (git-fixes). * regulator: bd9571mwv: fix OF node reference imbalance (git-fixes). * regulator: max77650: fix OF node reference imbalance (git-fixes). * regulator: mt6357: fix OF node reference imbalance (git-fixes). * remoteproc: xlnx: Only access buffer information if IPI is buffered (git- fixes). * Revert "ALSA: usb: Increase volume range that triggers a warning" (git- fixes). * rtc: abx80x: Disable alarm feature if no interrupt attached (git-fixes). * rtc: ntxec: fix OF node reference imbalance (git-fixes). * sched/balancing: Switch the 'DEFINE_SPINLOCK(balancing)' spinlock into an 'atomic_t sched_balance_running' flag (bsc#1253754). * sched/fair: Change likelyhood of nohz.nr_cpus (bsc#1234634 bsc#1258961). * sched/fair: Have SD_SERIALIZE affect newidle balancing (bsc#1253754). * sched/fair: Move checking for nohz cpus after time check (bsc#1234634 bsc#1258961). * sched/fair: Remove nohz.nr_cpus and use weight of cpumask instead (bsc#1234634 bsc#1258961). * sched/fair: Skip sched_balance_running cmpxchg when balance is not due (bsc#1253754). * scsi: storvsc: Handle PERSISTENT_RESERVE_IN truncation for Hyper-V vFC (git- fixes). * scsi: target: iscsi: validate CHAP_R length before base64 decode (bsc#1265449). * soc/tegra: cbb: Set ERD on resume for err interrupt (git-fixes). * soc: qcom: aoss: compare against normalized cooling state (git-fixes). * soc: qcom: llcc: fix v1 SB syndrome register offset (git-fixes). * sound: ua101: fix division by zero at probe (git-fixes). * soundwire: bus: demote UNATTACHED state warnings to dev_dbg() (git-fixes). * soundwire: cadence: Clear message complete before signaling waiting thread (git-fixes). * spi: at91-usart: fix controller deregistration (git-fixes). * spi: atmel: fix controller deregistration (git-fixes). * spi: cadence: fix controller deregistration (git-fixes). * spi: fix controller cleanup() documentation (git-fixes). * spi: fix misleading controller deregistration kernel-doc (git-fixes). * spi: fix misleading controller registration kernel-doc (git-fixes). * spi: fsl-qspi: Use reinit_completion() for repeated operations (git-fixes). * spi: hisi-kunpeng: prevent infinite while() loop in hisi_spi_flush_fifo (git-fixes). * spi: imx: fix runtime pm leak on probe deferral (git-fixes). * spi: imx: fix use-after-free on unbind (git-fixes). * spi: microchip-core-qspi: fix controller deregistration (git-fixes). * spi: microchip-core-qspi: Use helper function devm_clk_get_enabled() (stable-fixes). * spi: mpc52xx: fix use-after-free on unbind (git-fixes). * spi: mtk-nor: fix controller deregistration (git-fixes). * spi: mtk-snfi: unregister ECC engine on probe failure and remove() callback (git-fixes). * spi: omap2-mcspi: fix controller deregistration (git-fixes). * spi: orion: fix clock imbalance on registration failure (git-fixes). * spi: orion: fix runtime pm leak on unbind (git-fixes). * spi: rockchip: fix controller deregistration (git-fixes). * spi: rspi: fix controller deregistration (git-fixes). * spi: sh-hspi: fix controller deregistration (git-fixes). * spi: spi-ti-qspi: Convert to platform remove callback returning void (stable-fixes). * spi: sprd: fix controller deregistration (git-fixes). * spi: sun4i: fix controller deregistration (git-fixes). * spi: sun4i: switch to use modern name (stable-fixes). * spi: syncuacer: fix controller deregistration (git-fixes). * spi: synquacer: switch to use modern name (stable-fixes). * spi: uniphier: fix controller deregistration (git-fixes). * spi: uniphier: Simplify clock handling with devm_clk_get_enabled() (stable- fixes). * spi: uniphier: switch to use modern name (stable-fixes). * spi: zynq-qspi: switch to use modern name (stable-fixes). * spi: zynqmp-gqspi: fix controller deregistration (git-fixes). * staging: media: atomisp: Disallow all private IOCTLs (git-fixes). * staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify() (git-fixes). * staging: sm750fb: fix division by zero in ps_to_hz() (git-fixes). * staging: vme_user: added bound check to geoid (stable-fixes). * staging: vme_user: fix root device leak on init failure (git-fixes). * thermal/drivers/spear: Fix error condition for reading st,thermal-flags (git-fixes). * thermal/drivers/sprd: Fix raw temperature clamping in sprd_thm_rawdata_to_temp (git-fixes). * thermal/drivers/sprd: Fix temperature clamping in sprd_thm_temp_to_rawdata (git-fixes). * tpm: avoid -Wunused-but-set-variable (git-fixes). * tpm: tpm_tis: add error logging for data transfer (git-fixes). * tpm: tpm_tis: stop transmit if retries are exhausted (git-fixes). * tty: tty_io: update timestamps on all device nodes (bsc#1262020). * USB: cdc-acm: Add quirks for Yoga Book 9 14IAH10 INGENIC touchscreen (stable-fixes). * usb: chipidea: core: allow ci_irq_handler() handle both ID and VBUS change (git-fixes). * usb: chipidea: otg: not wait vbus drop if use role_switch (git-fixes). * USB: core: add NO_LPM quirk for Razer Kiyo Pro webcam (stable-fixes). * usb: gadget: dummy_hcd: fix premature URB completion when ZLP follows partial transfer (stable-fixes). * usb: gadget: f_ncm: validate minimum block_len in ncm_unwrap_ntb() (git- fixes). * usb: gadget: f_phonet: fix skb frags[] overflow in pn_rx_complete() (stable- fixes). * usb: gadget: f_uac1_legacy: validate control request size (stable-fixes). * usb: gadget: renesas_usb3: validate endpoint index in standard request handlers (git-fixes). * USB: omap_udc: DMA: Don't enable burst 4 mode (git-fixes). * usb: port: add delay after usb_hub_set_port_power() (git-fixes). * usb: quirks: add DELAY_INIT quirk for another Silicon Motion flash drive (stable-fixes). * USB: serial: io_edgeport: add support for Blackbox IC135A (stable-fixes). * USB: serial: option: add MeiG Smart SRM825WN (stable-fixes). * USB: serial: option: add support for Rolling Wireless RW135R-GL (stable- fixes). * USB: serial: option: add Telit Cinterion FN990A MBIM composition (stable- fixes). * USB: serial: option: add Telit Cinterion LE910Cx compositions (stable- fixes). * usb: storage: Expand range of matched versions for VL817 quirks entry (stable-fixes). * usb: ulpi: fix memory leak on ulpi_register() error paths (git-fixes). * usb: usblp: fix heap leak in IEEE 1284 device ID via short response (stable- fixes). * usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl (stable- fixes). * usb: xhci: Make usb_host_endpoint.hcpriv survive endpoint_disable() (git- fixes). * usbip: validate number_of_packets in usbip_pack_ret_submit() (git-fixes). * virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (git- fixes). * virt: tdx-guest: Return error for GetQuote failures (git-fixes). * wifi: ath5k: do not access array OOB (git-fixes). * wifi: ath9k: Fix typo (git-fixes). * wifi: ath11k: Pass the correct value of each TID during a stop AMPDU session (git-fixes). * wifi: ath11k: skip status ring entry processing (stable-fixes). * wifi: ath11k: Use dma_alloc_noncoherent for rx_tid buffer allocation (stable-fixes). * wifi: b43: enforce bounds check on firmware key index in b43_rx() (git- fixes). * wifi: b43legacy: enforce bounds check on firmware key index in RX path (git- fixes). * wifi: brcmfmac: Fix error pointer dereference (git-fixes). * wifi: brcmfmac: validate bsscfg indices in IF events (stable-fixes). * wifi: brcmsmac: Fix dma_free_coherent() size (git-fixes). * wifi: cw1200: Revert "Fix locking in error paths" (git-fixes). * wifi: libertas: notify firmware load wait on disconnect (git-fixes). * wifi: mac80211: check ieee80211_rx_data_set_link return in pubsta MLO path (git-fixes). * wifi: mac80211: drop stray 'static' from fast-RX rx_result (git-fixes). * wifi: mac80211: remove station if connection prep fails (git-fixes). * wifi: mt76: mt792x: describe USB WFSYS reset with a descriptor (stable- fixes). * wifi: mt76: mt792x: fix mt7925u USB WFSYS reset handling (git-fixes). * wifi: mt76: mt7615: fix use_cts_prot support (git-fixes). * wifi: mt76: mt7915: fix use-after-free bugs in mt7915_mac_dump_work() (git- fixes). * wifi: mt76: mt7915: fix use_cts_prot support (git-fixes). * wifi: mt76: mt7921: fix a potential clc buffer length underflow (git-fixes). * wifi: mt76: mt7921: fix ROC abort flow interruption in mt7921_roc_work (git- fixes). * wifi: mt76: mt7921: Reset ampdu_state state in case of failure in mt76_connac2_tx_check_aggr() (git-fixes). * wifi: mt76: mt7925: fix incorrect length field in txpower command (git- fixes). * wifi: mt76: mt7996: fix FCS error flag check in RX descriptor (git-fixes). * wifi: mt76: mt7996: fix struct mt7996_mcu_uni_event (git-fixes). * wifi: mwifiex: Fix memory leak in mwifiex_11n_aggregate_pkt() (git-fixes). * wifi: nl80211: fix NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST usage (git- fixes). * wifi: nl80211: require admin perm on SET_PMK / DEL_PMK (git-fixes). * wifi: rsi: fix kthread lifetime race between self-exit and external-stop (git-fixes). * wifi: rt2x00usb: fix devres lifetime (git-fixes). * wifi: rtlwifi: pci: fix possible use-after-free caused by unfinished irq_prepare_bcn_tasklet (git-fixes). * wifi: rtw88: check for PCI upstream bridge existence (git-fixes). * wifi: rtw88: fix device leak on probe failure (git-fixes). * wifi: rtw89: phy: fix uninitialized variable access in rtw89_phy_cfo_set_crystal_cap() (git-fixes). * wifi: wl1251: validate packet IDs before indexing tx_frames (stable-fixes). * workqueue: Break up enum definitions and give names to the types (bsc#1260522). * workqueue: Clean up enum work_bits and related constants (bsc#1260522). * workqueue: Factor out work_grab_pending() from __cancel_work_sync() (bsc#1260522). * workqueue: Fix UBSAN 'subtraction overflow' error in shift_and_mask() (bsc#1260522). * workqueue: Implement disable/enable for (delayed) work items (bsc#1260522). * workqueue: Introduce work_cancel_flags (bsc#1260522). * workqueue: Make @flags handling consistent across set_work_data() and friends (bsc#1260522). * workqueue: Preserve OFFQ bits in cancel[_sync] paths (bsc#1260522). * workqueue: Rename __cancel_work_timer() to __cancel_timer_sync() (bsc#1260522). * workqueue: Reorganize flush and cancel[_sync] functions (bsc#1260522). * x86/boot/64: Clear most of CR4 in startup_64(), except PAE, MCE and LA57 (git-fixes). * x86/boot/sev: Avoid shared GHCB page for early memory acceptance (git- fixes). * x86/boot: Don't add the EFI stub to targets, again (git-fixes). * x86/boot: Fix page table access in 5-level to 4-level paging transition (git-fixes). * X.509: Fix out-of-bounds access when parsing extensions (git-fixes). * Xarray: do not return sibling entries from xas_find_marked() (bsc#1263815). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro Extras 6.1 zypper in -t patch SUSE-SLE-Micro-Extras-6.1-kernel-435=1 ## Package List: * SUSE Linux Micro Extras 6.1 (aarch64 ppc64le s390x x86_64) * kernel-syms-6.4.0-46.1 * kernel-obs-build-6.4.0-46.1 * kernel-obs-build-debugsource-6.4.0-46.1 * SUSE Linux Micro Extras 6.1 (nosrc) * kernel-64kb-6.4.0-46.1 * SUSE Linux Micro Extras 6.1 (aarch64) * kernel-64kb-devel-6.4.0-46.1 * kernel-64kb-debugsource-6.4.0-46.1 ## References: * https://www.suse.com/security/cve/CVE-2023-2058.html * https://www.suse.com/security/cve/CVE-2025-40219.html * https://www.suse.com/security/cve/CVE-2025-71183.html * https://www.suse.com/security/cve/CVE-2025-71238.html * https://www.suse.com/security/cve/CVE-2026-23168.html * https://www.suse.com/security/cve/CVE-2026-23209.html * https://www.suse.com/security/cve/CVE-2026-23236.html * https://www.suse.com/security/cve/CVE-2026-23237.html * https://www.suse.com/security/cve/CVE-2026-23239.html * https://www.suse.com/security/cve/CVE-2026-23240.html * https://www.suse.com/security/cve/CVE-2026-23245.html * https://www.suse.com/security/cve/CVE-2026-23246.html * https://www.suse.com/security/cve/CVE-2026-23253.html * https://www.suse.com/security/cve/CVE-2026-23260.html * https://www.suse.com/security/cve/CVE-2026-23264.html * https://www.suse.com/security/cve/CVE-2026-23266.html * https://www.suse.com/security/cve/CVE-2026-23268.html * https://www.suse.com/security/cve/CVE-2026-23269.html * https://www.suse.com/security/cve/CVE-2026-23271.html * https://www.suse.com/security/cve/CVE-2026-23273.html * https://www.suse.com/security/cve/CVE-2026-23276.html * https://www.suse.com/security/cve/CVE-2026-23279.html * https://www.suse.com/security/cve/CVE-2026-23290.html * https://www.suse.com/security/cve/CVE-2026-23291.html * https://www.suse.com/security/cve/CVE-2026-23298.html * https://www.suse.com/security/cve/CVE-2026-23300.html * https://www.suse.com/security/cve/CVE-2026-23306.html * https://www.suse.com/security/cve/CVE-2026-23307.html * https://www.suse.com/security/cve/CVE-2026-23308.html * https://www.suse.com/security/cve/CVE-2026-23312.html * https://www.suse.com/security/cve/CVE-2026-23313.html * https://www.suse.com/security/cve/CVE-2026-23315.html * https://www.suse.com/security/cve/CVE-2026-23318.html * https://www.suse.com/security/cve/CVE-2026-23321.html * https://www.suse.com/security/cve/CVE-2026-23324.html * https://www.suse.com/security/cve/CVE-2026-23325.html * https://www.suse.com/security/cve/CVE-2026-23336.html * https://www.suse.com/security/cve/CVE-2026-23339.html * https://www.suse.com/security/cve/CVE-2026-23340.html * https://www.suse.com/security/cve/CVE-2026-23346.html * https://www.suse.com/security/cve/CVE-2026-23351.html * https://www.suse.com/security/cve/CVE-2026-23357.html * https://www.suse.com/security/cve/CVE-2026-23362.html * https://www.suse.com/security/cve/CVE-2026-23363.html * https://www.suse.com/security/cve/CVE-2026-23365.html * https://www.suse.com/security/cve/CVE-2026-23367.html * https://www.suse.com/security/cve/CVE-2026-23368.html * https://www.suse.com/security/cve/CVE-2026-23370.html * https://www.suse.com/security/cve/CVE-2026-23372.html * https://www.suse.com/security/cve/CVE-2026-23373.html * https://www.suse.com/security/cve/CVE-2026-23374.html * https://www.suse.com/security/cve/CVE-2026-23378.html * https://www.suse.com/security/cve/CVE-2026-23382.html * https://www.suse.com/security/cve/CVE-2026-23391.html * https://www.suse.com/security/cve/CVE-2026-23392.html * https://www.suse.com/security/cve/CVE-2026-23393.html * https://www.suse.com/security/cve/CVE-2026-23396.html * https://www.suse.com/security/cve/CVE-2026-23397.html * https://www.suse.com/security/cve/CVE-2026-23399.html * https://www.suse.com/security/cve/CVE-2026-23403.html * https://www.suse.com/security/cve/CVE-2026-23404.html * https://www.suse.com/security/cve/CVE-2026-23405.html * https://www.suse.com/security/cve/CVE-2026-23406.html * https://www.suse.com/security/cve/CVE-2026-23407.html * https://www.suse.com/security/cve/CVE-2026-23408.html * https://www.suse.com/security/cve/CVE-2026-23409.html * https://www.suse.com/security/cve/CVE-2026-23410.html * https://www.suse.com/security/cve/CVE-2026-23411.html * https://www.suse.com/security/cve/CVE-2026-23420.html * https://www.suse.com/security/cve/CVE-2026-23426.html * https://www.suse.com/security/cve/CVE-2026-23434.html * https://www.suse.com/security/cve/CVE-2026-23440.html * https://www.suse.com/security/cve/CVE-2026-23441.html * https://www.suse.com/security/cve/CVE-2026-23442.html * https://www.suse.com/security/cve/CVE-2026-23443.html * https://www.suse.com/security/cve/CVE-2026-23446.html * https://www.suse.com/security/cve/CVE-2026-23447.html * https://www.suse.com/security/cve/CVE-2026-23448.html * https://www.suse.com/security/cve/CVE-2026-23449.html * https://www.suse.com/security/cve/CVE-2026-23450.html * https://www.suse.com/security/cve/CVE-2026-23452.html * https://www.suse.com/security/cve/CVE-2026-23455.html * https://www.suse.com/security/cve/CVE-2026-23456.html * https://www.suse.com/security/cve/CVE-2026-23457.html * https://www.suse.com/security/cve/CVE-2026-23458.html * https://www.suse.com/security/cve/CVE-2026-23460.html * https://www.suse.com/security/cve/CVE-2026-23461.html * https://www.suse.com/security/cve/CVE-2026-23462.html * https://www.suse.com/security/cve/CVE-2026-23463.html * https://www.suse.com/security/cve/CVE-2026-23465.html * https://www.suse.com/security/cve/CVE-2026-23468.html * https://www.suse.com/security/cve/CVE-2026-23472.html * https://www.suse.com/security/cve/CVE-2026-23473.html * https://www.suse.com/security/cve/CVE-2026-23474.html * https://www.suse.com/security/cve/CVE-2026-23475.html * https://www.suse.com/security/cve/CVE-2026-31389.html * https://www.suse.com/security/cve/CVE-2026-31393.html * https://www.suse.com/security/cve/CVE-2026-31400.html * https://www.suse.com/security/cve/CVE-2026-31402.html * https://www.suse.com/security/cve/CVE-2026-31403.html * https://www.suse.com/security/cve/CVE-2026-31404.html * https://www.suse.com/security/cve/CVE-2026-31405.html * https://www.suse.com/security/cve/CVE-2026-31407.html * https://www.suse.com/security/cve/CVE-2026-31408.html * https://www.suse.com/security/cve/CVE-2026-31411.html * https://www.suse.com/security/cve/CVE-2026-31412.html * https://www.suse.com/security/cve/CVE-2026-31415.html * https://www.suse.com/security/cve/CVE-2026-31416.html * https://www.suse.com/security/cve/CVE-2026-31417.html * https://www.suse.com/security/cve/CVE-2026-31420.html * https://www.suse.com/security/cve/CVE-2026-31421.html * https://www.suse.com/security/cve/CVE-2026-31422.html * https://www.suse.com/security/cve/CVE-2026-31423.html * https://www.suse.com/security/cve/CVE-2026-31424.html * https://www.suse.com/security/cve/CVE-2026-31425.html * https://www.suse.com/security/cve/CVE-2026-31426.html * https://www.suse.com/security/cve/CVE-2026-31427.html * https://www.suse.com/security/cve/CVE-2026-31428.html * https://www.suse.com/security/cve/CVE-2026-31436.html * https://www.suse.com/security/cve/CVE-2026-31449.html * https://www.suse.com/security/cve/CVE-2026-31470.html * https://www.suse.com/security/cve/CVE-2026-31488.html * https://www.suse.com/security/cve/CVE-2026-31494.html * https://www.suse.com/security/cve/CVE-2026-31496.html * https://www.suse.com/security/cve/CVE-2026-31504.html * https://www.suse.com/security/cve/CVE-2026-31505.html * https://www.suse.com/security/cve/CVE-2026-31507.html * https://www.suse.com/security/cve/CVE-2026-31512.html * https://www.suse.com/security/cve/CVE-2026-31515.html * https://www.suse.com/security/cve/CVE-2026-31519.html * https://www.suse.com/security/cve/CVE-2026-31525.html * https://www.suse.com/security/cve/CVE-2026-31528.html * https://www.suse.com/security/cve/CVE-2026-31533.html * https://www.suse.com/security/cve/CVE-2026-31550.html * https://www.suse.com/security/cve/CVE-2026-31565.html * https://www.suse.com/security/cve/CVE-2026-31570.html * https://www.suse.com/security/cve/CVE-2026-31586.html * https://www.suse.com/security/cve/CVE-2026-31588.html * https://www.suse.com/security/cve/CVE-2026-31602.html * https://www.suse.com/security/cve/CVE-2026-31607.html * https://www.suse.com/security/cve/CVE-2026-31622.html * https://www.suse.com/security/cve/CVE-2026-31649.html * https://www.suse.com/security/cve/CVE-2026-31656.html * https://www.suse.com/security/cve/CVE-2026-31662.html * https://www.suse.com/security/cve/CVE-2026-31668.html * https://www.suse.com/security/cve/CVE-2026-31669.html * https://www.suse.com/security/cve/CVE-2026-31675.html * https://www.suse.com/security/cve/CVE-2026-31679.html * https://www.suse.com/security/cve/CVE-2026-31681.html * https://www.suse.com/security/cve/CVE-2026-31682.html * https://www.suse.com/security/cve/CVE-2026-31684.html * https://www.suse.com/security/cve/CVE-2026-31685.html * https://www.suse.com/security/cve/CVE-2026-31694.html * https://www.suse.com/security/cve/CVE-2026-31700.html * https://www.suse.com/security/cve/CVE-2026-31738.html * https://www.suse.com/security/cve/CVE-2026-31787.html * https://www.suse.com/security/cve/CVE-2026-43009.html * https://www.suse.com/security/cve/CVE-2026-43025.html * https://www.suse.com/security/cve/CVE-2026-43027.html * https://www.suse.com/security/cve/CVE-2026-43037.html * https://www.suse.com/security/cve/CVE-2026-43038.html * https://www.suse.com/security/cve/CVE-2026-43044.html * https://www.suse.com/security/cve/CVE-2026-43050.html * https://www.suse.com/security/cve/CVE-2026-43060.html * https://www.suse.com/security/cve/CVE-2026-43088.html * https://www.suse.com/security/cve/CVE-2026-43110.html * https://www.suse.com/security/cve/CVE-2026-43120.html * https://www.suse.com/security/cve/CVE-2026-43126.html * https://www.suse.com/security/cve/CVE-2026-43190.html * https://www.suse.com/security/cve/CVE-2026-43214.html * https://www.suse.com/security/cve/CVE-2026-43265.html * https://www.suse.com/security/cve/CVE-2026-43329.html * https://www.suse.com/security/cve/CVE-2026-43330.html * https://www.suse.com/security/cve/CVE-2026-43334.html * https://www.suse.com/security/cve/CVE-2026-43365.html * https://www.suse.com/security/cve/CVE-2026-43366.html * https://www.suse.com/security/cve/CVE-2026-43419.html * https://www.suse.com/security/cve/CVE-2026-43437.html * https://www.suse.com/security/cve/CVE-2026-43441.html * https://www.suse.com/security/cve/CVE-2026-43494.html * https://www.suse.com/security/cve/CVE-2026-43503.html * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1234634 * https://bugzilla.suse.com/show_bug.cgi?id=1243603 * https://bugzilla.suse.com/show_bug.cgi?id=1248754 * https://bugzilla.suse.com/show_bug.cgi?id=1253122 * https://bugzilla.suse.com/show_bug.cgi?id=1253754 * https://bugzilla.suse.com/show_bug.cgi?id=1254518 * https://bugzilla.suse.com/show_bug.cgi?id=1256863 * https://bugzilla.suse.com/show_bug.cgi?id=1257631 * https://bugzilla.suse.com/show_bug.cgi?id=1258518 * https://bugzilla.suse.com/show_bug.cgi?id=1258718 * https://bugzilla.suse.com/show_bug.cgi?id=1258826 * https://bugzilla.suse.com/show_bug.cgi?id=1258849 * https://bugzilla.suse.com/show_bug.cgi?id=1258850 * https://bugzilla.suse.com/show_bug.cgi?id=1258854 * https://bugzilla.suse.com/show_bug.cgi?id=1258855 * https://bugzilla.suse.com/show_bug.cgi?id=1258856 * https://bugzilla.suse.com/show_bug.cgi?id=1258857 * https://bugzilla.suse.com/show_bug.cgi?id=1258961 * https://bugzilla.suse.com/show_bug.cgi?id=1259186 * https://bugzilla.suse.com/show_bug.cgi?id=1259199 * https://bugzilla.suse.com/show_bug.cgi?id=1259222 * https://bugzilla.suse.com/show_bug.cgi?id=1259484 * https://bugzilla.suse.com/show_bug.cgi?id=1259485 * https://bugzilla.suse.com/show_bug.cgi?id=1259535 * https://bugzilla.suse.com/show_bug.cgi?id=1259799 * https://bugzilla.suse.com/show_bug.cgi?id=1259806 * https://bugzilla.suse.com/show_bug.cgi?id=1259857 * https://bugzilla.suse.com/show_bug.cgi?id=1259868 * https://bugzilla.suse.com/show_bug.cgi?id=1259869 * https://bugzilla.suse.com/show_bug.cgi?id=1259873 * https://bugzilla.suse.com/show_bug.cgi?id=1259878 * https://bugzilla.suse.com/show_bug.cgi?id=1260010 * https://bugzilla.suse.com/show_bug.cgi?id=1260012 * https://bugzilla.suse.com/show_bug.cgi?id=1260018 * https://bugzilla.suse.com/show_bug.cgi?id=1260468 * https://bugzilla.suse.com/show_bug.cgi?id=1260483 * https://bugzilla.suse.com/show_bug.cgi?id=1260484 * https://bugzilla.suse.com/show_bug.cgi?id=1260485 * https://bugzilla.suse.com/show_bug.cgi?id=1260489 * https://bugzilla.suse.com/show_bug.cgi?id=1260501 * https://bugzilla.suse.com/show_bug.cgi?id=1260504 * https://bugzilla.suse.com/show_bug.cgi?id=1260505 * https://bugzilla.suse.com/show_bug.cgi?id=1260507 * https://bugzilla.suse.com/show_bug.cgi?id=1260522 * https://bugzilla.suse.com/show_bug.cgi?id=1260523 * https://bugzilla.suse.com/show_bug.cgi?id=1260526 * https://bugzilla.suse.com/show_bug.cgi?id=1260528 * https://bugzilla.suse.com/show_bug.cgi?id=1260529 * https://bugzilla.suse.com/show_bug.cgi?id=1260530 * https://bugzilla.suse.com/show_bug.cgi?id=1260531 * https://bugzilla.suse.com/show_bug.cgi?id=1260532 * https://bugzilla.suse.com/show_bug.cgi?id=1260533 * https://bugzilla.suse.com/show_bug.cgi?id=1260536 * https://bugzilla.suse.com/show_bug.cgi?id=1260537 * https://bugzilla.suse.com/show_bug.cgi?id=1260538 * https://bugzilla.suse.com/show_bug.cgi?id=1260541 * https://bugzilla.suse.com/show_bug.cgi?id=1260546 * https://bugzilla.suse.com/show_bug.cgi?id=1260549 * https://bugzilla.suse.com/show_bug.cgi?id=1260551 * https://bugzilla.suse.com/show_bug.cgi?id=1260552 * https://bugzilla.suse.com/show_bug.cgi?id=1260553 * https://bugzilla.suse.com/show_bug.cgi?id=1260555 * https://bugzilla.suse.com/show_bug.cgi?id=1260561 * https://bugzilla.suse.com/show_bug.cgi?id=1260566 * https://bugzilla.suse.com/show_bug.cgi?id=1260572 * https://bugzilla.suse.com/show_bug.cgi?id=1260581 * https://bugzilla.suse.com/show_bug.cgi?id=1260728 * https://bugzilla.suse.com/show_bug.cgi?id=1260729 * https://bugzilla.suse.com/show_bug.cgi?id=1260731 * https://bugzilla.suse.com/show_bug.cgi?id=1260800 * https://bugzilla.suse.com/show_bug.cgi?id=1260811 * https://bugzilla.suse.com/show_bug.cgi?id=1261020 * https://bugzilla.suse.com/show_bug.cgi?id=1261287 * https://bugzilla.suse.com/show_bug.cgi?id=1261295 * https://bugzilla.suse.com/show_bug.cgi?id=1261348 * https://bugzilla.suse.com/show_bug.cgi?id=1261503 * https://bugzilla.suse.com/show_bug.cgi?id=1261504 * https://bugzilla.suse.com/show_bug.cgi?id=1261581 * https://bugzilla.suse.com/show_bug.cgi?id=1261582 * https://bugzilla.suse.com/show_bug.cgi?id=1261584 * https://bugzilla.suse.com/show_bug.cgi?id=1261601 * https://bugzilla.suse.com/show_bug.cgi?id=1261602 * https://bugzilla.suse.com/show_bug.cgi?id=1261618 * https://bugzilla.suse.com/show_bug.cgi?id=1261628 * https://bugzilla.suse.com/show_bug.cgi?id=1261632 * https://bugzilla.suse.com/show_bug.cgi?id=1261636 * https://bugzilla.suse.com/show_bug.cgi?id=1261638 * https://bugzilla.suse.com/show_bug.cgi?id=1261641 * https://bugzilla.suse.com/show_bug.cgi?id=1261644 * https://bugzilla.suse.com/show_bug.cgi?id=1261645 * https://bugzilla.suse.com/show_bug.cgi?id=1261648 * https://bugzilla.suse.com/show_bug.cgi?id=1261679 * https://bugzilla.suse.com/show_bug.cgi?id=1261685 * https://bugzilla.suse.com/show_bug.cgi?id=1261686 * https://bugzilla.suse.com/show_bug.cgi?id=1261687 * https://bugzilla.suse.com/show_bug.cgi?id=1261692 * https://bugzilla.suse.com/show_bug.cgi?id=1261694 * https://bugzilla.suse.com/show_bug.cgi?id=1261700 * https://bugzilla.suse.com/show_bug.cgi?id=1261703 * https://bugzilla.suse.com/show_bug.cgi?id=1261707 * https://bugzilla.suse.com/show_bug.cgi?id=1261710 * https://bugzilla.suse.com/show_bug.cgi?id=1261713 * https://bugzilla.suse.com/show_bug.cgi?id=1261719 * https://bugzilla.suse.com/show_bug.cgi?id=1261750 * https://bugzilla.suse.com/show_bug.cgi?id=1261751 * https://bugzilla.suse.com/show_bug.cgi?id=1261752 * https://bugzilla.suse.com/show_bug.cgi?id=1261768 * https://bugzilla.suse.com/show_bug.cgi?id=1261778 * https://bugzilla.suse.com/show_bug.cgi?id=1261779 * https://bugzilla.suse.com/show_bug.cgi?id=1261781 * https://bugzilla.suse.com/show_bug.cgi?id=1261789 * https://bugzilla.suse.com/show_bug.cgi?id=1261796 * https://bugzilla.suse.com/show_bug.cgi?id=1261797 * https://bugzilla.suse.com/show_bug.cgi?id=1261896 * https://bugzilla.suse.com/show_bug.cgi?id=1262020 * https://bugzilla.suse.com/show_bug.cgi?id=1262053 * https://bugzilla.suse.com/show_bug.cgi?id=1262054 * https://bugzilla.suse.com/show_bug.cgi?id=1262055 * https://bugzilla.suse.com/show_bug.cgi?id=1262061 * https://bugzilla.suse.com/show_bug.cgi?id=1262063 * https://bugzilla.suse.com/show_bug.cgi?id=1262074 * https://bugzilla.suse.com/show_bug.cgi?id=1262078 * https://bugzilla.suse.com/show_bug.cgi?id=1262086 * https://bugzilla.suse.com/show_bug.cgi?id=1262087 * https://bugzilla.suse.com/show_bug.cgi?id=1262099 * https://bugzilla.suse.com/show_bug.cgi?id=1262100 * https://bugzilla.suse.com/show_bug.cgi?id=1262101 * https://bugzilla.suse.com/show_bug.cgi?id=1262179 * https://bugzilla.suse.com/show_bug.cgi?id=1262181 * https://bugzilla.suse.com/show_bug.cgi?id=1262602 * https://bugzilla.suse.com/show_bug.cgi?id=1262616 * https://bugzilla.suse.com/show_bug.cgi?id=1262665 * https://bugzilla.suse.com/show_bug.cgi?id=1262671 * https://bugzilla.suse.com/show_bug.cgi?id=1262673 * https://bugzilla.suse.com/show_bug.cgi?id=1262725 * https://bugzilla.suse.com/show_bug.cgi?id=1262731 * https://bugzilla.suse.com/show_bug.cgi?id=1262734 * https://bugzilla.suse.com/show_bug.cgi?id=1262746 * https://bugzilla.suse.com/show_bug.cgi?id=1262752 * https://bugzilla.suse.com/show_bug.cgi?id=1262758 * https://bugzilla.suse.com/show_bug.cgi?id=1263001 * https://bugzilla.suse.com/show_bug.cgi?id=1263012 * https://bugzilla.suse.com/show_bug.cgi?id=1263064 * https://bugzilla.suse.com/show_bug.cgi?id=1263065 * https://bugzilla.suse.com/show_bug.cgi?id=1263085 * https://bugzilla.suse.com/show_bug.cgi?id=1263093 * https://bugzilla.suse.com/show_bug.cgi?id=1263095 * https://bugzilla.suse.com/show_bug.cgi?id=1263104 * https://bugzilla.suse.com/show_bug.cgi?id=1263131 * https://bugzilla.suse.com/show_bug.cgi?id=1263140 * https://bugzilla.suse.com/show_bug.cgi?id=1263141 * https://bugzilla.suse.com/show_bug.cgi?id=1263149 * https://bugzilla.suse.com/show_bug.cgi?id=1263165 * https://bugzilla.suse.com/show_bug.cgi?id=1263170 * https://bugzilla.suse.com/show_bug.cgi?id=1263176 * https://bugzilla.suse.com/show_bug.cgi?id=1263556 * https://bugzilla.suse.com/show_bug.cgi?id=1263582 * https://bugzilla.suse.com/show_bug.cgi?id=1263592 * https://bugzilla.suse.com/show_bug.cgi?id=1263593 * https://bugzilla.suse.com/show_bug.cgi?id=1263595 * https://bugzilla.suse.com/show_bug.cgi?id=1263596 * https://bugzilla.suse.com/show_bug.cgi?id=1263600 * https://bugzilla.suse.com/show_bug.cgi?id=1263668 * https://bugzilla.suse.com/show_bug.cgi?id=1263723 * https://bugzilla.suse.com/show_bug.cgi?id=1263797 * https://bugzilla.suse.com/show_bug.cgi?id=1263815 * https://bugzilla.suse.com/show_bug.cgi?id=1263882 * https://bugzilla.suse.com/show_bug.cgi?id=1263901 * https://bugzilla.suse.com/show_bug.cgi?id=1263931 * https://bugzilla.suse.com/show_bug.cgi?id=1263933 * https://bugzilla.suse.com/show_bug.cgi?id=1263995 * https://bugzilla.suse.com/show_bug.cgi?id=1264014 * https://bugzilla.suse.com/show_bug.cgi?id=1264059 * https://bugzilla.suse.com/show_bug.cgi?id=1264082 * https://bugzilla.suse.com/show_bug.cgi?id=1264087 * https://bugzilla.suse.com/show_bug.cgi?id=1264097 * https://bugzilla.suse.com/show_bug.cgi?id=1264183 * https://bugzilla.suse.com/show_bug.cgi?id=1264427 * https://bugzilla.suse.com/show_bug.cgi?id=1264469 * https://bugzilla.suse.com/show_bug.cgi?id=1264482 * https://bugzilla.suse.com/show_bug.cgi?id=1264634 * https://bugzilla.suse.com/show_bug.cgi?id=1264651 * https://bugzilla.suse.com/show_bug.cgi?id=1264661 * https://bugzilla.suse.com/show_bug.cgi?id=1264674 * https://bugzilla.suse.com/show_bug.cgi?id=1264801 * https://bugzilla.suse.com/show_bug.cgi?id=1264848 * https://bugzilla.suse.com/show_bug.cgi?id=1265085 * https://bugzilla.suse.com/show_bug.cgi?id=1265090 * https://bugzilla.suse.com/show_bug.cgi?id=1265116 * https://bugzilla.suse.com/show_bug.cgi?id=1265119 * https://bugzilla.suse.com/show_bug.cgi?id=1265126 * https://bugzilla.suse.com/show_bug.cgi?id=1265144 * https://bugzilla.suse.com/show_bug.cgi?id=1265308 * https://bugzilla.suse.com/show_bug.cgi?id=1265421 * https://bugzilla.suse.com/show_bug.cgi?id=1265449 * https://bugzilla.suse.com/show_bug.cgi?id=1265456 * https://bugzilla.suse.com/show_bug.cgi?id=1265626 * https://bugzilla.suse.com/show_bug.cgi?id=1265846 * https://bugzilla.suse.com/show_bug.cgi?id=1265960 * https://jira.suse.com/browse/PED-7249 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:35:27 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:35:27 -0000 Subject: SUSE-SU-2026:21946-1: important: Security update for libsoup Message-ID: <178041812746.42.16797792807715231247@b0da085613fb> # Security update for libsoup Announcement ID: SUSE-SU-2026:21946-1 Release Date: 2026-06-01T12:59:52Z Rating: important References: * bsc#1259767 Cross-References: * CVE-2026-4271 CVSS scores: * CVE-2026-4271 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-4271 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-4271 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-4271 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for libsoup fixes the following issue * CVE-2026-4271: use-after-free in the HTTP/2 server when user signal handlers disconnect connections during callback execution (bsc#1259767). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-737=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * libsoup-3_0-0-debuginfo-3.4.2-15.1 * libsoup-debugsource-3.4.2-15.1 * libsoup-3_0-0-3.4.2-15.1 ## References: * https://www.suse.com/security/cve/CVE-2026-4271.html * https://bugzilla.suse.com/show_bug.cgi?id=1259767 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:35:36 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:35:36 -0000 Subject: SUSE-SU-2026:21945-1: critical: Security update for nvidia-open-driver-G06-signed Message-ID: <178041813623.42.3490209467187419778@b0da085613fb> # Security update for nvidia-open-driver-G06-signed Announcement ID: SUSE-SU-2026:21945-1 Release Date: 2026-06-01T12:51:52Z Rating: critical References: * bsc#1212841 * bsc#1259719 * bsc#1259740 * bsc#1262749 * bsc#1263834 * jsc#PED-15826 Cross-References: * CVE-2025-33221 * CVE-2026-24182 * CVE-2026-24187 * CVE-2026-24192 * CVE-2026-24194 * CVE-2026-24195 * CVE-2026-24196 * CVE-2026-24197 * CVE-2026-24198 * CVE-2026-24199 CVSS scores: * CVE-2025-33221 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-24182 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2026-24187 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-24192 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-24194 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-24195 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H * CVE-2026-24196 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-24197 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2026-24198 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2026-24199 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves 10 vulnerabilities and contains one feature can now be installed. ## Description: This update for nvidia-open-driver-G06-signed fixes the following issues: * Get rid of "'naked' return found in MITIGATION_RETHUNK build" objtool warnings (bsc#1212841, bsc#1263834) * update CUDA variant to 580.159.03 * update non-CUDA variant to 580.159.03 (bsc#1262749) * Fixes CVEs: CVE-2025-33221, CVE-2026-24187, CVE-2026-24182, CVE-2026-24192, CVE-2026-24194, CVE-2026-24195, CVE-2026-24196, CVE-2026-24197, CVE-2026-24198, CVE-2026-24199 * add 'Provides: open-driver-non-cuda-variant = %version' for non-CUDA variant to be able to distinguish between both variants; to be used by nvidia-open- driver-G06-signed-kmp-meta for TW ... (bsc#1259740) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-462=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 x86_64) * nvidia-open-driver-G06-signed-cuda-debugsource-580.159.03-1.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-580.159.03_k6.4.0_46-1.1 * nvidia-open-driver-G06-signed-kmp-default-580.159.03_k6.4.0_46-1.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-580.159.03_k6.4.0_46-1.1 * nvidia-open-driver-G06-signed-debugsource-580.159.03-1.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-580.159.03_k6.4.0_46-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-33221.html * https://www.suse.com/security/cve/CVE-2026-24182.html * https://www.suse.com/security/cve/CVE-2026-24187.html * https://www.suse.com/security/cve/CVE-2026-24192.html * https://www.suse.com/security/cve/CVE-2026-24194.html * https://www.suse.com/security/cve/CVE-2026-24195.html * https://www.suse.com/security/cve/CVE-2026-24196.html * https://www.suse.com/security/cve/CVE-2026-24197.html * https://www.suse.com/security/cve/CVE-2026-24198.html * https://www.suse.com/security/cve/CVE-2026-24199.html * https://bugzilla.suse.com/show_bug.cgi?id=1212841 * https://bugzilla.suse.com/show_bug.cgi?id=1259719 * https://bugzilla.suse.com/show_bug.cgi?id=1259740 * https://bugzilla.suse.com/show_bug.cgi?id=1262749 * https://bugzilla.suse.com/show_bug.cgi?id=1263834 * https://jira.suse.com/browse/PED-15826 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:35:46 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:35:46 -0000 Subject: SUSE-SU-2026:21944-1: important: Security update for vim Message-ID: <178041814624.42.5810543575843217241@b0da085613fb> # Security update for vim Announcement ID: SUSE-SU-2026:21944-1 Release Date: 2026-06-01T10:57:05Z Rating: important References: * bsc#1262395 * bsc#1264706 * bsc#1264707 * bsc#1264708 * bsc#1265349 * bsc#1265360 Cross-References: * CVE-2026-42307 * CVE-2026-43961 * CVE-2026-44656 * CVE-2026-45130 * CVE-2026-46483 CVSS scores: * CVE-2026-42307 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-43961 ( SUSE ): 5.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43961 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2026-44656 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-44656 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-44656 ( NVD ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-44656 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-45130 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2026-45130 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2026-45130 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-46483 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46483 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-46483 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-46483 ( NVD ): 3.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities and has one fix can now be installed. ## Description: This update for vim fixes the following issues * CVE-2026-42307: Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim (bsc#1264706). * CVE-2026-43961: Vimscript Code Injection in netrw NetrwMarkFile() via crafted filename (bsc#1265349). * CVE-2026-44656: Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's: find command-line completion (bsc#1264707). * CVE-2026-45130: Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 encoding active (bsc#1264708). * CVE-2026-46483: command injection via `tar#Vimuntar()` in `runtime/autoload/tar.vim` when decompressing `.tgz` archives on Unix-like systems (bsc#1265360). Changes for vim: * Update to v9.2.0530. * Fix for incorrectly detecting scientific parameter files as bitbake recipies. (bsc#1262395) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-736=1 ## Package List: * SUSE Linux Micro 6.0 (noarch) * vim-data-common-9.2.0530-1.1 * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * vim-debugsource-9.2.0530-1.1 * vim-small-debuginfo-9.2.0530-1.1 * vim-small-9.2.0530-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-42307.html * https://www.suse.com/security/cve/CVE-2026-43961.html * https://www.suse.com/security/cve/CVE-2026-44656.html * https://www.suse.com/security/cve/CVE-2026-45130.html * https://www.suse.com/security/cve/CVE-2026-46483.html * https://bugzilla.suse.com/show_bug.cgi?id=1262395 * https://bugzilla.suse.com/show_bug.cgi?id=1264706 * https://bugzilla.suse.com/show_bug.cgi?id=1264707 * https://bugzilla.suse.com/show_bug.cgi?id=1264708 * https://bugzilla.suse.com/show_bug.cgi?id=1265349 * https://bugzilla.suse.com/show_bug.cgi?id=1265360 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:35:49 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:35:49 -0000 Subject: SUSE-SU-2026:21943-1: important: Security update for busybox Message-ID: <178041814929.42.1128618447907047139@b0da085613fb> # Security update for busybox Announcement ID: SUSE-SU-2026:21943-1 Release Date: 2026-06-01T10:57:05Z Rating: important References: * bsc#1263989 Cross-References: * CVE-2026-29004 CVSS scores: * CVE-2026-29004 ( SUSE ): 7.2 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-29004 ( SUSE ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2026-29004 ( NVD ): 7.2 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-29004 ( NVD ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for busybox fixes the following issue * CVE-2026-29004: a crafted DHCPv6 response can lead to a heap buffer overflow in the DHCPv6 client (bsc#1263989). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-735=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * busybox-1.36.1-4.1 ## References: * https://www.suse.com/security/cve/CVE-2026-29004.html * https://bugzilla.suse.com/show_bug.cgi?id=1263989 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:36:01 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:36:01 -0000 Subject: SUSE-SU-2026:21942-1: important: Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041816140.42.15814846198220710685@b0da085613fb> # Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21942-1 Release Date: 2026-06-01T09:32:33Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-454=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-30-rt-debuginfo-19-1.3 * kernel-livepatch-MICRO-6-0-RT_Update_7-debugsource-19-1.3 * kernel-livepatch-6_4_0-30-rt-19-1.3 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:36:07 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:36:07 -0000 Subject: SUSE-SU-2026:21941-1: important: Security update for the Linux Kernel (Live Patch 18 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041816785.42.6009786035317396116@b0da085613fb> # Security update for the Linux Kernel (Live Patch 18 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21941-1 Release Date: 2026-06-01T09:26:54Z Rating: important References: * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-41.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-461=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-41-default-debuginfo-4-1.1 * kernel-livepatch-MICRO-6-0_Update_18-debugsource-4-1.1 * kernel-livepatch-6_4_0-41-default-4-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:36:17 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:36:17 -0000 Subject: SUSE-SU-2026:21940-1: important: Security update for the Linux Kernel (Live Patch 17 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041817757.42.10125047634669936599@b0da085613fb> # Security update for the Linux Kernel (Live Patch 17 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21940-1 Release Date: 2026-06-01T09:26:54Z Rating: important References: * bsc#1259798 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-40.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-460=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_17-debugsource-5-1.1 * kernel-livepatch-6_4_0-40-default-debuginfo-5-1.1 * kernel-livepatch-6_4_0-40-default-5-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:36:32 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:36:32 -0000 Subject: SUSE-SU-2026:21939-1: important: Security update for the Linux Kernel (Live Patch 16 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041819284.42.8467183037491606951@b0da085613fb> # Security update for the Linux Kernel (Live Patch 16 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21939-1 Release Date: 2026-06-01T09:26:54Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-39.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-459=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-39-default-6-1.1 * kernel-livepatch-6_4_0-39-default-debuginfo-6-1.1 * kernel-livepatch-MICRO-6-0_Update_16-debugsource-6-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:36:48 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:36:48 -0000 Subject: SUSE-SU-2026:21938-1: important: Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041820812.42.7255986476211307319@b0da085613fb> # Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21938-1 Release Date: 2026-06-01T09:26:53Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-458=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-38-default-debuginfo-7-1.2 * kernel-livepatch-6_4_0-38-default-7-1.2 * kernel-livepatch-MICRO-6-0_Update_14-debugsource-7-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:37:04 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:37:04 -0000 Subject: SUSE-SU-2026:21937-1: important: Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041822409.42.6179962994275619040@b0da085613fb> # Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21937-1 Release Date: 2026-06-01T09:26:53Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-457=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_13-debugsource-9-1.1 * kernel-livepatch-6_4_0-36-default-debuginfo-9-1.1 * kernel-livepatch-6_4_0-36-default-9-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:37:15 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:37:15 -0000 Subject: SUSE-SU-2026:21936-1: important: Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041823525.42.10847287213916047685@b0da085613fb> # Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21936-1 Release Date: 2026-06-01T09:26:53Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-35.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-453=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_12-debugsource-11-1.1 * kernel-livepatch-6_4_0-35-default-debuginfo-11-1.1 * kernel-livepatch-6_4_0-35-default-11-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:37:27 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:37:27 -0000 Subject: SUSE-SU-2026:21935-1: important: Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041824732.42.3629576650511620655@b0da085613fb> # Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21935-1 Release Date: 2026-06-01T09:26:53Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-452=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-34-default-11-1.1 * kernel-livepatch-6_4_0-34-default-debuginfo-11-1.1 * kernel-livepatch-MICRO-6-0_Update_11-debugsource-11-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:37:37 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:37:37 -0000 Subject: SUSE-SU-2026:21934-1: important: Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041825773.42.4615631398485644310@b0da085613fb> # Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21934-1 Release Date: 2026-06-01T09:26:53Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-456=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-31-default-18-1.2 * kernel-livepatch-MICRO-6-0_Update_9-debugsource-18-1.2 * kernel-livepatch-6_4_0-31-default-debuginfo-18-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:37:48 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:37:48 -0000 Subject: SUSE-SU-2026:21933-1: important: Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041826811.42.519423148462943293@b0da085613fb> # Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21933-1 Release Date: 2026-06-01T09:26:53Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-455=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-30-default-18-1.2 * kernel-livepatch-6_4_0-30-default-debuginfo-18-1.2 * kernel-livepatch-MICRO-6-0_Update_8-debugsource-18-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:37:58 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:37:58 -0000 Subject: SUSE-SU-2026:21932-1: important: Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041827850.42.8242404433554672051@b0da085613fb> # Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21932-1 Release Date: 2026-06-01T09:26:53Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-29.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-450=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_7-debugsource-19-1.2 * kernel-livepatch-6_4_0-29-default-debuginfo-19-1.2 * kernel-livepatch-6_4_0-29-default-19-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:38:04 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:38:04 -0000 Subject: SUSE-SU-2026:21931-1: important: Security update for the Linux Kernel RT (Live Patch 19 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041828485.42.12321823491864460157@b0da085613fb> # Security update for the Linux Kernel RT (Live Patch 19 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21931-1 Release Date: 2026-06-01T09:26:53Z Rating: important References: * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-41.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-449=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-41-rt-4-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_19-debugsource-4-1.1 * kernel-livepatch-6_4_0-41-rt-debuginfo-4-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:38:14 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:38:14 -0000 Subject: SUSE-SU-2026:21930-1: important: Security update for the Linux Kernel RT (Live Patch 18 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041829464.42.12369794712635305026@b0da085613fb> # Security update for the Linux Kernel RT (Live Patch 18 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21930-1 Release Date: 2026-06-01T09:26:52Z Rating: important References: * bsc#1259798 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-40.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-448=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_18-debugsource-5-1.1 * kernel-livepatch-6_4_0-40-rt-5-1.1 * kernel-livepatch-6_4_0-40-rt-debuginfo-5-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:38:25 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:38:25 -0000 Subject: SUSE-SU-2026:21929-1: important: Security update for the Linux Kernel RT (Live Patch 15 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041830573.42.11487251706028863079@b0da085613fb> # Security update for the Linux Kernel RT (Live Patch 15 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21929-1 Release Date: 2026-06-01T09:26:52Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-39.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-447=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-39-rt-6-1.1 * kernel-livepatch-6_4_0-39-rt-debuginfo-6-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_15-debugsource-6-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:38:36 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:38:36 -0000 Subject: SUSE-SU-2026:21928-1: important: Security update for the Linux Kernel RT (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041831655.42.14321251231961700531@b0da085613fb> # Security update for the Linux Kernel RT (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21928-1 Release Date: 2026-06-01T09:26:52Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-446=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_14-debugsource-7-1.1 * kernel-livepatch-6_4_0-38-rt-7-1.1 * kernel-livepatch-6_4_0-38-rt-debuginfo-7-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:38:47 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:38:47 -0000 Subject: SUSE-SU-2026:21927-1: important: Security update for the Linux Kernel RT (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041832725.42.7527705699310155529@b0da085613fb> # Security update for the Linux Kernel RT (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21927-1 Release Date: 2026-06-01T09:26:52Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-37.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-445=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_13-debugsource-7-1.1 * kernel-livepatch-6_4_0-37-rt-debuginfo-7-1.1 * kernel-livepatch-6_4_0-37-rt-7-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:38:57 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:38:57 -0000 Subject: SUSE-SU-2026:21926-1: important: Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041833786.42.9126022052817568416@b0da085613fb> # Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21926-1 Release Date: 2026-06-01T09:26:52Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-444=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-36-rt-debuginfo-11-1.1 * kernel-livepatch-6_4_0-36-rt-11-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_12-debugsource-11-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:39:08 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:39:08 -0000 Subject: SUSE-SU-2026:21925-1: important: Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041834839.42.12353581228848231691@b0da085613fb> # Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21925-1 Release Date: 2026-06-01T09:26:52Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-32.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-443=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-35-rt-debuginfo-12-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_11-debugsource-12-1.1 * kernel-livepatch-6_4_0-35-rt-12-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:39:18 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:39:18 -0000 Subject: SUSE-SU-2026:21924-1: important: Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041835878.42.17930033569278577624@b0da085613fb> # Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21924-1 Release Date: 2026-06-01T09:26:51Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-442=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-34-rt-debuginfo-16-1.1 * kernel-livepatch-6_4_0-34-rt-16-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_10-debugsource-16-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:39:29 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:39:29 -0000 Subject: SUSE-SU-2026:21923-1: important: Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041836970.42.13561314955674430813@b0da085613fb> # Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21923-1 Release Date: 2026-06-01T09:26:51Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-33.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-441=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-33-rt-16-1.2 * kernel-livepatch-6_4_0-33-rt-debuginfo-16-1.2 * kernel-livepatch-MICRO-6-0-RT_Update_9-debugsource-16-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:39:45 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:39:45 -0000 Subject: SUSE-SU-2026:21922-1: important: Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041838547.42.12566524187806922547@b0da085613fb> # Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21922-1 Release Date: 2026-06-01T09:26:51Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-440=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-31-rt-debuginfo-18-1.2 * kernel-livepatch-MICRO-6-0-RT_Update_8-debugsource-18-1.2 * kernel-livepatch-6_4_0-31-rt-18-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:40:01 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:40:01 -0000 Subject: SUSE-SU-2026:21921-1: important: Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041840146.42.11555934304471875900@b0da085613fb> # Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21921-1 Release Date: 2026-06-01T09:24:52Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-32.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-451=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_10-debugsource-12-1.1 * kernel-livepatch-6_4_0-32-default-debuginfo-12-1.1 * kernel-livepatch-6_4_0-32-default-12-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:40:07 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:40:07 -0000 Subject: SUSE-SU-2026:21920-1: critical: Security update for nvidia-open-driver-G07-signed Message-ID: <178041840761.42.11565675794251054051@b0da085613fb> # Security update for nvidia-open-driver-G07-signed Announcement ID: SUSE-SU-2026:21920-1 Release Date: 2026-06-01T09:14:35Z Rating: critical References: * bsc#1212841 * bsc#1262574 * bsc#1263834 Cross-References: * CVE-2025-33221 * CVE-2026-24182 * CVE-2026-24187 * CVE-2026-24192 * CVE-2026-24194 * CVE-2026-24195 * CVE-2026-24196 * CVE-2026-24197 * CVE-2026-24198 * CVE-2026-24199 CVSS scores: * CVE-2025-33221 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-24182 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2026-24187 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-24192 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-24194 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-24195 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H * CVE-2026-24196 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-24197 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2026-24198 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2026-24199 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for nvidia-open-driver-G07-signed fixes the following issues: * update CUDA variant to 595.71.05 * update non-CUDA variant to 595.71.05 (bsc#1262574) * CVEs fixed: CVE-2025-33221, CVE-2026-24187, CVE-2026-24182, CVE-2026-24192, CVE-2026-24194, CVE-2026-24195, CVE-2026-24196, CVE-2026-24197, CVE-2026-24198, CVE-2026-24199 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-439=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 x86_64) * nvidia-open-driver-G07-signed-kmp-default-595.71.05_k6.4.0_46-1.1 * nvidia-open-driver-G07-signed-cuda-debugsource-595.71.05-1.1 * nvidia-open-driver-G07-signed-cuda-kmp-default-debuginfo-595.71.05_k6.4.0_46-1.1 * nvidia-open-driver-G07-signed-cuda-kmp-default-595.71.05_k6.4.0_46-1.1 * nvidia-open-driver-G07-signed-kmp-default-debuginfo-595.71.05_k6.4.0_46-1.1 * nvidia-open-driver-G07-signed-debugsource-595.71.05-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-33221.html * https://www.suse.com/security/cve/CVE-2026-24182.html * https://www.suse.com/security/cve/CVE-2026-24187.html * https://www.suse.com/security/cve/CVE-2026-24192.html * https://www.suse.com/security/cve/CVE-2026-24194.html * https://www.suse.com/security/cve/CVE-2026-24195.html * https://www.suse.com/security/cve/CVE-2026-24196.html * https://www.suse.com/security/cve/CVE-2026-24197.html * https://www.suse.com/security/cve/CVE-2026-24198.html * https://www.suse.com/security/cve/CVE-2026-24199.html * https://bugzilla.suse.com/show_bug.cgi?id=1212841 * https://bugzilla.suse.com/show_bug.cgi?id=1262574 * https://bugzilla.suse.com/show_bug.cgi?id=1263834 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:45:07 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:45:07 -0000 Subject: SUSE-SU-2026:21919-1: important: Security update for the Linux Kernel Message-ID: <178041870707.42.18027991339309709216@b0da085613fb> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:21919-1 Release Date: 2026-05-29T16:16:49Z Rating: important References: * bsc#1215199 * bsc#1234634 * bsc#1243603 * bsc#1248754 * bsc#1253122 * bsc#1253754 * bsc#1254518 * bsc#1256863 * bsc#1257631 * bsc#1258518 * bsc#1258718 * bsc#1258826 * bsc#1258849 * bsc#1258850 * bsc#1258854 * bsc#1258855 * bsc#1258856 * bsc#1258857 * bsc#1258961 * bsc#1259186 * bsc#1259199 * bsc#1259222 * bsc#1259484 * bsc#1259485 * bsc#1259535 * bsc#1259799 * bsc#1259806 * bsc#1259857 * bsc#1259868 * bsc#1259869 * bsc#1259873 * bsc#1259878 * bsc#1260010 * bsc#1260012 * bsc#1260018 * bsc#1260468 * bsc#1260483 * bsc#1260484 * bsc#1260485 * bsc#1260489 * bsc#1260501 * bsc#1260504 * bsc#1260505 * bsc#1260507 * bsc#1260522 * bsc#1260523 * bsc#1260526 * bsc#1260528 * bsc#1260529 * bsc#1260530 * bsc#1260531 * bsc#1260532 * bsc#1260533 * bsc#1260536 * bsc#1260537 * bsc#1260538 * bsc#1260541 * bsc#1260546 * bsc#1260549 * bsc#1260551 * bsc#1260552 * bsc#1260553 * bsc#1260555 * bsc#1260561 * bsc#1260566 * bsc#1260572 * bsc#1260581 * bsc#1260728 * bsc#1260729 * bsc#1260731 * bsc#1260800 * bsc#1260811 * bsc#1261020 * bsc#1261287 * bsc#1261295 * bsc#1261348 * bsc#1261503 * bsc#1261504 * bsc#1261581 * bsc#1261582 * bsc#1261584 * bsc#1261601 * bsc#1261602 * bsc#1261618 * bsc#1261628 * bsc#1261632 * bsc#1261636 * bsc#1261638 * bsc#1261641 * bsc#1261644 * bsc#1261645 * bsc#1261648 * bsc#1261679 * bsc#1261685 * bsc#1261686 * bsc#1261687 * bsc#1261692 * bsc#1261694 * bsc#1261700 * bsc#1261703 * bsc#1261707 * bsc#1261710 * bsc#1261713 * bsc#1261719 * bsc#1261750 * bsc#1261751 * bsc#1261752 * bsc#1261768 * bsc#1261778 * bsc#1261779 * bsc#1261781 * bsc#1261789 * bsc#1261796 * bsc#1261797 * bsc#1261896 * bsc#1262020 * bsc#1262053 * bsc#1262054 * bsc#1262055 * bsc#1262061 * bsc#1262063 * bsc#1262074 * bsc#1262078 * bsc#1262086 * bsc#1262087 * bsc#1262099 * bsc#1262100 * bsc#1262101 * bsc#1262179 * bsc#1262181 * bsc#1262602 * bsc#1262616 * bsc#1262665 * bsc#1262671 * bsc#1262673 * bsc#1262725 * bsc#1262731 * bsc#1262734 * bsc#1262746 * bsc#1262752 * bsc#1262758 * bsc#1263001 * bsc#1263012 * bsc#1263064 * bsc#1263065 * bsc#1263085 * bsc#1263093 * bsc#1263095 * bsc#1263104 * bsc#1263131 * bsc#1263140 * bsc#1263141 * bsc#1263149 * bsc#1263165 * bsc#1263170 * bsc#1263176 * bsc#1263556 * bsc#1263582 * bsc#1263592 * bsc#1263593 * bsc#1263595 * bsc#1263596 * bsc#1263600 * bsc#1263668 * bsc#1263723 * bsc#1263797 * bsc#1263815 * bsc#1263882 * bsc#1263901 * bsc#1263931 * bsc#1263933 * bsc#1263995 * bsc#1264014 * bsc#1264059 * bsc#1264082 * bsc#1264087 * bsc#1264097 * bsc#1264183 * bsc#1264427 * bsc#1264469 * bsc#1264482 * bsc#1264634 * bsc#1264651 * bsc#1264661 * bsc#1264674 * bsc#1264801 * bsc#1264848 * bsc#1265085 * bsc#1265090 * bsc#1265116 * bsc#1265119 * bsc#1265126 * bsc#1265144 * bsc#1265308 * bsc#1265421 * bsc#1265449 * bsc#1265456 * bsc#1265626 * bsc#1265846 * bsc#1265960 * jsc#PED-7249 Cross-References: * CVE-2023-2058 * CVE-2025-40219 * CVE-2025-71183 * CVE-2025-71238 * CVE-2026-23168 * CVE-2026-23209 * CVE-2026-23236 * CVE-2026-23237 * CVE-2026-23239 * CVE-2026-23240 * CVE-2026-23245 * CVE-2026-23246 * CVE-2026-23253 * CVE-2026-23260 * CVE-2026-23264 * CVE-2026-23266 * CVE-2026-23268 * CVE-2026-23269 * CVE-2026-23271 * CVE-2026-23273 * CVE-2026-23276 * CVE-2026-23279 * CVE-2026-23290 * CVE-2026-23291 * CVE-2026-23298 * CVE-2026-23300 * CVE-2026-23306 * CVE-2026-23307 * CVE-2026-23308 * CVE-2026-23312 * CVE-2026-23313 * CVE-2026-23315 * CVE-2026-23318 * CVE-2026-23321 * CVE-2026-23324 * CVE-2026-23325 * CVE-2026-23336 * CVE-2026-23339 * CVE-2026-23340 * CVE-2026-23346 * CVE-2026-23351 * CVE-2026-23357 * CVE-2026-23362 * CVE-2026-23363 * CVE-2026-23365 * CVE-2026-23367 * CVE-2026-23368 * CVE-2026-23370 * CVE-2026-23372 * CVE-2026-23373 * CVE-2026-23374 * CVE-2026-23378 * CVE-2026-23382 * CVE-2026-23391 * CVE-2026-23392 * CVE-2026-23393 * CVE-2026-23396 * CVE-2026-23397 * CVE-2026-23399 * CVE-2026-23403 * CVE-2026-23404 * CVE-2026-23405 * CVE-2026-23406 * CVE-2026-23407 * CVE-2026-23408 * CVE-2026-23409 * CVE-2026-23410 * CVE-2026-23411 * CVE-2026-23420 * CVE-2026-23426 * CVE-2026-23434 * CVE-2026-23440 * CVE-2026-23441 * CVE-2026-23442 * CVE-2026-23443 * CVE-2026-23446 * CVE-2026-23447 * CVE-2026-23448 * CVE-2026-23449 * CVE-2026-23450 * CVE-2026-23452 * CVE-2026-23455 * CVE-2026-23456 * CVE-2026-23457 * CVE-2026-23458 * CVE-2026-23460 * CVE-2026-23461 * CVE-2026-23462 * CVE-2026-23463 * CVE-2026-23465 * CVE-2026-23468 * CVE-2026-23472 * CVE-2026-23473 * CVE-2026-23474 * CVE-2026-23475 * CVE-2026-31389 * CVE-2026-31393 * CVE-2026-31400 * CVE-2026-31402 * CVE-2026-31403 * CVE-2026-31404 * CVE-2026-31405 * CVE-2026-31407 * CVE-2026-31408 * CVE-2026-31411 * CVE-2026-31412 * CVE-2026-31415 * CVE-2026-31416 * CVE-2026-31417 * CVE-2026-31420 * CVE-2026-31421 * CVE-2026-31422 * CVE-2026-31423 * CVE-2026-31424 * CVE-2026-31425 * CVE-2026-31426 * CVE-2026-31427 * CVE-2026-31428 * CVE-2026-31436 * CVE-2026-31449 * CVE-2026-31470 * CVE-2026-31488 * CVE-2026-31494 * CVE-2026-31496 * CVE-2026-31504 * CVE-2026-31505 * CVE-2026-31507 * CVE-2026-31512 * CVE-2026-31515 * CVE-2026-31519 * CVE-2026-31525 * CVE-2026-31528 * CVE-2026-31533 * CVE-2026-31550 * CVE-2026-31565 * CVE-2026-31570 * CVE-2026-31586 * CVE-2026-31588 * CVE-2026-31602 * CVE-2026-31607 * CVE-2026-31622 * CVE-2026-31649 * CVE-2026-31656 * CVE-2026-31662 * CVE-2026-31668 * CVE-2026-31669 * CVE-2026-31675 * CVE-2026-31679 * CVE-2026-31681 * CVE-2026-31682 * CVE-2026-31684 * CVE-2026-31685 * CVE-2026-31694 * CVE-2026-31700 * CVE-2026-31738 * CVE-2026-31787 * CVE-2026-43009 * CVE-2026-43025 * CVE-2026-43027 * CVE-2026-43037 * CVE-2026-43038 * CVE-2026-43044 * CVE-2026-43050 * CVE-2026-43060 * CVE-2026-43088 * CVE-2026-43110 * CVE-2026-43120 * CVE-2026-43126 * CVE-2026-43190 * CVE-2026-43214 * CVE-2026-43265 * CVE-2026-43329 * CVE-2026-43330 * CVE-2026-43334 * CVE-2026-43365 * CVE-2026-43366 * CVE-2026-43419 * CVE-2026-43437 * CVE-2026-43441 * CVE-2026-43494 * CVE-2026-43503 CVSS scores: * CVE-2023-2058 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2023-2058 ( NVD ): 2.4 CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N * CVE-2025-40219 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40219 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-71183 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71183 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71238 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-71238 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-71238 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23168 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23168 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23168 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23209 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23209 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23236 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23236 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23236 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23236 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2026-23237 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23237 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23239 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23239 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23240 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23245 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23245 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23245 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23246 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23253 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23253 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23260 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23260 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23260 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23264 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23264 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23266 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23266 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23266 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23268 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23268 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23269 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23269 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23269 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23271 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23271 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23273 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23276 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23276 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23279 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23279 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23279 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23290 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23290 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23290 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23291 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23291 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23298 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23298 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23298 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23300 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23300 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23300 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23306 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23306 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H * CVE-2026-23306 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23307 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23308 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23308 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23312 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23312 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23312 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23313 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23315 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23315 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23318 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23318 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23321 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23321 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23321 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23324 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23324 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23324 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23325 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23325 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23336 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23336 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23339 ( SUSE ): 2.3 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23339 ( SUSE ): 3.1 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23339 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23340 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23340 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23340 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23346 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23346 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23346 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23357 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23357 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23357 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23362 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23363 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23365 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23365 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23365 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23367 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-23367 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-23367 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23368 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23368 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23368 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23370 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23370 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23372 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23372 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23373 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23373 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23374 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23374 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23374 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23378 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23378 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23378 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23378 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23382 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23382 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23382 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23391 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23391 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23392 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23393 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23396 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23396 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23396 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23397 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23397 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23397 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23399 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23399 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23399 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23403 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23403 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23404 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23406 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23406 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23407 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23407 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23407 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23408 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23409 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23409 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23410 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23410 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23411 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23420 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23426 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23426 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23426 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23434 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23434 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23434 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23434 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23440 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23440 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23440 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23440 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23441 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23441 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23442 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23442 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23442 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23443 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23443 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23443 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23446 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23446 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23446 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23447 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23447 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23448 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23448 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23448 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23450 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23452 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23452 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23452 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23455 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23455 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23455 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23456 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23456 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-23456 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23457 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23457 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23457 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23458 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23458 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23458 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23460 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23460 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23460 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23461 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23461 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23461 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23462 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23463 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23463 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2026-23463 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23465 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2026-23465 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2026-23465 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23468 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23472 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23472 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23472 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23473 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23473 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23474 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23474 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23474 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23475 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23475 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23475 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31389 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31389 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31389 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31393 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31393 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31393 ( NVD ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31400 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31400 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31400 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31402 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31402 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-31402 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31403 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31404 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31404 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31404 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31405 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31405 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31407 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31407 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31407 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31408 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31408 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31408 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31411 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31411 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31411 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31412 ( SUSE ): 7.0 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31412 ( SUSE ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31412 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31415 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31415 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31415 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31416 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31416 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-31416 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31417 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31417 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31417 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31420 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31421 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31421 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31421 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31422 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31422 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31422 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31423 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31423 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31423 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31424 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31424 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31424 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31425 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31425 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31426 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31426 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-31426 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31427 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-31427 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2026-31427 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31428 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31428 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31428 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31436 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31436 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31436 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31449 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-31470 ( SUSE ): 6.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31470 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31470 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31488 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31488 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31488 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31494 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-31494 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2026-31494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31496 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31496 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31496 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31504 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31504 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31504 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31505 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31507 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31512 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31512 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-31512 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31515 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31515 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31515 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31519 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31519 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31525 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31525 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31525 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31528 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31528 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31528 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31533 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31550 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31550 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31550 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31565 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31565 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31565 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31570 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:N/SA:N * CVE-2026-31570 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31586 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31588 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-31602 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31602 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31602 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31607 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31607 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2026-31607 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31622 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31622 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31622 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31649 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31656 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31662 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31662 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31662 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31668 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-31668 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2026-31668 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31669 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31675 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31675 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2026-31675 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31679 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31679 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31679 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31681 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31681 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31681 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31682 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31682 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31682 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31684 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31684 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-31684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31685 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31685 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31685 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31694 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31694 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31694 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31700 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31738 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43009 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-43027 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43027 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43038 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43038 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43044 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43044 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43044 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43050 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43060 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43060 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43088 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-43088 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-43110 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43110 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43110 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43120 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43126 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43190 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43190 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43190 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43214 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43214 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43214 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43265 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43265 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43265 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43329 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43329 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43329 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43330 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43330 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43330 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43334 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-43334 ( SUSE ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-43334 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43365 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43365 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43365 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43366 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43366 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43366 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43419 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-43419 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-43437 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43437 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43441 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43441 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43494 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43494 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43503 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43503 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43503 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves 181 vulnerabilities, contains one feature and has 19 fixes can now be installed. ## Description: The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2023-2058: x86/CPU: Fix FPDSS on Zen1 (bsc#1243603). * CVE-2025-71183: btrfs: always detect conflicting inodes when logging inode refs (bsc#1257631). * CVE-2026-23168: flex_proportions: make fprop_new_period() hardirq safe (bsc#1258826). * CVE-2026-23239: espintcp: Fix race condition in espintcp_close() (bsc#1259485). * CVE-2026-23240: tls: Fix race condition in tls_sw_cancel_work_tx() (bsc#1259484). * CVE-2026-23245: net/sched: act_gate: snapshot parameters with RCU on replace (bsc#1259799). * CVE-2026-23271: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race (bsc#1260018). * CVE-2026-23276: net: move dev_xmit_recursion() helpers to net/core/dev.h (bsc#1260012). * CVE-2026-23300: net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop (bsc#1260538). * CVE-2026-23306: scsi: pm8001: Fix use-after-free in pm8001_queue_command() (bsc#1260501). * CVE-2026-23313: i40e: Fix preempt count leak in napi poll tracepoint (bsc#1260555). * CVE-2026-23321: mptcp: pm: in-kernel: always mark signal+subflow endp as used (bsc#1260505). * CVE-2026-23340: net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs (bsc#1260523). * CVE-2026-23346: mm/ioremap: define generic_ioremap_prot() and generic_iounmap() (bsc#1260529). * CVE-2026-23351: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase (bsc#1260526). * CVE-2026-23368: net: phy: register phy led_triggers during probe to avoid AB-BA deadlock (bsc#1260530). * CVE-2026-23374: blktrace: fix __this_cpu_read/write in preemptible context (bsc#1260811). * CVE-2026-23378: net/sched: act_ife: Fix metalist update behavior (bsc#1260546). * CVE-2026-23391: netfilter: xt_CT: drop pending enqueued packets on template removal (bsc#1260566). * CVE-2026-23392: netfilter: nf_tables: release flowtable after rcu grace period on error (bsc#1260531). * CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260522). * CVE-2026-23397: nfnetlink_osf: validate individual option lengths in fingerprints (bsc#1260728). * CVE-2026-23399: nf_tables: nft_dynset: fix possible stateful expression memleak in error path (bsc#1261020). * CVE-2026-23440: net/mlx5e: Fix race condition during IPSec ESN update (bsc#1261641). * CVE-2026-23441: net/mlx5e: Prevent concurrent access to IPSec ASO context (bsc#1261768). * CVE-2026-23442: ipv6: add NULL checks for idev in SRv6 paths (bsc#1261581). * CVE-2026-23449: net/sched: teql: Fix double-free in teql_master_xmit (bsc#1261779). * CVE-2026-23450: net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock() (bsc#1261584). * CVE-2026-23455: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() (bsc#1261687). * CVE-2026-23456: netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case (bsc#1261703). * CVE-2026-23457: netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp() (bsc#1261686). * CVE-2026-23458: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() (bsc#1261781). * CVE-2026-23461: Bluetooth: L2CAP: Fix use-after-free in l2cap_unregister_user (bsc#1261707). * CVE-2026-23462: Bluetooth: HIDP: Fix possible UAF (bsc#1261710). * CVE-2026-23468: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion (bsc#1261692). * CVE-2026-23472: serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN (bsc#1261636). * CVE-2026-23473: io_uring/poll: fix multishot recv missing EOF on wakeup race (bsc#1261694). * CVE-2026-31400: sunrpc: fix cache_request leak in cache_release (bsc#1261645). * CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (bsc#1261638). * CVE-2026-31403: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd (bsc#1261796). * CVE-2026-31404: xfs: avoid dereferencing log items after push callbacks (bsc#1261628). * CVE-2026-31407: netfilter: conntrack: add missing netlink policy validations (bsc#1261632). * CVE-2026-31411: net: atm: fix crash due to unvalidated vcc pointer in sigd_send() (bsc#1261752). * CVE-2026-31415: ipv6: avoid overflows in ip6_datagram_send_ctl() (bsc#1262099). * CVE-2026-31416: netfilter: nfnetlink_log: account for netlink header size (bsc#1262100). * CVE-2026-31420: bridge: mrp: reject zero test interval to avoid OOM panic (bsc#1262055). * CVE-2026-31421: net/sched: cls_fw: fix NULL pointer dereference on shared blocks (bsc#1262061). * CVE-2026-31422: net/sched: cls_flow: fix NULL pointer dereference on shared blocks (bsc#1262054). * CVE-2026-31423: net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() (bsc#1262063). * CVE-2026-31424: netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP (bsc#1262053). * CVE-2026-31425: rds: ib: reject FRMR registration before IB connection is established (bsc#1262074). * CVE-2026-31427: netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp (bsc#1262086). * CVE-2026-31428: netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD (bsc#1262087). * CVE-2026-31436: dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() (bsc#1262602). * CVE-2026-31449: ext4: validate p_idx bounds in ext4_ext_correct_indexes (bsc#1262616). * CVE-2026-31470: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (bsc#1262665). * CVE-2026-31488: drm/amd/display: Do not skip unrelated mode changes in DSC validation (bsc#1262746). * CVE-2026-31494: net: cadence: macb: Synchronize stats calculations (bsc#1262671). * CVE-2026-31496: netfilter: nf_conntrack_expect: skip expectations in other netns via proc (bsc#1262673). * CVE-2026-31504: net: fix fanout UAF in packet_release() via NETDEV_UP race (bsc#1263085). * CVE-2026-31505: iavf: fix out-of-bounds writes in iavf_get_ethtool_stats() (bsc#1263093). * CVE-2026-31507: net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer (bsc#1263095). * CVE-2026-31512: Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv() (bsc#1262734). * CVE-2026-31515: af_key: validate families in pfkey_send_migrate() (bsc#1262752). * CVE-2026-31519: btrfs: set BTRFS_ROOT_ORPHAN_CLEANUP during subvol create (bsc#1263012). * CVE-2026-31525: bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN (bsc#1262725). * CVE-2026-31528: perf: Make sure to use pmu_ctx->pmu for groups (bsc#1263001). * CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (bsc#1262758). * CVE-2026-31550: pmdomain: bcm: bcm2835-power: Increase ASB control timeout (bsc#1263104). * CVE-2026-31565: RDMA/irdma: Fix deadlock during netdev reset with active connections (bsc#1263064). * CVE-2026-31570: can: gw: fix OOB heap access in cgw_csum_crc8_rel() (bsc#1263065). * CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (bsc#1263176). * CVE-2026-31588: KVM: x86: Use scratch field in MMIO fragment to hold small write values (bsc#1263165). * CVE-2026-31602: ALSA: ctxfi: Limit PTP to a single page (bsc#1263723). * CVE-2026-31607: usbip: validate number_of_packets in usbip_pack_ret_submit() (bsc#1263600). * CVE-2026-31622: NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (bsc#1263797). * CVE-2026-31649: net: stmmac: fix integer underflow in chain mode (bsc#1263582). * CVE-2026-31656: drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (bsc#1263170). * CVE-2026-31662: tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG (bsc#1263131). * CVE-2026-31668: seg6: separate dst_cache for input and output paths in seg6 lwtunnel (bsc#1263140). * CVE-2026-31669: mptcp: fix slab-use-after-free in __inet_lookup_established (bsc#1263141). * CVE-2026-31675: net/sched: sch_netem: fix out-of-bounds access in packet corruption (bsc#1263556). * CVE-2026-31679: openvswitch: validate MPLS set/set_masked payload length (bsc#1263592). * CVE-2026-31681: netfilter: xt_multiport: validate range encoding in checkentry (bsc#1263593). * CVE-2026-31682: bridge: br_nd_send: linearize skb before parsing ND options (bsc#1263595). * CVE-2026-31684: net: sched: act_csum: validate nested VLAN headers (bsc#1263596). * CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263668). * CVE-2026-31694: fuse: reject oversized dirents in page cache (bsc#1263901). * CVE-2026-31700: net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (bsc#1263882). * CVE-2026-31738: vxlan: validate ND option lengths in vxlan_na_create (bsc#1264059). * CVE-2026-31787: xen/privcmd: fix double free via VMA splitting (bsc#1262181). * CVE-2026-43009: bpf: Fix incorrect pruning due to atomic fetch precision tracking (bsc#1264014). * CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new expectations (bsc#1263931). * CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect cleanup (bsc#1263933). * CVE-2026-43037: ip6_tunnel: clear skb2->cb in ip4ip6_err() (bsc#1263995). * CVE-2026-43038: ipv6: icmp: clear skb2->cb in ip6_err_gen_icmpv6_unreach() (bsc#1264097). * CVE-2026-43044: crypto: caam - fix DMA corruption on long hmac keys (bsc#1264087). * CVE-2026-43050: atm: lec: fix use-after-free in sock_def_readable() (bsc#1264082). * CVE-2026-43060: netfilter: nft_ct: drop pending enqueued packets on removal (bsc#1264183). * CVE-2026-43088: net: af_key: zero aligned sockaddr tail in PF_KEY exports (bsc#1264469). * CVE-2026-43110: wifi: brcmfmac: validate bsscfg indices in IF events (bsc#1264482). * CVE-2026-43120: RDMA/irdma: Fix double free related to rereg_user_mr. * CVE-2026-43126: ALSA: mixer: oss: Add card disconnect checkpoints (bsc#1264634). * CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264848). * CVE-2026-43214: KVM: x86: Add SRCU protection for reading PDPTRs in __get_sregs2() (bsc#1264651). * CVE-2026-43265: KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block() (bsc#1264427). * CVE-2026-43329: netfilter: flowtable: strictly check for maximum number of actions (bsc#1265085). * CVE-2026-43330: crypto: caam - fix overflow on long hmac keys (bsc#1264801). * CVE-2026-43334: Bluetooth: SMP: force responder MITM requirements before building the pairing response (bsc#1265090). * CVE-2026-43365: xfs: fix undersized l_iclog_roundoff values (bsc#1265119). * CVE-2026-43366: io_uring/kbuf: check if target buffer list is still legacy on recycle (bsc#1265116). * CVE-2026-43419: ceph: fix memory leaks in ceph_mdsc_build_path() (bsc#1264661). * CVE-2026-43437: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (bsc#1265126). * CVE-2026-43441: net: bonding: Fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1264674). * CVE-2026-43494: net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * CVE-2026-43503: net: skbuff: propagate shared-frag marker through frag- transfer helpers (bsc#1265960). The following non security issues were fixed: * accel/qaic: Add overflow check to remap_pfn_range during mmap (git-fixes). * ACPI: AGDI: fix missing newline in error message (git-fixes). * ACPI: CPPC: Fix related_cpus inconsistency during CPU hotplug (git-fixes). * ACPI: scan: Use acpi_dev_put() in object add error paths (git-fixes). * ACPI: video: force native backlight on HP OMEN 16 (8A44) (stable-fixes). * ALSA: 6fire: Fix input volume change detection (git-fixes). * ALSA: 6fire: fix use-after-free on disconnect (git-fixes). * ALSA: aoa: i2sbus: clear stale prepared state (git-fixes). * ALSA: aoa: i2sbus: fix OF node lifetime handling (git-fixes). * ALSA: aoa: Skip devices with no codecs in i2sbus_resume() (git-fixes). * ALSA: aoa: Use guard() for mutex locks (stable-fixes). * ALSA: asihpi: avoid write overflow check warning (stable-fixes). * ALSA: caiaq: Don't abort when no input device is available (git-fixes). * ALSA: caiaq: Fix control_put() result and cache rollback (git-fixes). * ALSA: caiaq: Fix potentially leftover ep1_in_urb at error path (git-fixes). * ALSA: caiaq: fix usb_dev refcount leak on probe failure (git-fixes). * ALSA: caiaq: Handle probe errors properly (git-fixes). * ALSA: caiaq: take a reference on the USB device in create_card() (git- fixes). * ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names() (git-fixes). * ALSA: core: Fix potential data race at fasync handling (git-fixes). * ALSA: core: Serialize deferred fasync state checks (git-fixes). * ALSA: core: Validate compress device numbers without dynamic minors (git- fixes). * ALSA: ctxfi: Add fallback to default RSR for S/PDIF (git-fixes). * ALSA: ctxfi: Fix missing SPDIFI1 index handling (stable-fixes). * ALSA: ctxfi: Limit PTP to a single page (git-fixes). * ALSA: firewire-tascam: Do not drop unread control events (git-fixes). * ALSA: fireworks: bound device-supplied status before string array lookup (git-fixes). * ALSA: hda/realtek - fixed speaker no sound update (git-fixes). * ALSA: hda/realtek: Add HP ENVY Laptop 13-ba0xxx quirk (stable-fixes). * ALSA: hda/realtek: Add mute LED quirk for HP Pavilion 15-eg0xxx (stable- fixes). * ALSA: hda/realtek: Add quirk for ASUS ROG Flow Z13-KJP GZ302EAC (stable- fixes). * ALSA: hda/realtek: add quirk for Framework F111:000F (stable-fixes). * ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14IAH10 (stable-fixes). * ALSA: hda/realtek: fix code style (ERROR: else should follow close brace '}') (git-fixes). * ALSA: misc: Use guard() for spin locks (stable-fixes). * ALSA: scarlett2: Add missing sentinel initializer field (git-fixes). * ALSA: seq: Notify client and port info changes (stable-fixes). * ALSA: seq_oss: return full count for successful SEQ_FULLSIZE writes (stable- fixes). * ALSA: usb-audio: apply quirk for MOONDROP JU Jiu (stable-fixes). * ALSA: usb-audio: Avoid false E-MU sample-rate notifications (git-fixes). * ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3() (git- fixes). * ALSA: usb-audio: Evaluate packsize caps at the right place (git-fixes). * ALSA: usb-audio: Fix Audio Advantage Micro II SPDIF switch (git-fixes). * ALSA: usb-audio: Fix potential leak of pd at parsing UAC3 streams (git- fixes). * ALSA: usb-audio: Fix quirk flags for NeuralDSP Quad Cortex (stable-fixes). * ALSA: usb-audio: Fix UAC3 cluster descriptor size check (git-fixes). * ALSA: usb-audio: midi2: Restart output URBs on resume (git-fixes). * ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES (git-fixes). * ASoC: amd: yc: Add DMI entry for HP Laptop 15-fc0xxx (stable-fixes). * ASoC: amd: yc: Add DMI quirk for ASUS EXPERTBOOK BM1403CDA (stable-fixes). * ASoC: amd: yc: Add DMI quirk for Thin A15 B7VF (stable-fixes). * ASoC: amd: yc: Add HP OMEN Gaming Laptop 16-ap0xxx product line in quirk table (stable-fixes). * ASoC: codecs: ab8500: Fix casting of private data (git-fixes). * ASoC: cs35l56: Destroy workqueue in probe error path (git-fixes). * ASoC: cs35l56: Don't use devres to unregister component (git-fixes). * ASoC: fsl_easrc: Change the type for iec958 channel status controls (git- fixes). * ASoC: fsl_easrc: Check the variable range in fsl_easrc_iec958_put_bits() (git-fixes). * ASoC: fsl_easrc: fix comment typo (git-fixes). * ASoC: fsl_easrc: Fix value type in fsl_easrc_iec958_get_bits() (git-fixes). * ASoC: fsl_micfil: Add access property for "VAD Detected" (git-fixes). * ASoC: fsl_micfil: Fix event generation in hwvad_put_enable() (git-fixes). * ASoC: fsl_micfil: Fix event generation in hwvad_put_init_mode() (git-fixes). * ASoC: fsl_micfil: Fix event generation in micfil_put_dc_remover_state() (git-fixes). * ASoC: fsl_micfil: Fix event generation in micfil_quality_set() (git-fixes). * ASoC: fsl_xcvr: Fix event generation for cached controls (git-fixes). * ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_arc_mode_put() (git-fixes). * ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_mode_put() (git-fixes). * ASoC: Intel: bytcr_wm5102: Fix MCLK leak on platform_clock_control error (git-fixes). * ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens (git-fixes). * ASoC: qcom: q6apm: move component registration to unmanaged version (git- fixes). * ASoC: qcom: q6apm: remove child devices when apm is removed (git-fixes). * ASoC: qcom: qdsp6: topology: check widget type before accessing data (git- fixes). * ASoC: soc-core: call missing INIT_LIST_HEAD() for card_aux_list (stable- fixes). * ASoC: SOF: compress: return the configured codec from get_params (git- fixes). * ASoC: SOF: Don't allow pointer operations on unconfigured streams (git- fixes). * ASoC: SOF: Intel: hda: Place check before dereference (git-fixes). * ASoC: SOF: topology: reject invalid vendor array size in token parser (stable-fixes). * ASoC: sti: Return errors from regmap_field_alloc() (git-fixes). * ASoC: sti: use managed regmap_field allocations (git-fixes). * ASoC: stm32_sai: fix incorrect BCLK polarity for DSP_A/B, LEFT_J (stable- fixes). * ata: ahci: force 32-bit DMA for JMicron JMB582/JMB585 (stable-fixes). * batman-adv: bla: only purge non-released claims (git-fixes). * batman-adv: bla: prevent use-after-free when deleting claims (git-fixes). * batman-adv: bla: put backbone reference on failed claim hash insert (git- fixes). * batman-adv: fix integer overflow on buff_pos (git-fixes). * batman-adv: hold claim backbone gateways by reference (git-fixes). * batman-adv: reject new tp_meter sessions during teardown (git-fixes). * batman-adv: reject oversized global TT response buffers (git-fixes). * batman-adv: stop caching unowned originator pointers in BAT IV (git-fixes). * Bluetooth: bnep: fix incorrect length parsing in bnep_rx_frame() extension handling (git-fixes). * Bluetooth: fix locking in hci_conn_request_evt() with HCI_PROTO_DEFER (git- fixes). * Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt (git-fixes). * Bluetooth: hci_event: fix potential UAF in SSP passkey handlers (git-fixes). * Bluetooth: hci_ldisc: Clear HCI_UART_PROTO_INIT on error (git-fixes). * Bluetooth: HIDP: serialise l2cap_unregister_user via hidp_session_sem (git- fixes). * Bluetooth: ISO: Fix data-race on dst in iso_sock_connect() (git-fixes). * Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp (git- fixes). * Bluetooth: l2cap: fix MPS check in l2cap_ecred_reconf_req (git-fixes). * Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb() (git- fixes). * Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_state_change_cb() (git- fixes). * Bluetooth: L2CAP: Fix printing wrong information if SDU length exceeds MTU (git-fixes). * Bluetooth: RFCOMM: pull credit byte with skb_pull_data() (git-fixes). * Bluetooth: SCO: check for codecs->num_codecs == 1 before assigning to sco_pi(sk)->codec (git-fixes). * Bluetooth: SCO: fix sleeping under spinlock in sco_conn_ready (git-fixes). * Bluetooth: SCO: hold sk properly in sco_conn_ready (git-fixes). * Bluetooth: virtio_bt: clamp rx length before skb_put (git-fixes). * Bluetooth: virtio_bt: validate rx pkt_type header length (git-fixes). * btrfs: do not skip logging new dentries when logging a new name (git-fixes). * btrfs: reject root items with drop_progress and zero drop_level (git-fixes). * btrfs: replace BUG() with error handling in __btrfs_balance() (git-fixes). * can: mcp251x: add error handling for power enable in open and resume (stable-fixes). * can: raw: fix ro->uniq use-after-free in raw_rcv() (git-fixes). * can: ucan: fix devres lifetime (git-fixes). * cdc-acm: new quirk for EPSON HMD (stable-fixes). * check-for-config-changes: Exclude CC_MS_EXTENSIONS. * check-for-config-changes: Exclude HAVE_CFI_ICALL_NORMALIZE_INTEGERS{,_RUSTC}. * checkpatch: add support for Assisted-by tag (stable-fixes). * comedi: dt2815: add hardware detection to prevent crash (stable-fixes). * crypto: algif_aead - Fix minimum RX size check for decryption (git-fixes). * crypto: arm64/aes - Fix 32-bit aes_mac_update() arg treated as 64-bit (git- fixes). * crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup (git- fixes). * crypto: atmel-ecc - Release client on allocation failure (git-fixes). * crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path (git-fixes). * crypto: atmel-tdes - fix DMA sync direction (git-fixes). * crypto: authencesn - reject short ahash digests during instance creation (git-fixes). * crypto: ccp - copy IV using skcipher ivsize (git-fixes). * crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed (git-fixes). * crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed (git-fixes). * crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed (git-fixes). * crypto: ccree - fix a memory leak in cc_mac_digest() (git-fixes). * crypto: hisilicon - Fix dma_unmap_single() direction (git-fixes). * crypto: jitterentropy - replace long-held spinlock with mutex (git-fixes). * crypto: pcrypt - Fix handling of MAY_BACKLOG requests (git-fixes). * crypto: qat - fix type mismatch in RAS sysfs show functions (git-fixes). * crypto: qat - use swab32 macro (git-fixes). * crypto: sa2ul - Fix AEAD fallback algorithm names (git-fixes). * crypto: simd - reject compat registrations without __ prefixes (git-fixes). * crypto: talitos - fix SEC1 32k ahash request limitation (git-fixes). * crypto: testmgr - Hide ENOENT errors (stable-fixes). * crypto: testmgr - Hide ENOENT errors better (git-fixes). * devres: fix missing node debug info in devm_krealloc() (git-fixes). * dm init: ensure device probing has finished in dm-mod.waitfor= (git-fixes). * dmaengine: dw-axi-dmac: Remove unnecessary return statement from void function (git-fixes). * dmaengine: mxs-dma: Fix missing return value from of_dma_controller_register() (git-fixes). * drm/amd/display: Add NULL check for integrated_info in clk_mgr_construct (git-fixes). * drm/amd/display: Allow DCE link encoder without AUX registers (git-fixes). * drm/amd/display: Avoid NULL dereference in dc_dmub_srv error paths (git- fixes). * drm/amd/display: Disable 10-bit truncation and dithering on DCE 6.x (git- fixes). * drm/amd/display: Read EDID from VBIOS embedded panel info (git-fixes). * drm/amd/pm/ci: Clear EnabledForActivity field for memory levels (git-fixes). * drm/amd/pm/ci: Disable MCLK DPM on problematic CI ASICs (git-fixes). * drm/amd/pm/ci: Fill DW8 fields from SMC (git-fixes). * drm/amd/pm/ci: Fix powertune defaults for Hawaii 0x67B0 (git-fixes). * drm/amd/pm/ci: Use highest MCLK on CI when MCLK DPM is disabled (git-fixes). * drm/amd/pm/smu7: Add SCLK cap for quirky Hawaii board (git-fixes). * drm/amd/pm/smu7: Fix SMU7 voltage dependency on display clock (git-fixes). * drm/amdgpu/gfx6: Support harvested SI chips with disabled TCCs (v2) (git- fixes). * drm/amdgpu/gfx9: drop unnecessary 64-bit fence flag check in KIQ (stable- fixes). * drm/amdgpu/gfx10: look at the right prop for gfx queue priority (git-fixes). * drm/amdgpu/gmc: Fix AMDGPU_GART_PLACEMENT_LOW to not overlap with VRAM (git- fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v2.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v2.5 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v3.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.3 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.5 ring (git-fixes). * drm/amdgpu/pm: add missing revision check for CI (git-fixes). * drm/amdgpu/pm: align Hawaii mclk workaround with radeon (git-fixes). * drm/amdgpu/sdma4: replace BUG_ON with WARN_ON in fence emission (git-fixes). * drm/amdgpu/vce: Prevent partial address patches (stable-fixes). * drm/amdgpu/vcn3: Avoid overflow on msg bound check (git-fixes). * drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg (stable-fixes). * drm/amdgpu/vcn4: Avoid overflow on msg bound check (git-fixes). * drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg (stable-fixes). * drm/amdgpu/vcn4: Prevent OOB reads when parsing IB (stable-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v2.0 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v2.5 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v3.0 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0.3 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0.5 enc ring (git-fixes). * drm/amdgpu: Add bounds checking to ib_{get,set}_value (stable-fixes). * drm/amdgpu: fix AMDGPU_INFO_READ_MMR_REG (git-fixes). * drm/amdgpu: fix zero-size GDS range init on RDNA4 (stable-fixes). * drm/amdgpu: zero-initialize GART table on allocation (stable-fixes). * drm/amdkfd: Add upper bound check for num_of_nodes (stable-fixes). * drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure (stable- fixes). * drm/amdkfd: validate SVM ioctl nattr against buffer size (stable-fixes). * drm/arcpgu: fix device node leak (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Add mode_valid hook to drm_bridge_funcs (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Handle HDCP state in bridge atomic check (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Set the mhdp connector earlier in atomic_enable() (git-fixes). * drm/etnaviv: Fix armed job not being pushed to the DRM scheduler (git- fixes). * drm/fb-helper: Fix clipping when damage area spans a single scanline (git- fixes). * drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() (git-fixes). * drm/gma500/oaktrail_hdmi: fix i2c adapter leak on setup (git-fixes). * drm/gma500/oaktrail_lvds: fix hang on init failure (git-fixes). * drm/gma500/oaktrail_lvds: fix i2c adapter leaks on init (git-fixes). * drm/i915/dp: Fix VSC dynamic range signaling for RGB formats (git-fixes). * drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (git- fixes). * drm/i915/wm: Verify the correct plane DDB entry (git-fixes). * drm/i915: skip __i915_request_skip() for already signaled requests (git- fixes). * drm/komeda: fix integer overflow in AFBC framebuffer size check (git-fixes). * drm/msm/a6xx: Fix dumping A650+ debugbus blocks (git-fixes). * drm/msm/a6xx: Fix HLSQ register dumping (git-fixes). * drm/msm/a6xx: Use barriers while updating HFI Q headers (git-fixes). * drm/msm/dpu: fix mismatch between power and frequency (git-fixes). * drm/msm/dsi: add the missing parameter description (git-fixes). * drm/msm/dsi: fix bits_per_pclk (git-fixes). * drm/msm/dsi: fix hdisplay calculation for CMD mode panel (git-fixes). * drm/msm/dsi: rename MSM8998 DSI version from V2_2_0 to V2_0_0 (git-fixes). * drm/msm/shrinker: Fix can_block() logic (git-fixes). * drm/nouveau: fix u32 overflow in pushbuf reloc bounds check (git-fixes). * drm/panel: sharp-ls043t1le01: make use of prepare_prev_first (git-fixes). * drm/panel: simple: Correct G190EAN01 prepare timing (git-fixes). * drm/panfrost: Fix wait_bo ioctl leaking positive return from dma_resv_wait_timeout() (git-fixes). * drm/radeon: add missing revision check for CI (git-fixes). * drm/sun4i: backend: fix error pointer dereference (git-fixes). * drm/sun4i: Fix resource leaks (git-fixes). * drm/vc4: Fix a memory leak in hang state error path (git-fixes). * drm/vc4: Fix memory leak of BO array in hang state (git-fixes). * drm/vc4: platform_get_irq_byname() returns an int (stable-fixes). * drm/vc4: Protect madv read in vc4_gem_object_mmap() with madv_lock (git- fixes). * drm/vc4: Release runtime PM reference after binding V3D (git-fixes). * drm/vram: remove DRM_VRAM_MM_FILE_OPERATIONS from docs (git-fixes). * dt-bindings: net: Fix Tegra234 MGBE PTP clock (git-fixes). * efi/capsule-loader: fix incorrect sizeof in phys array reallocation (git- fixes). * efi: pstore: Drop efivar lock when efi_pstore_open() returns with an error (git-fixes). * ext4: fix fsync(2) for nojournal mode (git-fixes). * ext4: make recently_deleted() properly work with lazy itable initialization (git-fixes). * ext4: reject mount if bigalloc with s_first_data_block != 0 (git-fixes). * extcon: ptn5150: handle pending IRQ events during system resume (git-fixes). * fbdev: matroxfb: Mark variable with __maybe_unused to avoid W=1 build break (git-fixes). * fbdev: offb: fix PCI device reference leak on probe failure (git-fixes). * fbdev: tdfxfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (stable-fixes). * fbdev: udlfb: add vm_ops to dlfb_ops_mmap to prevent use-after-free (stable- fixes). * fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (git-fixes). * firmware: dmi: Correct an indexing error in dmi.h (git-fixes). * gpio: tegra: fix irq_release_resources calling enable instead of disable (git-fixes). * gtp: disable BH before calling udp_tunnel_xmit_skb() (git-fixes). * HID: alps: fix NULL pointer dereference in alps_raw_event() (git-fixes). * HID: asus: do not abort probe when not necessary (git-fixes). * HID: asus: make asus_resume adhere to linux kernel coding standards (git- fixes). * HID: core: clamp report_size in s32ton() to avoid undefined shift (stable- fixes). * HID: multitouch: Check to ensure report responses match the request (stable- fixes). * HID: playstation: Clamp num_touch_reports (git-fixes). * HID: quirks: add HID_QUIRK_ALWAYS_POLL for 8BitDo Pro 3 (stable-fixes). * HID: roccat: fix use-after-free in roccat_report_event (stable-fixes). * HID: usbhid: fix deadlock in hid_post_reset() (git-fixes). * HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq (stable-fixes). * hv_sock: fix ARM64 support (git-fixes). * hwmon: (ads7871) Fix endianness bug in 16-bit register reads (git-fixes). * hwmon: (corsair-psu) Close HID device on probe errors (git-fixes). * hwmon: (lm63) Add locking to avoid TOCTOU (git-fixes). * hwmon: (ltc2992) Clamp threshold writes to hardware range (git-fixes). * hwmon: (ltc2992) Fix u32 overflow in power read path (git-fixes). * i2c: s3c24xx: check the size of the SMBUS message before using it (stable- fixes). * i2c: smbus: reject oversized block transfers in the common path (git-fixes). * i2c: stm32f7: reinit_completion() per transfer not per msg (git-fixes). * i2c: stub: Reject I2C block transfers with invalid length (git-fixes). * i3c: master: Fix error codes at send_ccc_cmd (git-fixes). * i3c: mipi-i3c-hci: fix IBI payload length calculation for final status (git- fixes). * ibmveth: Disable GSO for packets with small MSS (bsc#1265144). * ice: set max queues in alloc_etherdev_mqs() (git-fixes). * iio: adc: ad7768-1: fix one-shot mode data acquisition (git-fixes). * iio: adc: ti-adc161s626: use DMA-safe memory for spi_read() (git-fixes). * iio: adc: ti-ads7950: use iio_push_to_buffers_with_ts_unaligned() (git- fixes). * Input: i8042 - add TUXEDO InfinityBook Max 16 Gen10 AMD to i8042 quirk table (stable-fixes). * Input: uinput - fix circular locking dependency with ff-core (git-fixes). * Input: uinput - take event lock when submitting FF request "event" (stable- fixes). * Input: xpad - add support for BETOP BTP-KP50B/C controller's wireless mode (stable-fixes). * Input: xpad - add support for Razer Wolverine V3 Pro (stable-fixes). * ipmi: Add limits to event and receive message requests (git-fixes). * ipmi: Check event message buffer response for bad data (git-fixes). * ipmi: ssif_bmc: change log level to dbg in irq callback (git-fixes). * ipmi: ssif_bmc: fix message desynchronization after truncated response (git- fixes). * ipmi: ssif_bmc: fix missing check for copy_to_user() partial failure (git- fixes). * irqchip/irq-pic32-evic: Address warning related to wrong printf() formatter (git-fixes). * kdump, documentation: describe craskernel CMA reservation (jsc#PED-7249). * KVM: Reject wrapped offset in kvm_reset_dirty_gfn() (git-fixes). * KVM: SVM: Mark VMCB_NPT as dirty on nested VMRUN (git-fixes). * KVM: SVM: Mark VMCB_PERM_MAP as dirty on nested VMRUN (git-fixes). * KVM: x86/mmu: Retry fault before acquiring mmu_lock if mapping is changing (bsc#1253122). * KVM: x86/xen: Fix cleanup logic in emulation of Xen schedop poll hypercalls (git-fixes). * KVM: x86: check for nEPT/nNPT in slow flush hypercalls (git-fixes). * KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (git- fixes). * KVM: x86: hyper-v: Validate all GVAs during PV TLB flush (git-fixes). * KVM: x86: Ignore cpuid faulting in SMM (git-fixes). * leds: lgm-sso: Remove duplicate assignments for priv->mmap (git-fixes). * lib/hexdump: print_hex_dump_bytes() calls print_hex_dump_debug() (git- fixes). * media: amphion: Fix race between m2m job_abort and device_run (git-fixes). * media: as102: fix to not free memory after the device is registered in as102_usb_probe() (git-fixes). * media: dib8000: avoid division by 0 in dib8000_set_dds() (git-fixes). * media: em28xx: fix use-after-free in em28xx_v4l2_open() (git-fixes). * media: hackrf: fix to not free memory after the device is registered in hackrf_probe() (git-fixes). * media: i2c: imx219: Check return value of devm_gpiod_get_optional() in imx219_probe() (git-fixes). * media: i2c: imx412: Assert reset GPIO during probe (git-fixes). * media: i2c: ov08d10: fix image vertical start setting (git-fixes). * media: i2c: ov8856: free control handler on error in ov8856_init_controls() (git-fixes). * media: mtk-jpeg: fix use-after-free in release path due to uncancelled work (git-fixes). * media: omap3isp: drop the use count of v4l2 pipeline (git-fixes). * media: pci: zoran: fix potential memory leak in zoran_probe() (git-fixes). * media: rc: streamzap: Error handling in probe (git-fixes). * media: rc: xbox_remote: heed DMA restrictions (git-fixes). * media: saa7164: add ioremap return checks and cleanups (git-fixes). * media: staging: imx: configure src_mux in csi_start (git-fixes). * media: staging: imx: request mbus_config in csi_start (git-fixes). * media: uvcvideo: Enable VB2_DMABUF for metadata stream (git-fixes). * media: videobuf2: Set vma_flags in vb2_dma_sg_mmap (git-fixes). * media: vidtv: fix nfeeds state corruption on start_streaming failure (git- fixes). * media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections (git-fixes). * media: vidtv: fix pass-by-value structs causing MSAN warnings (git-fixes). * memory: tegra30-emc: Fix dll_change check (git-fixes). * memory: tegra124-emc: Fix dll_change check (git-fixes). * mfd: mc13xxx-core: Fix memory leak in mc13xxx_add_subdevice_pdata() (git- fixes). * mkspec: Add signature to source list only when it exists. * mmc: sdhci-of-dwcmshc: Disable clock before DLL configuration (git-fixes). * mmc: vub300: fix NULL-deref on disconnect (git-fixes). * modpost: Amend ppc64 save/restfpr symnames for -Os build (bsc#1215199). * mtd: docg3: Convert to platform remove callback returning void (stable- fixes). * mtd: docg3: fix use-after-free in docg3_release() (git-fixes). * mtd: parsers: ofpart: call of_node_get() for dedicated subpartitions (git- fixes). * mtd: parsers: ofpart: call of_node_put() only in ofpart_fail path (git- fixes). * mtd: physmap_of_gemini: Fix disabled pinctrl state check (git-fixes). * mtd: rawnand: sunxi: fix sunxi_nfc_hw_ecc_read_extra_oob (git-fixes). * mtd: spi-nor: core: correct the op.dummy.nbytes when check read operations (git-fixes). * mtd: spi-nor: sst: Factor out common write operation to `sst_nor_write_data()` (stable-fixes). * mtd: spi-nor: sst: Fix SST write failure (git-fixes). * mtd: spi-nor: sst: Fix write enable before AAI sequence (git-fixes). * mtd: spi-nor: swp: check SR_TB flag when getting tb_mask (git-fixes). * net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * net/sched: cls_fw: fix NULL dereference of "old" filters before change() (git-fixes). * net/sched: fix pedit partial COW leading to page cache corruption (bsc#1265421). * net: gro: don't merge zcopy skbs (git-fixes). * net: mana: Add MAC address to vPort logs and clarify error messages (git- fixes). * net: mana: check xdp_rxq registration before unreg in mana_destroy_rxq() (git-fixes). * net: mana: Don't overwrite port probe error with add_adev result (git- fixes). * net: mana: Fix crash from unvalidated SHM offset read from BAR0 during FLR (bsc#1265846). * net: mana: Fix EQ leak in mana_remove on NULL port (git-fixes). * net: mana: Fix RX skb truesize accounting (bsc#1248754). * net: mana: fix use-after-free in mana_hwc_destroy_channel() by reordering teardown (git-fixes). * net: mana: Guard mana_remove against double invocation (git-fixes). * net: mana: hardening: Validate adapter_mtu from MANA_QUERY_DEV_CONFIG (git- fixes). * net: mana: hardening: Validate doorbell ID from GDMA_REGISTER_DEVICE response (git-fixes). * net: mana: Init gf_stats_work before potential error paths in probe (git- fixes). * net: mana: Init link_change_work before potential error paths in probe (git- fixes). * net: mana: remove double CQ cleanup in mana_create_rxq error path (git- fixes). * net: mana: Set default number of queues to 16 (bsc#1261648). * net: mana: Skip WQ object destruction for uninitialized RXQ (git-fixes). * net: mana: Use at least SZ_4K in doorbell ID range check (git-fixes). * net: mana: Use pci_name() for debugfs directory naming (git-fixes). * net: phy: dp83869: fix setting CLK_O_SEL field (git-fixes). * net: stmmac: Fix PTP ref clock for Tegra234 (git-fixes). * net: usb: asix: ax88772: re-add usbnet_link_change() in phylink callbacks (git-fixes). * net: usb: cdc-phonet: fix skb frags[] overflow in rx_complete() (git-fixes). * net: usb: rtl8150: fix use-after-free in rtl8150_start_xmit() (git-fixes). * net: usb: rtl8150: free skb on usb_submit_urb() failure in xmit (git-fixes). * net: wan: fsl_ucc_hdlc: fix ucc_hdlc_remove (git-fixes). * net: wan: fsl_ucc_hdlc: fix uhdlc_memclean (git-fixes). * net: wan: fsl_ucc_hdlc: free tx_skbuff in uhdlc_memclean (git-fixes). * NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (git- fixes). * nfc: llcp: add missing return after LLCP_CLOSED checks (git-fixes). * nfc: pn533: allocate rx skb before consuming bytes (git-fixes). * nfc: s3fwrn5: allocate rx skb before consuming bytes (git-fixes). * NFC: trf7970a: Ignore antenna noise when checking for RF field (git-fixes). * nvmet-tcp: propagate nvmet_tcp_build_pdu_iovec() errors to its callers (git- fixes). * ocfs2: fix possible deadlock between unlink and dio_end_io_write (bsc#1258718). * ocfs2: split transactions in dio completion to avoid credit exhaustion (bsc#1258718). * PCI/AER: Clear only error bits in PCIe Device Status (git-fixes). * PCI/AER: Stop ruling out unbound devices as error source (git-fixes). * PCI: dwc: Apply ECRC workaround to DesignWare 5.00a as well (git-fixes). * PCI: Enable AtomicOps only if Root Port supports them (git-fixes). * PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown (git-fixes). * PCI: hv: Set default NUMA node to 0 for devices without affinity info (git- fixes). * PCI: mediatek-gen3: Prevent leaking IRQ domains when IRQ not found (git- fixes). * PCI: tegra194: Allow system suspend when the Endpoint link is not up (git- fixes). * PCI: tegra194: Disable direct speed change for Endpoint mode (git-fixes). * PCI: tegra194: Disable LTSSM after transition to Detect on surprise link down (git-fixes). * PCI: tegra194: Disable PERST# IRQ only in Endpoint mode (git-fixes). * PCI: tegra194: Fix polling delay for L2 state (git-fixes). * PCI: tegra194: Increase LTSSM poll time on surprise link down (git-fixes). * PCI: tegra194: Set LTR message request before PCIe link up in Endpoint mode (git-fixes). * PCI: tegra194: Use devm_gpiod_get_optional() to parse "nvidia,refclk-select" (git-fixes). * PCI: tegra194: Use DWC IP core version (git-fixes). * pinctrl: abx500: Fix type of 'argument' variable (git-fixes). * pinctrl: Fix spelling problem (git-fixes). * pinctrl: intel: Fix the revision for new features (1kOhm PD, HW debouncer) (stable-fixes). * pinctrl: pic32: change all cases of bare 'unsigned' to 'unsigned int' (git- fixes). * pinctrl: pic32: use consistent spacing around '+' (git-fixes). * pinctrl: pinctrl-pic32: Fix resource leak (git-fixes). * platform/chrome: chromeos_tbmc: Drop wakeup source on remove (git-fixes). * platform/surface: surfacepro3_button: Drop wakeup source on remove (git- fixes). * platform/x86/amd: pmc: Add Thinkpad L14 Gen3 to quirk_s2idle_bug (stable- fixes). * platform/x86: dell-wmi-sysman: bound enumeration string aggregation (git- fixes). * platform/x86: dell_rbu: avoid uninit value usage in packet_size_write() (git-fixes). * platform/x86: hp-wmi: Ignore backlight and FnLock events (stable-fixes). * platform/x86: panasonic-laptop: Fix OPTD notifier registration and cleanup (git-fixes). * power: supply: axp288_charger: Do not cancel work before initializing it (git-fixes). * power: supply: max17042: avoid overflow when determining health (git-fixes). * powerpc/crash: fix backup region offset update to elfcorehdr (bsc#1259535). * RDMA/mana: Fix error unwind in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Fix mana_destroy_wq_obj() cleanup in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Validate rx_hash_key_len (git-fixes). * RDMA/mana_ib: cleanup the usage of mana_gd_send_request() (git-fixes). * RDMA/mana_ib: Disable RX steering on RSS QP destroy (git-fixes). * RDMA/mana_ib: Support memory windows (git-fixes). * regulator: act8945a: fix OF node reference imbalance (git-fixes). * regulator: bd9571mwv: fix OF node reference imbalance (git-fixes). * regulator: max77650: fix OF node reference imbalance (git-fixes). * regulator: mt6357: fix OF node reference imbalance (git-fixes). * remoteproc: xlnx: Only access buffer information if IPI is buffered (git- fixes). * Revert "ALSA: usb: Increase volume range that triggers a warning" (git- fixes). * rtc: abx80x: Disable alarm feature if no interrupt attached (git-fixes). * rtc: ntxec: fix OF node reference imbalance (git-fixes). * sched/balancing: Switch the 'DEFINE_SPINLOCK(balancing)' spinlock into an 'atomic_t sched_balance_running' flag (bsc#1253754). * sched/fair: Change likelyhood of nohz.nr_cpus (bsc#1234634 bsc#1258961). * sched/fair: Have SD_SERIALIZE affect newidle balancing (bsc#1253754). * sched/fair: Move checking for nohz cpus after time check (bsc#1234634 bsc#1258961). * sched/fair: Remove nohz.nr_cpus and use weight of cpumask instead (bsc#1234634 bsc#1258961). * sched/fair: Skip sched_balance_running cmpxchg when balance is not due (bsc#1253754). * scsi: storvsc: Handle PERSISTENT_RESERVE_IN truncation for Hyper-V vFC (git- fixes). * scsi: target: iscsi: validate CHAP_R length before base64 decode (bsc#1265449). * soc/tegra: cbb: Set ERD on resume for err interrupt (git-fixes). * soc: qcom: aoss: compare against normalized cooling state (git-fixes). * soc: qcom: llcc: fix v1 SB syndrome register offset (git-fixes). * sound: ua101: fix division by zero at probe (git-fixes). * soundwire: bus: demote UNATTACHED state warnings to dev_dbg() (git-fixes). * soundwire: cadence: Clear message complete before signaling waiting thread (git-fixes). * spi: at91-usart: fix controller deregistration (git-fixes). * spi: atmel: fix controller deregistration (git-fixes). * spi: cadence: fix controller deregistration (git-fixes). * spi: fix controller cleanup() documentation (git-fixes). * spi: fix misleading controller deregistration kernel-doc (git-fixes). * spi: fix misleading controller registration kernel-doc (git-fixes). * spi: fsl-qspi: Use reinit_completion() for repeated operations (git-fixes). * spi: hisi-kunpeng: prevent infinite while() loop in hisi_spi_flush_fifo (git-fixes). * spi: imx: fix runtime pm leak on probe deferral (git-fixes). * spi: imx: fix use-after-free on unbind (git-fixes). * spi: microchip-core-qspi: fix controller deregistration (git-fixes). * spi: microchip-core-qspi: Use helper function devm_clk_get_enabled() (stable-fixes). * spi: mpc52xx: fix use-after-free on unbind (git-fixes). * spi: mtk-nor: fix controller deregistration (git-fixes). * spi: mtk-snfi: unregister ECC engine on probe failure and remove() callback (git-fixes). * spi: omap2-mcspi: fix controller deregistration (git-fixes). * spi: orion: fix clock imbalance on registration failure (git-fixes). * spi: orion: fix runtime pm leak on unbind (git-fixes). * spi: rockchip: fix controller deregistration (git-fixes). * spi: rspi: fix controller deregistration (git-fixes). * spi: sh-hspi: fix controller deregistration (git-fixes). * spi: spi-ti-qspi: Convert to platform remove callback returning void (stable-fixes). * spi: sprd: fix controller deregistration (git-fixes). * spi: sun4i: fix controller deregistration (git-fixes). * spi: sun4i: switch to use modern name (stable-fixes). * spi: syncuacer: fix controller deregistration (git-fixes). * spi: synquacer: switch to use modern name (stable-fixes). * spi: uniphier: fix controller deregistration (git-fixes). * spi: uniphier: Simplify clock handling with devm_clk_get_enabled() (stable- fixes). * spi: uniphier: switch to use modern name (stable-fixes). * spi: zynq-qspi: switch to use modern name (stable-fixes). * spi: zynqmp-gqspi: fix controller deregistration (git-fixes). * staging: media: atomisp: Disallow all private IOCTLs (git-fixes). * staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify() (git-fixes). * staging: sm750fb: fix division by zero in ps_to_hz() (git-fixes). * staging: vme_user: added bound check to geoid (stable-fixes). * staging: vme_user: fix root device leak on init failure (git-fixes). * thermal/drivers/spear: Fix error condition for reading st,thermal-flags (git-fixes). * thermal/drivers/sprd: Fix raw temperature clamping in sprd_thm_rawdata_to_temp (git-fixes). * thermal/drivers/sprd: Fix temperature clamping in sprd_thm_temp_to_rawdata (git-fixes). * tpm: avoid -Wunused-but-set-variable (git-fixes). * tpm: tpm_tis: add error logging for data transfer (git-fixes). * tpm: tpm_tis: stop transmit if retries are exhausted (git-fixes). * tty: tty_io: update timestamps on all device nodes (bsc#1262020). * USB: cdc-acm: Add quirks for Yoga Book 9 14IAH10 INGENIC touchscreen (stable-fixes). * usb: chipidea: core: allow ci_irq_handler() handle both ID and VBUS change (git-fixes). * usb: chipidea: otg: not wait vbus drop if use role_switch (git-fixes). * USB: core: add NO_LPM quirk for Razer Kiyo Pro webcam (stable-fixes). * usb: gadget: dummy_hcd: fix premature URB completion when ZLP follows partial transfer (stable-fixes). * usb: gadget: f_ncm: validate minimum block_len in ncm_unwrap_ntb() (git- fixes). * usb: gadget: f_phonet: fix skb frags[] overflow in pn_rx_complete() (stable- fixes). * usb: gadget: f_uac1_legacy: validate control request size (stable-fixes). * usb: gadget: renesas_usb3: validate endpoint index in standard request handlers (git-fixes). * USB: omap_udc: DMA: Don't enable burst 4 mode (git-fixes). * usb: port: add delay after usb_hub_set_port_power() (git-fixes). * usb: quirks: add DELAY_INIT quirk for another Silicon Motion flash drive (stable-fixes). * USB: serial: io_edgeport: add support for Blackbox IC135A (stable-fixes). * USB: serial: option: add MeiG Smart SRM825WN (stable-fixes). * USB: serial: option: add support for Rolling Wireless RW135R-GL (stable- fixes). * USB: serial: option: add Telit Cinterion FN990A MBIM composition (stable- fixes). * USB: serial: option: add Telit Cinterion LE910Cx compositions (stable- fixes). * usb: storage: Expand range of matched versions for VL817 quirks entry (stable-fixes). * usb: ulpi: fix memory leak on ulpi_register() error paths (git-fixes). * usb: usblp: fix heap leak in IEEE 1284 device ID via short response (stable- fixes). * usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl (stable- fixes). * usb: xhci: Make usb_host_endpoint.hcpriv survive endpoint_disable() (git- fixes). * usbip: validate number_of_packets in usbip_pack_ret_submit() (git-fixes). * virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (git- fixes). * virt: tdx-guest: Return error for GetQuote failures (git-fixes). * wifi: ath5k: do not access array OOB (git-fixes). * wifi: ath9k: Fix typo (git-fixes). * wifi: ath11k: Pass the correct value of each TID during a stop AMPDU session (git-fixes). * wifi: ath11k: skip status ring entry processing (stable-fixes). * wifi: ath11k: Use dma_alloc_noncoherent for rx_tid buffer allocation (stable-fixes). * wifi: b43: enforce bounds check on firmware key index in b43_rx() (git- fixes). * wifi: b43legacy: enforce bounds check on firmware key index in RX path (git- fixes). * wifi: brcmfmac: Fix error pointer dereference (git-fixes). * wifi: brcmfmac: validate bsscfg indices in IF events (stable-fixes). * wifi: brcmsmac: Fix dma_free_coherent() size (git-fixes). * wifi: cw1200: Revert "Fix locking in error paths" (git-fixes). * wifi: libertas: notify firmware load wait on disconnect (git-fixes). * wifi: mac80211: check ieee80211_rx_data_set_link return in pubsta MLO path (git-fixes). * wifi: mac80211: drop stray 'static' from fast-RX rx_result (git-fixes). * wifi: mac80211: remove station if connection prep fails (git-fixes). * wifi: mt76: mt792x: describe USB WFSYS reset with a descriptor (stable- fixes). * wifi: mt76: mt792x: fix mt7925u USB WFSYS reset handling (git-fixes). * wifi: mt76: mt7615: fix use_cts_prot support (git-fixes). * wifi: mt76: mt7915: fix use-after-free bugs in mt7915_mac_dump_work() (git- fixes). * wifi: mt76: mt7915: fix use_cts_prot support (git-fixes). * wifi: mt76: mt7921: fix a potential clc buffer length underflow (git-fixes). * wifi: mt76: mt7921: fix ROC abort flow interruption in mt7921_roc_work (git- fixes). * wifi: mt76: mt7921: Reset ampdu_state state in case of failure in mt76_connac2_tx_check_aggr() (git-fixes). * wifi: mt76: mt7925: fix incorrect length field in txpower command (git- fixes). * wifi: mt76: mt7996: fix FCS error flag check in RX descriptor (git-fixes). * wifi: mt76: mt7996: fix struct mt7996_mcu_uni_event (git-fixes). * wifi: mwifiex: Fix memory leak in mwifiex_11n_aggregate_pkt() (git-fixes). * wifi: nl80211: fix NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST usage (git- fixes). * wifi: nl80211: require admin perm on SET_PMK / DEL_PMK (git-fixes). * wifi: rsi: fix kthread lifetime race between self-exit and external-stop (git-fixes). * wifi: rt2x00usb: fix devres lifetime (git-fixes). * wifi: rtlwifi: pci: fix possible use-after-free caused by unfinished irq_prepare_bcn_tasklet (git-fixes). * wifi: rtw88: check for PCI upstream bridge existence (git-fixes). * wifi: rtw88: fix device leak on probe failure (git-fixes). * wifi: rtw89: phy: fix uninitialized variable access in rtw89_phy_cfo_set_crystal_cap() (git-fixes). * wifi: wl1251: validate packet IDs before indexing tx_frames (stable-fixes). * workqueue: Break up enum definitions and give names to the types (bsc#1260522). * workqueue: Clean up enum work_bits and related constants (bsc#1260522). * workqueue: Factor out work_grab_pending() from __cancel_work_sync() (bsc#1260522). * workqueue: Fix UBSAN 'subtraction overflow' error in shift_and_mask() (bsc#1260522). * workqueue: Implement disable/enable for (delayed) work items (bsc#1260522). * workqueue: Introduce work_cancel_flags (bsc#1260522). * workqueue: Make @flags handling consistent across set_work_data() and friends (bsc#1260522). * workqueue: Preserve OFFQ bits in cancel[_sync] paths (bsc#1260522). * workqueue: Rename __cancel_work_timer() to __cancel_timer_sync() (bsc#1260522). * workqueue: Reorganize flush and cancel[_sync] functions (bsc#1260522). * x86/boot/64: Clear most of CR4 in startup_64(), except PAE, MCE and LA57 (git-fixes). * x86/boot/sev: Avoid shared GHCB page for early memory acceptance (git- fixes). * x86/boot: Don't add the EFI stub to targets, again (git-fixes). * x86/boot: Fix page table access in 5-level to 4-level paging transition (git-fixes). * X.509: Fix out-of-bounds access when parsing extensions (git-fixes). * Xarray: do not return sibling entries from xas_find_marked() (bsc#1263815). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-435=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 x86_64) * kernel-default-base-6.4.0-46.1.21.23 * SUSE Linux Micro 6.0 (noarch) * kernel-macros-6.4.0-46.1 * kernel-devel-6.4.0-46.1 * kernel-source-6.4.0-46.1 * SUSE Linux Micro 6.0 (aarch64 nosrc s390x x86_64) * kernel-default-6.4.0-46.1 * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * kernel-default-debuginfo-6.4.0-46.1 * kernel-default-debugsource-6.4.0-46.1 * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-default-livepatch-6.4.0-46.1 * SUSE Linux Micro 6.0 (nosrc x86_64) * kernel-kvmsmall-6.4.0-46.1 * SUSE Linux Micro 6.0 (x86_64) * kernel-kvmsmall-debugsource-6.4.0-46.1 * kernel-kvmsmall-debuginfo-6.4.0-46.1 ## References: * https://www.suse.com/security/cve/CVE-2023-2058.html * https://www.suse.com/security/cve/CVE-2025-40219.html * https://www.suse.com/security/cve/CVE-2025-71183.html * https://www.suse.com/security/cve/CVE-2025-71238.html * https://www.suse.com/security/cve/CVE-2026-23168.html * https://www.suse.com/security/cve/CVE-2026-23209.html * https://www.suse.com/security/cve/CVE-2026-23236.html * https://www.suse.com/security/cve/CVE-2026-23237.html * https://www.suse.com/security/cve/CVE-2026-23239.html * https://www.suse.com/security/cve/CVE-2026-23240.html * https://www.suse.com/security/cve/CVE-2026-23245.html * https://www.suse.com/security/cve/CVE-2026-23246.html * https://www.suse.com/security/cve/CVE-2026-23253.html * https://www.suse.com/security/cve/CVE-2026-23260.html * https://www.suse.com/security/cve/CVE-2026-23264.html * https://www.suse.com/security/cve/CVE-2026-23266.html * https://www.suse.com/security/cve/CVE-2026-23268.html * https://www.suse.com/security/cve/CVE-2026-23269.html * https://www.suse.com/security/cve/CVE-2026-23271.html * https://www.suse.com/security/cve/CVE-2026-23273.html * https://www.suse.com/security/cve/CVE-2026-23276.html * https://www.suse.com/security/cve/CVE-2026-23279.html * https://www.suse.com/security/cve/CVE-2026-23290.html * https://www.suse.com/security/cve/CVE-2026-23291.html * https://www.suse.com/security/cve/CVE-2026-23298.html * https://www.suse.com/security/cve/CVE-2026-23300.html * https://www.suse.com/security/cve/CVE-2026-23306.html * https://www.suse.com/security/cve/CVE-2026-23307.html * https://www.suse.com/security/cve/CVE-2026-23308.html * https://www.suse.com/security/cve/CVE-2026-23312.html * https://www.suse.com/security/cve/CVE-2026-23313.html * https://www.suse.com/security/cve/CVE-2026-23315.html * https://www.suse.com/security/cve/CVE-2026-23318.html * https://www.suse.com/security/cve/CVE-2026-23321.html * https://www.suse.com/security/cve/CVE-2026-23324.html * https://www.suse.com/security/cve/CVE-2026-23325.html * https://www.suse.com/security/cve/CVE-2026-23336.html * https://www.suse.com/security/cve/CVE-2026-23339.html * https://www.suse.com/security/cve/CVE-2026-23340.html * https://www.suse.com/security/cve/CVE-2026-23346.html * https://www.suse.com/security/cve/CVE-2026-23351.html * https://www.suse.com/security/cve/CVE-2026-23357.html * https://www.suse.com/security/cve/CVE-2026-23362.html * https://www.suse.com/security/cve/CVE-2026-23363.html * https://www.suse.com/security/cve/CVE-2026-23365.html * https://www.suse.com/security/cve/CVE-2026-23367.html * https://www.suse.com/security/cve/CVE-2026-23368.html * https://www.suse.com/security/cve/CVE-2026-23370.html * https://www.suse.com/security/cve/CVE-2026-23372.html * https://www.suse.com/security/cve/CVE-2026-23373.html * https://www.suse.com/security/cve/CVE-2026-23374.html * https://www.suse.com/security/cve/CVE-2026-23378.html * https://www.suse.com/security/cve/CVE-2026-23382.html * https://www.suse.com/security/cve/CVE-2026-23391.html * https://www.suse.com/security/cve/CVE-2026-23392.html * https://www.suse.com/security/cve/CVE-2026-23393.html * https://www.suse.com/security/cve/CVE-2026-23396.html * https://www.suse.com/security/cve/CVE-2026-23397.html * https://www.suse.com/security/cve/CVE-2026-23399.html * https://www.suse.com/security/cve/CVE-2026-23403.html * https://www.suse.com/security/cve/CVE-2026-23404.html * https://www.suse.com/security/cve/CVE-2026-23405.html * https://www.suse.com/security/cve/CVE-2026-23406.html * https://www.suse.com/security/cve/CVE-2026-23407.html * https://www.suse.com/security/cve/CVE-2026-23408.html * https://www.suse.com/security/cve/CVE-2026-23409.html * https://www.suse.com/security/cve/CVE-2026-23410.html * https://www.suse.com/security/cve/CVE-2026-23411.html * https://www.suse.com/security/cve/CVE-2026-23420.html * https://www.suse.com/security/cve/CVE-2026-23426.html * https://www.suse.com/security/cve/CVE-2026-23434.html * https://www.suse.com/security/cve/CVE-2026-23440.html * https://www.suse.com/security/cve/CVE-2026-23441.html * https://www.suse.com/security/cve/CVE-2026-23442.html * https://www.suse.com/security/cve/CVE-2026-23443.html * https://www.suse.com/security/cve/CVE-2026-23446.html * https://www.suse.com/security/cve/CVE-2026-23447.html * https://www.suse.com/security/cve/CVE-2026-23448.html * https://www.suse.com/security/cve/CVE-2026-23449.html * https://www.suse.com/security/cve/CVE-2026-23450.html * https://www.suse.com/security/cve/CVE-2026-23452.html * https://www.suse.com/security/cve/CVE-2026-23455.html * https://www.suse.com/security/cve/CVE-2026-23456.html * https://www.suse.com/security/cve/CVE-2026-23457.html * https://www.suse.com/security/cve/CVE-2026-23458.html * https://www.suse.com/security/cve/CVE-2026-23460.html * https://www.suse.com/security/cve/CVE-2026-23461.html * https://www.suse.com/security/cve/CVE-2026-23462.html * https://www.suse.com/security/cve/CVE-2026-23463.html * https://www.suse.com/security/cve/CVE-2026-23465.html * https://www.suse.com/security/cve/CVE-2026-23468.html * https://www.suse.com/security/cve/CVE-2026-23472.html * https://www.suse.com/security/cve/CVE-2026-23473.html * https://www.suse.com/security/cve/CVE-2026-23474.html * https://www.suse.com/security/cve/CVE-2026-23475.html * https://www.suse.com/security/cve/CVE-2026-31389.html * https://www.suse.com/security/cve/CVE-2026-31393.html * https://www.suse.com/security/cve/CVE-2026-31400.html * https://www.suse.com/security/cve/CVE-2026-31402.html * https://www.suse.com/security/cve/CVE-2026-31403.html * https://www.suse.com/security/cve/CVE-2026-31404.html * https://www.suse.com/security/cve/CVE-2026-31405.html * https://www.suse.com/security/cve/CVE-2026-31407.html * https://www.suse.com/security/cve/CVE-2026-31408.html * https://www.suse.com/security/cve/CVE-2026-31411.html * https://www.suse.com/security/cve/CVE-2026-31412.html * https://www.suse.com/security/cve/CVE-2026-31415.html * https://www.suse.com/security/cve/CVE-2026-31416.html * https://www.suse.com/security/cve/CVE-2026-31417.html * https://www.suse.com/security/cve/CVE-2026-31420.html * https://www.suse.com/security/cve/CVE-2026-31421.html * https://www.suse.com/security/cve/CVE-2026-31422.html * https://www.suse.com/security/cve/CVE-2026-31423.html * https://www.suse.com/security/cve/CVE-2026-31424.html * https://www.suse.com/security/cve/CVE-2026-31425.html * https://www.suse.com/security/cve/CVE-2026-31426.html * https://www.suse.com/security/cve/CVE-2026-31427.html * https://www.suse.com/security/cve/CVE-2026-31428.html * https://www.suse.com/security/cve/CVE-2026-31436.html * https://www.suse.com/security/cve/CVE-2026-31449.html * https://www.suse.com/security/cve/CVE-2026-31470.html * https://www.suse.com/security/cve/CVE-2026-31488.html * https://www.suse.com/security/cve/CVE-2026-31494.html * https://www.suse.com/security/cve/CVE-2026-31496.html * https://www.suse.com/security/cve/CVE-2026-31504.html * https://www.suse.com/security/cve/CVE-2026-31505.html * https://www.suse.com/security/cve/CVE-2026-31507.html * https://www.suse.com/security/cve/CVE-2026-31512.html * https://www.suse.com/security/cve/CVE-2026-31515.html * https://www.suse.com/security/cve/CVE-2026-31519.html * https://www.suse.com/security/cve/CVE-2026-31525.html * https://www.suse.com/security/cve/CVE-2026-31528.html * https://www.suse.com/security/cve/CVE-2026-31533.html * https://www.suse.com/security/cve/CVE-2026-31550.html * https://www.suse.com/security/cve/CVE-2026-31565.html * https://www.suse.com/security/cve/CVE-2026-31570.html * https://www.suse.com/security/cve/CVE-2026-31586.html * https://www.suse.com/security/cve/CVE-2026-31588.html * https://www.suse.com/security/cve/CVE-2026-31602.html * https://www.suse.com/security/cve/CVE-2026-31607.html * https://www.suse.com/security/cve/CVE-2026-31622.html * https://www.suse.com/security/cve/CVE-2026-31649.html * https://www.suse.com/security/cve/CVE-2026-31656.html * https://www.suse.com/security/cve/CVE-2026-31662.html * https://www.suse.com/security/cve/CVE-2026-31668.html * https://www.suse.com/security/cve/CVE-2026-31669.html * https://www.suse.com/security/cve/CVE-2026-31675.html * https://www.suse.com/security/cve/CVE-2026-31679.html * https://www.suse.com/security/cve/CVE-2026-31681.html * https://www.suse.com/security/cve/CVE-2026-31682.html * https://www.suse.com/security/cve/CVE-2026-31684.html * https://www.suse.com/security/cve/CVE-2026-31685.html * https://www.suse.com/security/cve/CVE-2026-31694.html * https://www.suse.com/security/cve/CVE-2026-31700.html * https://www.suse.com/security/cve/CVE-2026-31738.html * https://www.suse.com/security/cve/CVE-2026-31787.html * https://www.suse.com/security/cve/CVE-2026-43009.html * https://www.suse.com/security/cve/CVE-2026-43025.html * https://www.suse.com/security/cve/CVE-2026-43027.html * https://www.suse.com/security/cve/CVE-2026-43037.html * https://www.suse.com/security/cve/CVE-2026-43038.html * https://www.suse.com/security/cve/CVE-2026-43044.html * https://www.suse.com/security/cve/CVE-2026-43050.html * https://www.suse.com/security/cve/CVE-2026-43060.html * https://www.suse.com/security/cve/CVE-2026-43088.html * https://www.suse.com/security/cve/CVE-2026-43110.html * https://www.suse.com/security/cve/CVE-2026-43120.html * https://www.suse.com/security/cve/CVE-2026-43126.html * https://www.suse.com/security/cve/CVE-2026-43190.html * https://www.suse.com/security/cve/CVE-2026-43214.html * https://www.suse.com/security/cve/CVE-2026-43265.html * https://www.suse.com/security/cve/CVE-2026-43329.html * https://www.suse.com/security/cve/CVE-2026-43330.html * https://www.suse.com/security/cve/CVE-2026-43334.html * https://www.suse.com/security/cve/CVE-2026-43365.html * https://www.suse.com/security/cve/CVE-2026-43366.html * https://www.suse.com/security/cve/CVE-2026-43419.html * https://www.suse.com/security/cve/CVE-2026-43437.html * https://www.suse.com/security/cve/CVE-2026-43441.html * https://www.suse.com/security/cve/CVE-2026-43494.html * https://www.suse.com/security/cve/CVE-2026-43503.html * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1234634 * https://bugzilla.suse.com/show_bug.cgi?id=1243603 * https://bugzilla.suse.com/show_bug.cgi?id=1248754 * https://bugzilla.suse.com/show_bug.cgi?id=1253122 * https://bugzilla.suse.com/show_bug.cgi?id=1253754 * https://bugzilla.suse.com/show_bug.cgi?id=1254518 * https://bugzilla.suse.com/show_bug.cgi?id=1256863 * https://bugzilla.suse.com/show_bug.cgi?id=1257631 * https://bugzilla.suse.com/show_bug.cgi?id=1258518 * https://bugzilla.suse.com/show_bug.cgi?id=1258718 * https://bugzilla.suse.com/show_bug.cgi?id=1258826 * https://bugzilla.suse.com/show_bug.cgi?id=1258849 * https://bugzilla.suse.com/show_bug.cgi?id=1258850 * https://bugzilla.suse.com/show_bug.cgi?id=1258854 * https://bugzilla.suse.com/show_bug.cgi?id=1258855 * https://bugzilla.suse.com/show_bug.cgi?id=1258856 * https://bugzilla.suse.com/show_bug.cgi?id=1258857 * https://bugzilla.suse.com/show_bug.cgi?id=1258961 * https://bugzilla.suse.com/show_bug.cgi?id=1259186 * https://bugzilla.suse.com/show_bug.cgi?id=1259199 * https://bugzilla.suse.com/show_bug.cgi?id=1259222 * https://bugzilla.suse.com/show_bug.cgi?id=1259484 * https://bugzilla.suse.com/show_bug.cgi?id=1259485 * https://bugzilla.suse.com/show_bug.cgi?id=1259535 * https://bugzilla.suse.com/show_bug.cgi?id=1259799 * https://bugzilla.suse.com/show_bug.cgi?id=1259806 * https://bugzilla.suse.com/show_bug.cgi?id=1259857 * https://bugzilla.suse.com/show_bug.cgi?id=1259868 * https://bugzilla.suse.com/show_bug.cgi?id=1259869 * https://bugzilla.suse.com/show_bug.cgi?id=1259873 * https://bugzilla.suse.com/show_bug.cgi?id=1259878 * https://bugzilla.suse.com/show_bug.cgi?id=1260010 * https://bugzilla.suse.com/show_bug.cgi?id=1260012 * https://bugzilla.suse.com/show_bug.cgi?id=1260018 * https://bugzilla.suse.com/show_bug.cgi?id=1260468 * https://bugzilla.suse.com/show_bug.cgi?id=1260483 * https://bugzilla.suse.com/show_bug.cgi?id=1260484 * https://bugzilla.suse.com/show_bug.cgi?id=1260485 * https://bugzilla.suse.com/show_bug.cgi?id=1260489 * https://bugzilla.suse.com/show_bug.cgi?id=1260501 * https://bugzilla.suse.com/show_bug.cgi?id=1260504 * https://bugzilla.suse.com/show_bug.cgi?id=1260505 * https://bugzilla.suse.com/show_bug.cgi?id=1260507 * https://bugzilla.suse.com/show_bug.cgi?id=1260522 * https://bugzilla.suse.com/show_bug.cgi?id=1260523 * https://bugzilla.suse.com/show_bug.cgi?id=1260526 * https://bugzilla.suse.com/show_bug.cgi?id=1260528 * https://bugzilla.suse.com/show_bug.cgi?id=1260529 * https://bugzilla.suse.com/show_bug.cgi?id=1260530 * https://bugzilla.suse.com/show_bug.cgi?id=1260531 * https://bugzilla.suse.com/show_bug.cgi?id=1260532 * https://bugzilla.suse.com/show_bug.cgi?id=1260533 * https://bugzilla.suse.com/show_bug.cgi?id=1260536 * https://bugzilla.suse.com/show_bug.cgi?id=1260537 * https://bugzilla.suse.com/show_bug.cgi?id=1260538 * https://bugzilla.suse.com/show_bug.cgi?id=1260541 * https://bugzilla.suse.com/show_bug.cgi?id=1260546 * https://bugzilla.suse.com/show_bug.cgi?id=1260549 * https://bugzilla.suse.com/show_bug.cgi?id=1260551 * https://bugzilla.suse.com/show_bug.cgi?id=1260552 * https://bugzilla.suse.com/show_bug.cgi?id=1260553 * https://bugzilla.suse.com/show_bug.cgi?id=1260555 * https://bugzilla.suse.com/show_bug.cgi?id=1260561 * https://bugzilla.suse.com/show_bug.cgi?id=1260566 * https://bugzilla.suse.com/show_bug.cgi?id=1260572 * https://bugzilla.suse.com/show_bug.cgi?id=1260581 * https://bugzilla.suse.com/show_bug.cgi?id=1260728 * https://bugzilla.suse.com/show_bug.cgi?id=1260729 * https://bugzilla.suse.com/show_bug.cgi?id=1260731 * https://bugzilla.suse.com/show_bug.cgi?id=1260800 * https://bugzilla.suse.com/show_bug.cgi?id=1260811 * https://bugzilla.suse.com/show_bug.cgi?id=1261020 * https://bugzilla.suse.com/show_bug.cgi?id=1261287 * https://bugzilla.suse.com/show_bug.cgi?id=1261295 * https://bugzilla.suse.com/show_bug.cgi?id=1261348 * https://bugzilla.suse.com/show_bug.cgi?id=1261503 * https://bugzilla.suse.com/show_bug.cgi?id=1261504 * https://bugzilla.suse.com/show_bug.cgi?id=1261581 * https://bugzilla.suse.com/show_bug.cgi?id=1261582 * https://bugzilla.suse.com/show_bug.cgi?id=1261584 * https://bugzilla.suse.com/show_bug.cgi?id=1261601 * https://bugzilla.suse.com/show_bug.cgi?id=1261602 * https://bugzilla.suse.com/show_bug.cgi?id=1261618 * https://bugzilla.suse.com/show_bug.cgi?id=1261628 * https://bugzilla.suse.com/show_bug.cgi?id=1261632 * https://bugzilla.suse.com/show_bug.cgi?id=1261636 * https://bugzilla.suse.com/show_bug.cgi?id=1261638 * https://bugzilla.suse.com/show_bug.cgi?id=1261641 * https://bugzilla.suse.com/show_bug.cgi?id=1261644 * https://bugzilla.suse.com/show_bug.cgi?id=1261645 * https://bugzilla.suse.com/show_bug.cgi?id=1261648 * https://bugzilla.suse.com/show_bug.cgi?id=1261679 * https://bugzilla.suse.com/show_bug.cgi?id=1261685 * https://bugzilla.suse.com/show_bug.cgi?id=1261686 * https://bugzilla.suse.com/show_bug.cgi?id=1261687 * https://bugzilla.suse.com/show_bug.cgi?id=1261692 * https://bugzilla.suse.com/show_bug.cgi?id=1261694 * https://bugzilla.suse.com/show_bug.cgi?id=1261700 * https://bugzilla.suse.com/show_bug.cgi?id=1261703 * https://bugzilla.suse.com/show_bug.cgi?id=1261707 * https://bugzilla.suse.com/show_bug.cgi?id=1261710 * https://bugzilla.suse.com/show_bug.cgi?id=1261713 * https://bugzilla.suse.com/show_bug.cgi?id=1261719 * https://bugzilla.suse.com/show_bug.cgi?id=1261750 * https://bugzilla.suse.com/show_bug.cgi?id=1261751 * https://bugzilla.suse.com/show_bug.cgi?id=1261752 * https://bugzilla.suse.com/show_bug.cgi?id=1261768 * https://bugzilla.suse.com/show_bug.cgi?id=1261778 * https://bugzilla.suse.com/show_bug.cgi?id=1261779 * https://bugzilla.suse.com/show_bug.cgi?id=1261781 * https://bugzilla.suse.com/show_bug.cgi?id=1261789 * https://bugzilla.suse.com/show_bug.cgi?id=1261796 * https://bugzilla.suse.com/show_bug.cgi?id=1261797 * https://bugzilla.suse.com/show_bug.cgi?id=1261896 * https://bugzilla.suse.com/show_bug.cgi?id=1262020 * https://bugzilla.suse.com/show_bug.cgi?id=1262053 * https://bugzilla.suse.com/show_bug.cgi?id=1262054 * https://bugzilla.suse.com/show_bug.cgi?id=1262055 * https://bugzilla.suse.com/show_bug.cgi?id=1262061 * https://bugzilla.suse.com/show_bug.cgi?id=1262063 * https://bugzilla.suse.com/show_bug.cgi?id=1262074 * https://bugzilla.suse.com/show_bug.cgi?id=1262078 * https://bugzilla.suse.com/show_bug.cgi?id=1262086 * https://bugzilla.suse.com/show_bug.cgi?id=1262087 * https://bugzilla.suse.com/show_bug.cgi?id=1262099 * https://bugzilla.suse.com/show_bug.cgi?id=1262100 * https://bugzilla.suse.com/show_bug.cgi?id=1262101 * https://bugzilla.suse.com/show_bug.cgi?id=1262179 * https://bugzilla.suse.com/show_bug.cgi?id=1262181 * https://bugzilla.suse.com/show_bug.cgi?id=1262602 * https://bugzilla.suse.com/show_bug.cgi?id=1262616 * https://bugzilla.suse.com/show_bug.cgi?id=1262665 * https://bugzilla.suse.com/show_bug.cgi?id=1262671 * https://bugzilla.suse.com/show_bug.cgi?id=1262673 * https://bugzilla.suse.com/show_bug.cgi?id=1262725 * https://bugzilla.suse.com/show_bug.cgi?id=1262731 * https://bugzilla.suse.com/show_bug.cgi?id=1262734 * https://bugzilla.suse.com/show_bug.cgi?id=1262746 * https://bugzilla.suse.com/show_bug.cgi?id=1262752 * https://bugzilla.suse.com/show_bug.cgi?id=1262758 * https://bugzilla.suse.com/show_bug.cgi?id=1263001 * https://bugzilla.suse.com/show_bug.cgi?id=1263012 * https://bugzilla.suse.com/show_bug.cgi?id=1263064 * https://bugzilla.suse.com/show_bug.cgi?id=1263065 * https://bugzilla.suse.com/show_bug.cgi?id=1263085 * https://bugzilla.suse.com/show_bug.cgi?id=1263093 * https://bugzilla.suse.com/show_bug.cgi?id=1263095 * https://bugzilla.suse.com/show_bug.cgi?id=1263104 * https://bugzilla.suse.com/show_bug.cgi?id=1263131 * https://bugzilla.suse.com/show_bug.cgi?id=1263140 * https://bugzilla.suse.com/show_bug.cgi?id=1263141 * https://bugzilla.suse.com/show_bug.cgi?id=1263149 * https://bugzilla.suse.com/show_bug.cgi?id=1263165 * https://bugzilla.suse.com/show_bug.cgi?id=1263170 * https://bugzilla.suse.com/show_bug.cgi?id=1263176 * https://bugzilla.suse.com/show_bug.cgi?id=1263556 * https://bugzilla.suse.com/show_bug.cgi?id=1263582 * https://bugzilla.suse.com/show_bug.cgi?id=1263592 * https://bugzilla.suse.com/show_bug.cgi?id=1263593 * https://bugzilla.suse.com/show_bug.cgi?id=1263595 * https://bugzilla.suse.com/show_bug.cgi?id=1263596 * https://bugzilla.suse.com/show_bug.cgi?id=1263600 * https://bugzilla.suse.com/show_bug.cgi?id=1263668 * https://bugzilla.suse.com/show_bug.cgi?id=1263723 * https://bugzilla.suse.com/show_bug.cgi?id=1263797 * https://bugzilla.suse.com/show_bug.cgi?id=1263815 * https://bugzilla.suse.com/show_bug.cgi?id=1263882 * https://bugzilla.suse.com/show_bug.cgi?id=1263901 * https://bugzilla.suse.com/show_bug.cgi?id=1263931 * https://bugzilla.suse.com/show_bug.cgi?id=1263933 * https://bugzilla.suse.com/show_bug.cgi?id=1263995 * https://bugzilla.suse.com/show_bug.cgi?id=1264014 * https://bugzilla.suse.com/show_bug.cgi?id=1264059 * https://bugzilla.suse.com/show_bug.cgi?id=1264082 * https://bugzilla.suse.com/show_bug.cgi?id=1264087 * https://bugzilla.suse.com/show_bug.cgi?id=1264097 * https://bugzilla.suse.com/show_bug.cgi?id=1264183 * https://bugzilla.suse.com/show_bug.cgi?id=1264427 * https://bugzilla.suse.com/show_bug.cgi?id=1264469 * https://bugzilla.suse.com/show_bug.cgi?id=1264482 * https://bugzilla.suse.com/show_bug.cgi?id=1264634 * https://bugzilla.suse.com/show_bug.cgi?id=1264651 * https://bugzilla.suse.com/show_bug.cgi?id=1264661 * https://bugzilla.suse.com/show_bug.cgi?id=1264674 * https://bugzilla.suse.com/show_bug.cgi?id=1264801 * https://bugzilla.suse.com/show_bug.cgi?id=1264848 * https://bugzilla.suse.com/show_bug.cgi?id=1265085 * https://bugzilla.suse.com/show_bug.cgi?id=1265090 * https://bugzilla.suse.com/show_bug.cgi?id=1265116 * https://bugzilla.suse.com/show_bug.cgi?id=1265119 * https://bugzilla.suse.com/show_bug.cgi?id=1265126 * https://bugzilla.suse.com/show_bug.cgi?id=1265144 * https://bugzilla.suse.com/show_bug.cgi?id=1265308 * https://bugzilla.suse.com/show_bug.cgi?id=1265421 * https://bugzilla.suse.com/show_bug.cgi?id=1265449 * https://bugzilla.suse.com/show_bug.cgi?id=1265456 * https://bugzilla.suse.com/show_bug.cgi?id=1265626 * https://bugzilla.suse.com/show_bug.cgi?id=1265846 * https://bugzilla.suse.com/show_bug.cgi?id=1265960 * https://jira.suse.com/browse/PED-7249 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:45:08 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:45:08 -0000 Subject: SUSE-SU-2026:21918-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_24 Message-ID: <178041870874.42.7394941589947715968@b0da085613fb> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_24 Announcement ID: SUSE-SU-2026:21918-1 Release Date: 2026-05-29T16:12:43Z Rating: important References: Affected Products: * SUSE Linux Micro 6.0 An update that can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_24 fixes the following issues: * New livepatch SLE Micro 6.0/6.1 kernel update 24 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-438=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_24-debugsource-1-1.1 * kernel-livepatch-6_4_0-47-rt-debuginfo-1-1.1 * kernel-livepatch-6_4_0-47-rt-1-1.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:45:10 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:45:10 -0000 Subject: SUSE-SU-2026:21917-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_23 Message-ID: <178041871014.42.11655070102462123086@b0da085613fb> # Security update for kernel-livepatch-MICRO-6-0_Update_23 Announcement ID: SUSE-SU-2026:21917-1 Release Date: 2026-05-29T16:12:43Z Rating: important References: Affected Products: * SUSE Linux Micro 6.0 An update that can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_23 fixes the following issues: * New livepatch SLE Micro 6.0/6.1 kernel update 23 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-436=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-46-default-1-1.1 * kernel-livepatch-6_4_0-46-default-debuginfo-1-1.1 * kernel-livepatch-MICRO-6-0_Update_23-debugsource-1-1.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:49:59 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:49:59 -0000 Subject: SUSE-SU-2026:21916-1: important: Security update for the Linux Kernel Message-ID: <178041899925.42.1550137995894066521@b0da085613fb> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:21916-1 Release Date: 2026-05-29T16:06:32Z Rating: important References: * bsc#1215199 * bsc#1234634 * bsc#1243603 * bsc#1248754 * bsc#1253122 * bsc#1253754 * bsc#1254518 * bsc#1256863 * bsc#1257631 * bsc#1258518 * bsc#1258718 * bsc#1258826 * bsc#1258849 * bsc#1258850 * bsc#1258854 * bsc#1258855 * bsc#1258856 * bsc#1258857 * bsc#1258961 * bsc#1259186 * bsc#1259199 * bsc#1259222 * bsc#1259484 * bsc#1259485 * bsc#1259535 * bsc#1259799 * bsc#1259806 * bsc#1259857 * bsc#1259868 * bsc#1259869 * bsc#1259873 * bsc#1259878 * bsc#1260010 * bsc#1260012 * bsc#1260018 * bsc#1260468 * bsc#1260483 * bsc#1260484 * bsc#1260485 * bsc#1260489 * bsc#1260501 * bsc#1260504 * bsc#1260505 * bsc#1260507 * bsc#1260522 * bsc#1260523 * bsc#1260526 * bsc#1260528 * bsc#1260529 * bsc#1260530 * bsc#1260531 * bsc#1260532 * bsc#1260533 * bsc#1260536 * bsc#1260537 * bsc#1260538 * bsc#1260541 * bsc#1260546 * bsc#1260549 * bsc#1260551 * bsc#1260552 * bsc#1260553 * bsc#1260555 * bsc#1260561 * bsc#1260566 * bsc#1260572 * bsc#1260581 * bsc#1260728 * bsc#1260729 * bsc#1260731 * bsc#1260800 * bsc#1260811 * bsc#1261020 * bsc#1261287 * bsc#1261295 * bsc#1261348 * bsc#1261503 * bsc#1261504 * bsc#1261581 * bsc#1261582 * bsc#1261584 * bsc#1261601 * bsc#1261602 * bsc#1261618 * bsc#1261628 * bsc#1261632 * bsc#1261636 * bsc#1261638 * bsc#1261641 * bsc#1261644 * bsc#1261645 * bsc#1261648 * bsc#1261679 * bsc#1261685 * bsc#1261686 * bsc#1261687 * bsc#1261692 * bsc#1261694 * bsc#1261700 * bsc#1261703 * bsc#1261707 * bsc#1261710 * bsc#1261713 * bsc#1261719 * bsc#1261750 * bsc#1261751 * bsc#1261752 * bsc#1261768 * bsc#1261778 * bsc#1261779 * bsc#1261781 * bsc#1261789 * bsc#1261796 * bsc#1261797 * bsc#1261896 * bsc#1262020 * bsc#1262053 * bsc#1262054 * bsc#1262055 * bsc#1262061 * bsc#1262063 * bsc#1262074 * bsc#1262078 * bsc#1262086 * bsc#1262087 * bsc#1262099 * bsc#1262100 * bsc#1262101 * bsc#1262179 * bsc#1262181 * bsc#1262602 * bsc#1262616 * bsc#1262665 * bsc#1262671 * bsc#1262673 * bsc#1262725 * bsc#1262731 * bsc#1262734 * bsc#1262746 * bsc#1262752 * bsc#1262758 * bsc#1263001 * bsc#1263012 * bsc#1263064 * bsc#1263065 * bsc#1263085 * bsc#1263093 * bsc#1263095 * bsc#1263104 * bsc#1263131 * bsc#1263140 * bsc#1263141 * bsc#1263149 * bsc#1263165 * bsc#1263170 * bsc#1263176 * bsc#1263556 * bsc#1263582 * bsc#1263592 * bsc#1263593 * bsc#1263595 * bsc#1263596 * bsc#1263600 * bsc#1263668 * bsc#1263723 * bsc#1263797 * bsc#1263815 * bsc#1263882 * bsc#1263901 * bsc#1263931 * bsc#1263933 * bsc#1263995 * bsc#1264014 * bsc#1264059 * bsc#1264082 * bsc#1264087 * bsc#1264097 * bsc#1264183 * bsc#1264427 * bsc#1264469 * bsc#1264482 * bsc#1264634 * bsc#1264651 * bsc#1264661 * bsc#1264674 * bsc#1264801 * bsc#1264848 * bsc#1265085 * bsc#1265090 * bsc#1265116 * bsc#1265119 * bsc#1265126 * bsc#1265144 * bsc#1265308 * bsc#1265421 * bsc#1265449 * bsc#1265456 * bsc#1265626 * bsc#1265846 * bsc#1265960 * jsc#PED-7249 Cross-References: * CVE-2023-20585 * CVE-2025-40219 * CVE-2025-71183 * CVE-2025-71238 * CVE-2026-23168 * CVE-2026-23209 * CVE-2026-23236 * CVE-2026-23237 * CVE-2026-23239 * CVE-2026-23240 * CVE-2026-23245 * CVE-2026-23246 * CVE-2026-23253 * CVE-2026-23260 * CVE-2026-23264 * CVE-2026-23266 * CVE-2026-23268 * CVE-2026-23269 * CVE-2026-23271 * CVE-2026-23273 * CVE-2026-23276 * CVE-2026-23279 * CVE-2026-23290 * CVE-2026-23291 * CVE-2026-23298 * CVE-2026-23300 * CVE-2026-23306 * CVE-2026-23307 * CVE-2026-23308 * CVE-2026-23312 * CVE-2026-23313 * CVE-2026-23315 * CVE-2026-23318 * CVE-2026-23321 * CVE-2026-23324 * CVE-2026-23325 * CVE-2026-23336 * CVE-2026-23339 * CVE-2026-23340 * CVE-2026-23346 * CVE-2026-23351 * CVE-2026-23357 * CVE-2026-23362 * CVE-2026-23363 * CVE-2026-23365 * CVE-2026-23367 * CVE-2026-23368 * CVE-2026-23370 * CVE-2026-23372 * CVE-2026-23373 * CVE-2026-23374 * CVE-2026-23378 * CVE-2026-23382 * CVE-2026-23391 * CVE-2026-23392 * CVE-2026-23393 * CVE-2026-23396 * CVE-2026-23397 * CVE-2026-23399 * CVE-2026-23403 * CVE-2026-23404 * CVE-2026-23405 * CVE-2026-23406 * CVE-2026-23407 * CVE-2026-23408 * CVE-2026-23409 * CVE-2026-23410 * CVE-2026-23411 * CVE-2026-23420 * CVE-2026-23426 * CVE-2026-23434 * CVE-2026-23440 * CVE-2026-23441 * CVE-2026-23442 * CVE-2026-23443 * CVE-2026-23446 * CVE-2026-23447 * CVE-2026-23448 * CVE-2026-23449 * CVE-2026-23450 * CVE-2026-23452 * CVE-2026-23455 * CVE-2026-23456 * CVE-2026-23457 * CVE-2026-23458 * CVE-2026-23460 * CVE-2026-23461 * CVE-2026-23462 * CVE-2026-23463 * CVE-2026-23465 * CVE-2026-23468 * CVE-2026-23472 * CVE-2026-23473 * CVE-2026-23474 * CVE-2026-23475 * CVE-2026-31389 * CVE-2026-31393 * CVE-2026-31400 * CVE-2026-31402 * CVE-2026-31403 * CVE-2026-31404 * CVE-2026-31405 * CVE-2026-31407 * CVE-2026-31408 * CVE-2026-31411 * CVE-2026-31412 * CVE-2026-31415 * CVE-2026-31416 * CVE-2026-31417 * CVE-2026-31420 * CVE-2026-31421 * CVE-2026-31422 * CVE-2026-31423 * CVE-2026-31424 * CVE-2026-31425 * CVE-2026-31426 * CVE-2026-31427 * CVE-2026-31428 * CVE-2026-31436 * CVE-2026-31449 * CVE-2026-31470 * CVE-2026-31488 * CVE-2026-31494 * CVE-2026-31496 * CVE-2026-31504 * CVE-2026-31505 * CVE-2026-31507 * CVE-2026-31512 * CVE-2026-31515 * CVE-2026-31519 * CVE-2026-31525 * CVE-2026-31528 * CVE-2026-31533 * CVE-2026-31550 * CVE-2026-31565 * CVE-2026-31570 * CVE-2026-31586 * CVE-2026-31588 * CVE-2026-31602 * CVE-2026-31607 * CVE-2026-31622 * CVE-2026-31649 * CVE-2026-31656 * CVE-2026-31662 * CVE-2026-31668 * CVE-2026-31669 * CVE-2026-31675 * CVE-2026-31679 * CVE-2026-31681 * CVE-2026-31682 * CVE-2026-31684 * CVE-2026-31685 * CVE-2026-31694 * CVE-2026-31700 * CVE-2026-31738 * CVE-2026-31787 * CVE-2026-43009 * CVE-2026-43025 * CVE-2026-43027 * CVE-2026-43037 * CVE-2026-43038 * CVE-2026-43044 * CVE-2026-43050 * CVE-2026-43060 * CVE-2026-43088 * CVE-2026-43110 * CVE-2026-43120 * CVE-2026-43126 * CVE-2026-43190 * CVE-2026-43214 * CVE-2026-43265 * CVE-2026-43329 * CVE-2026-43330 * CVE-2026-43334 * CVE-2026-43365 * CVE-2026-43366 * CVE-2026-43419 * CVE-2026-43437 * CVE-2026-43441 * CVE-2026-43494 * CVE-2026-43503 CVSS scores: * CVE-2023-20585 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2023-20585 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2023-20585 ( NVD ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-40219 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40219 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-71183 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71183 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71238 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-71238 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-71238 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23168 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23168 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23168 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23209 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23209 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23236 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23236 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23236 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2026-23236 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23237 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23237 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23239 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23239 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23240 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23245 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23245 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23245 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23246 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23253 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23253 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23260 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23260 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23260 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23264 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23264 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23266 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23266 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23266 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23268 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23268 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23269 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23269 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23269 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23271 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23271 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23273 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23276 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23276 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23279 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23279 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23279 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23290 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23290 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23290 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23291 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23291 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23298 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23298 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23298 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23300 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23300 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23300 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23306 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23306 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H * CVE-2026-23306 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23307 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23308 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23308 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23312 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23312 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23312 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23313 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23315 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23315 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23318 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23318 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23321 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23321 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23321 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23324 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23324 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23324 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23325 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23325 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23336 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23336 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23339 ( SUSE ): 2.3 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23339 ( SUSE ): 3.1 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23339 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23340 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23340 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23340 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23346 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23346 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23346 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23357 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23357 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23357 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23362 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23363 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23365 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23365 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23365 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23367 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-23367 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-23367 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23368 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23368 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23368 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23370 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23370 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23372 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23372 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23373 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23373 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23374 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23374 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23374 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23378 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23378 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23378 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23378 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23382 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23382 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23382 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23391 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23391 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23392 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23393 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23396 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23396 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23396 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23397 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23397 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23397 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23399 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23399 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23399 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23403 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23403 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23404 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23406 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23406 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23407 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23407 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23407 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23408 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23409 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23409 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23410 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23410 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23411 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23420 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23426 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23426 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23426 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23434 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23434 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23434 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23434 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23440 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23440 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23440 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23440 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23441 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23441 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23442 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23442 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23442 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23443 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23443 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23443 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23446 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23446 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23446 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23447 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23447 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23448 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23448 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23448 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23450 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23452 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23452 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23452 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23455 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23455 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23455 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23456 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23456 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-23456 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23457 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23457 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23457 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23458 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23458 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23458 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23460 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23460 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23460 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23461 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23461 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23461 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23462 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23463 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23463 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2026-23463 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23465 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2026-23465 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2026-23465 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23468 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23472 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23472 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23472 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23473 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23473 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23474 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23474 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23474 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23475 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23475 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23475 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31389 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31389 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31389 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31393 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31393 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31393 ( NVD ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31400 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31400 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31400 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31402 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31402 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-31402 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31403 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31404 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31404 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31404 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31405 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31405 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31407 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31407 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31407 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31408 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31408 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31408 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31411 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31411 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31411 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31412 ( SUSE ): 7.0 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31412 ( SUSE ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31412 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31415 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31415 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31415 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31416 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31416 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-31416 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31417 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31417 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31417 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31420 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31421 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31421 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31421 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31422 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31422 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31422 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31423 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31423 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31423 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31424 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31424 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31424 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31425 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31425 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31426 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31426 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-31426 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31427 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-31427 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2026-31427 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31428 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31428 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31428 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31436 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31436 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31436 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31449 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-31470 ( SUSE ): 6.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31470 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31470 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31488 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31488 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31488 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31494 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-31494 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2026-31494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31496 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31496 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31496 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31504 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31504 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31504 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31505 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31507 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31512 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31512 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-31512 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31515 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31515 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31515 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31519 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31519 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31525 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31525 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31525 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31528 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31528 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31528 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31533 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31550 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31550 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31550 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31565 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31565 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31565 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31570 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:N/SA:N * CVE-2026-31570 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31586 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31588 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-31602 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31602 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31602 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31607 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31607 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2026-31607 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31622 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31622 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31622 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31649 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31656 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31662 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31662 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31662 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31668 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-31668 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2026-31668 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31669 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31675 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31675 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2026-31675 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31679 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31679 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31679 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31681 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31681 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31681 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31682 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31682 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31682 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31684 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31684 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-31684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31685 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31685 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31685 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31694 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31694 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31694 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31700 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31738 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43009 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-43027 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43027 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43038 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43038 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43044 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43044 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43044 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43050 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43060 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43060 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43088 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-43088 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-43110 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43110 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43110 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43120 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43126 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43190 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43190 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43190 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43214 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43214 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43214 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43265 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43265 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43265 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43329 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43329 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43329 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43330 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43330 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43330 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43334 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-43334 ( SUSE ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-43334 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43365 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43365 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43365 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43366 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43366 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43366 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43419 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-43419 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-43437 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43437 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43441 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43441 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43494 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43494 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43503 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43503 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43503 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves 181 vulnerabilities, contains one feature and has 19 fixes can now be installed. ## Description: The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 RT kernel was updated to fix various security issues The following security issues were fixed: * CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1 (bsc#1243603). * CVE-2025-71183: btrfs: always detect conflicting inodes when logging inode refs (bsc#1257631). * CVE-2026-23168: flex_proportions: make fprop_new_period() hardirq safe (bsc#1258826). * CVE-2026-23239: espintcp: Fix race condition in espintcp_close() (bsc#1259485). * CVE-2026-23240: tls: Fix race condition in tls_sw_cancel_work_tx() (bsc#1259484). * CVE-2026-23245: net/sched: act_gate: snapshot parameters with RCU on replace (bsc#1259799). * CVE-2026-23271: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race (bsc#1260018). * CVE-2026-23276: net: move dev_xmit_recursion() helpers to net/core/dev.h (bsc#1260012). * CVE-2026-23300: net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop (bsc#1260538). * CVE-2026-23306: scsi: pm8001: Fix use-after-free in pm8001_queue_command() (bsc#1260501). * CVE-2026-23313: i40e: Fix preempt count leak in napi poll tracepoint (bsc#1260555). * CVE-2026-23321: mptcp: pm: in-kernel: always mark signal+subflow endp as used (bsc#1260505). * CVE-2026-23340: net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs (bsc#1260523). * CVE-2026-23346: mm/ioremap: define generic_ioremap_prot() and generic_iounmap() (bsc#1260529). * CVE-2026-23351: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase (bsc#1260526). * CVE-2026-23368: net: phy: register phy led_triggers during probe to avoid AB-BA deadlock (bsc#1260530). * CVE-2026-23374: blktrace: fix __this_cpu_read/write in preemptible context (bsc#1260811). * CVE-2026-23378: net/sched: act_ife: Fix metalist update behavior (bsc#1260546). * CVE-2026-23391: netfilter: xt_CT: drop pending enqueued packets on template removal (bsc#1260566). * CVE-2026-23392: netfilter: nf_tables: release flowtable after rcu grace period on error (bsc#1260531). * CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260522). * CVE-2026-23397: nfnetlink_osf: validate individual option lengths in fingerprints (bsc#1260728). * CVE-2026-23399: nf_tables: nft_dynset: fix possible stateful expression memleak in error path (bsc#1261020). * CVE-2026-23440: net/mlx5e: Fix race condition during IPSec ESN update (bsc#1261641). * CVE-2026-23441: net/mlx5e: Prevent concurrent access to IPSec ASO context (bsc#1261768). * CVE-2026-23442: ipv6: add NULL checks for idev in SRv6 paths (bsc#1261581). * CVE-2026-23449: net/sched: teql: Fix double-free in teql_master_xmit (bsc#1261779). * CVE-2026-23450: net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock() (bsc#1261584). * CVE-2026-23455: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() (bsc#1261687). * CVE-2026-23456: netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case (bsc#1261703). * CVE-2026-23457: netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp() (bsc#1261686). * CVE-2026-23458: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() (bsc#1261781). * CVE-2026-23461: Bluetooth: L2CAP: Fix use-after-free in l2cap_unregister_user (bsc#1261707). * CVE-2026-23462: Bluetooth: HIDP: Fix possible UAF (bsc#1261710). * CVE-2026-23468: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion (bsc#1261692). * CVE-2026-23472: serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN (bsc#1261636). * CVE-2026-23473: io_uring/poll: fix multishot recv missing EOF on wakeup race (bsc#1261694). * CVE-2026-31400: sunrpc: fix cache_request leak in cache_release (bsc#1261645). * CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (bsc#1261638). * CVE-2026-31403: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd (bsc#1261796). * CVE-2026-31404: xfs: avoid dereferencing log items after push callbacks (bsc#1261628). * CVE-2026-31407: netfilter: conntrack: add missing netlink policy validations (bsc#1261632). * CVE-2026-31411: net: atm: fix crash due to unvalidated vcc pointer in sigd_send() (bsc#1261752). * CVE-2026-31415: ipv6: avoid overflows in ip6_datagram_send_ctl() (bsc#1262099). * CVE-2026-31416: netfilter: nfnetlink_log: account for netlink header size (bsc#1262100). * CVE-2026-31420: bridge: mrp: reject zero test interval to avoid OOM panic (bsc#1262055). * CVE-2026-31421: net/sched: cls_fw: fix NULL pointer dereference on shared blocks (bsc#1262061). * CVE-2026-31422: net/sched: cls_flow: fix NULL pointer dereference on shared blocks (bsc#1262054). * CVE-2026-31423: net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() (bsc#1262063). * CVE-2026-31424: netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP (bsc#1262053). * CVE-2026-31425: rds: ib: reject FRMR registration before IB connection is established (bsc#1262074). * CVE-2026-31427: netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp (bsc#1262086). * CVE-2026-31428: netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD (bsc#1262087). * CVE-2026-31436: dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() (bsc#1262602). * CVE-2026-31449: ext4: validate p_idx bounds in ext4_ext_correct_indexes (bsc#1262616). * CVE-2026-31470: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (bsc#1262665). * CVE-2026-31488: drm/amd/display: Do not skip unrelated mode changes in DSC validation (bsc#1262746). * CVE-2026-31494: net: cadence: macb: Synchronize stats calculations (bsc#1262671). * CVE-2026-31496: netfilter: nf_conntrack_expect: skip expectations in other netns via proc (bsc#1262673). * CVE-2026-31504: net: fix fanout UAF in packet_release() via NETDEV_UP race (bsc#1263085). * CVE-2026-31505: iavf: fix out-of-bounds writes in iavf_get_ethtool_stats() (bsc#1263093). * CVE-2026-31507: net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer (bsc#1263095). * CVE-2026-31512: Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv() (bsc#1262734). * CVE-2026-31515: af_key: validate families in pfkey_send_migrate() (bsc#1262752). * CVE-2026-31519: btrfs: set BTRFS_ROOT_ORPHAN_CLEANUP during subvol create (bsc#1263012). * CVE-2026-31525: bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN (bsc#1262725). * CVE-2026-31528: perf: Make sure to use pmu_ctx->pmu for groups (bsc#1263001). * CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (bsc#1262758). * CVE-2026-31550: pmdomain: bcm: bcm2835-power: Increase ASB control timeout (bsc#1263104). * CVE-2026-31565: RDMA/irdma: Fix deadlock during netdev reset with active connections (bsc#1263064). * CVE-2026-31570: can: gw: fix OOB heap access in cgw_csum_crc8_rel() (bsc#1263065). * CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (bsc#1263176). * CVE-2026-31588: KVM: x86: Use scratch field in MMIO fragment to hold small write values (bsc#1263165). * CVE-2026-31602: ALSA: ctxfi: Limit PTP to a single page (bsc#1263723). * CVE-2026-31607: usbip: validate number_of_packets in usbip_pack_ret_submit() (bsc#1263600). * CVE-2026-31622: NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (bsc#1263797). * CVE-2026-31649: net: stmmac: fix integer underflow in chain mode (bsc#1263582). * CVE-2026-31656: drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (bsc#1263170). * CVE-2026-31662: tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG (bsc#1263131). * CVE-2026-31668: seg6: separate dst_cache for input and output paths in seg6 lwtunnel (bsc#1263140). * CVE-2026-31669: mptcp: fix slab-use-after-free in __inet_lookup_established (bsc#1263141). * CVE-2026-31675: net/sched: sch_netem: fix out-of-bounds access in packet corruption (bsc#1263556). * CVE-2026-31679: openvswitch: validate MPLS set/set_masked payload length (bsc#1263592). * CVE-2026-31681: netfilter: xt_multiport: validate range encoding in checkentry (bsc#1263593). * CVE-2026-31682: bridge: br_nd_send: linearize skb before parsing ND options (bsc#1263595). * CVE-2026-31684: net: sched: act_csum: validate nested VLAN headers (bsc#1263596). * CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263668). * CVE-2026-31694: fuse: reject oversized dirents in page cache (bsc#1263901). * CVE-2026-31700: net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (bsc#1263882). * CVE-2026-31738: vxlan: validate ND option lengths in vxlan_na_create (bsc#1264059). * CVE-2026-31787: xen/privcmd: fix double free via VMA splitting (bsc#1262181). * CVE-2026-43009: bpf: Fix incorrect pruning due to atomic fetch precision tracking (bsc#1264014). * CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new expectations (bsc#1263931). * CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect cleanup (bsc#1263933). * CVE-2026-43037: ip6_tunnel: clear skb2->cb in ip4ip6_err() (bsc#1263995). * CVE-2026-43038: ipv6: icmp: clear skb2->cb in ip6_err_gen_icmpv6_unreach() (bsc#1264097). * CVE-2026-43044: crypto: caam - fix DMA corruption on long hmac keys (bsc#1264087). * CVE-2026-43050: atm: lec: fix use-after-free in sock_def_readable() (bsc#1264082). * CVE-2026-43060: netfilter: nft_ct: drop pending enqueued packets on removal (bsc#1264183). * CVE-2026-43088: net: af_key: zero aligned sockaddr tail in PF_KEY exports (bsc#1264469). * CVE-2026-43110: wifi: brcmfmac: validate bsscfg indices in IF events (bsc#1264482). * CVE-2026-43120: RDMA/irdma: Fix double free related to rereg_user_mr. * CVE-2026-43126: ALSA: mixer: oss: Add card disconnect checkpoints (bsc#1264634). * CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264848). * CVE-2026-43214: KVM: x86: Add SRCU protection for reading PDPTRs in __get_sregs2() (bsc#1264651). * CVE-2026-43265: KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block() (bsc#1264427). * CVE-2026-43329: netfilter: flowtable: strictly check for maximum number of actions (bsc#1265085). * CVE-2026-43330: crypto: caam - fix overflow on long hmac keys (bsc#1264801). * CVE-2026-43334: Bluetooth: SMP: force responder MITM requirements before building the pairing response (bsc#1265090). * CVE-2026-43365: xfs: fix undersized l_iclog_roundoff values (bsc#1265119). * CVE-2026-43366: io_uring/kbuf: check if target buffer list is still legacy on recycle (bsc#1265116). * CVE-2026-43419: ceph: fix memory leaks in ceph_mdsc_build_path() (bsc#1264661). * CVE-2026-43437: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (bsc#1265126). * CVE-2026-43441: net: bonding: Fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1264674). * CVE-2026-43494: net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * CVE-2026-43503: net: skbuff: propagate shared-frag marker through frag- transfer helpers (bsc#1265960). The following non security issues were fixed: * accel/qaic: Add overflow check to remap_pfn_range during mmap (git-fixes). * ACPI: AGDI: fix missing newline in error message (git-fixes). * ACPI: CPPC: Fix related_cpus inconsistency during CPU hotplug (git-fixes). * ACPI: scan: Use acpi_dev_put() in object add error paths (git-fixes). * ACPI: video: force native backlight on HP OMEN 16 (8A44) (stable-fixes). * ALSA: 6fire: Fix input volume change detection (git-fixes). * ALSA: 6fire: fix use-after-free on disconnect (git-fixes). * ALSA: aoa: i2sbus: clear stale prepared state (git-fixes). * ALSA: aoa: i2sbus: fix OF node lifetime handling (git-fixes). * ALSA: aoa: Skip devices with no codecs in i2sbus_resume() (git-fixes). * ALSA: aoa: Use guard() for mutex locks (stable-fixes). * ALSA: asihpi: avoid write overflow check warning (stable-fixes). * ALSA: caiaq: Don't abort when no input device is available (git-fixes). * ALSA: caiaq: Fix control_put() result and cache rollback (git-fixes). * ALSA: caiaq: Fix potentially leftover ep1_in_urb at error path (git-fixes). * ALSA: caiaq: fix usb_dev refcount leak on probe failure (git-fixes). * ALSA: caiaq: Handle probe errors properly (git-fixes). * ALSA: caiaq: take a reference on the USB device in create_card() (git- fixes). * ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names() (git-fixes). * ALSA: core: Fix potential data race at fasync handling (git-fixes). * ALSA: core: Serialize deferred fasync state checks (git-fixes). * ALSA: core: Validate compress device numbers without dynamic minors (git- fixes). * ALSA: ctxfi: Add fallback to default RSR for S/PDIF (git-fixes). * ALSA: ctxfi: Fix missing SPDIFI1 index handling (stable-fixes). * ALSA: ctxfi: Limit PTP to a single page (git-fixes). * ALSA: firewire-tascam: Do not drop unread control events (git-fixes). * ALSA: fireworks: bound device-supplied status before string array lookup (git-fixes). * ALSA: hda/realtek - fixed speaker no sound update (git-fixes). * ALSA: hda/realtek: Add HP ENVY Laptop 13-ba0xxx quirk (stable-fixes). * ALSA: hda/realtek: Add mute LED quirk for HP Pavilion 15-eg0xxx (stable- fixes). * ALSA: hda/realtek: Add quirk for ASUS ROG Flow Z13-KJP GZ302EAC (stable- fixes). * ALSA: hda/realtek: add quirk for Framework F111:000F (stable-fixes). * ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14IAH10 (stable-fixes). * ALSA: hda/realtek: fix code style (ERROR: else should follow close brace '}') (git-fixes). * ALSA: misc: Use guard() for spin locks (stable-fixes). * ALSA: scarlett2: Add missing sentinel initializer field (git-fixes). * ALSA: seq: Notify client and port info changes (stable-fixes). * ALSA: seq_oss: return full count for successful SEQ_FULLSIZE writes (stable- fixes). * ALSA: usb-audio: apply quirk for MOONDROP JU Jiu (stable-fixes). * ALSA: usb-audio: Avoid false E-MU sample-rate notifications (git-fixes). * ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3() (git- fixes). * ALSA: usb-audio: Evaluate packsize caps at the right place (git-fixes). * ALSA: usb-audio: Fix Audio Advantage Micro II SPDIF switch (git-fixes). * ALSA: usb-audio: Fix potential leak of pd at parsing UAC3 streams (git- fixes). * ALSA: usb-audio: Fix quirk flags for NeuralDSP Quad Cortex (stable-fixes). * ALSA: usb-audio: Fix UAC3 cluster descriptor size check (git-fixes). * ALSA: usb-audio: midi2: Restart output URBs on resume (git-fixes). * ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES (git-fixes). * ASoC: amd: yc: Add DMI entry for HP Laptop 15-fc0xxx (stable-fixes). * ASoC: amd: yc: Add DMI quirk for ASUS EXPERTBOOK BM1403CDA (stable-fixes). * ASoC: amd: yc: Add DMI quirk for Thin A15 B7VF (stable-fixes). * ASoC: amd: yc: Add HP OMEN Gaming Laptop 16-ap0xxx product line in quirk table (stable-fixes). * ASoC: codecs: ab8500: Fix casting of private data (git-fixes). * ASoC: cs35l56: Destroy workqueue in probe error path (git-fixes). * ASoC: cs35l56: Don't use devres to unregister component (git-fixes). * ASoC: fsl_easrc: Change the type for iec958 channel status controls (git- fixes). * ASoC: fsl_easrc: Check the variable range in fsl_easrc_iec958_put_bits() (git-fixes). * ASoC: fsl_easrc: fix comment typo (git-fixes). * ASoC: fsl_easrc: Fix value type in fsl_easrc_iec958_get_bits() (git-fixes). * ASoC: fsl_micfil: Add access property for "VAD Detected" (git-fixes). * ASoC: fsl_micfil: Fix event generation in hwvad_put_enable() (git-fixes). * ASoC: fsl_micfil: Fix event generation in hwvad_put_init_mode() (git-fixes). * ASoC: fsl_micfil: Fix event generation in micfil_put_dc_remover_state() (git-fixes). * ASoC: fsl_micfil: Fix event generation in micfil_quality_set() (git-fixes). * ASoC: fsl_xcvr: Fix event generation for cached controls (git-fixes). * ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_arc_mode_put() (git-fixes). * ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_mode_put() (git-fixes). * ASoC: Intel: bytcr_wm5102: Fix MCLK leak on platform_clock_control error (git-fixes). * ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens (git-fixes). * ASoC: qcom: q6apm: move component registration to unmanaged version (git- fixes). * ASoC: qcom: q6apm: remove child devices when apm is removed (git-fixes). * ASoC: qcom: qdsp6: topology: check widget type before accessing data (git- fixes). * ASoC: soc-core: call missing INIT_LIST_HEAD() for card_aux_list (stable- fixes). * ASoC: SOF: compress: return the configured codec from get_params (git- fixes). * ASoC: SOF: Don't allow pointer operations on unconfigured streams (git- fixes). * ASoC: SOF: Intel: hda: Place check before dereference (git-fixes). * ASoC: SOF: topology: reject invalid vendor array size in token parser (stable-fixes). * ASoC: sti: Return errors from regmap_field_alloc() (git-fixes). * ASoC: sti: use managed regmap_field allocations (git-fixes). * ASoC: stm32_sai: fix incorrect BCLK polarity for DSP_A/B, LEFT_J (stable- fixes). * ata: ahci: force 32-bit DMA for JMicron JMB582/JMB585 (stable-fixes). * batman-adv: bla: only purge non-released claims (git-fixes). * batman-adv: bla: prevent use-after-free when deleting claims (git-fixes). * batman-adv: bla: put backbone reference on failed claim hash insert (git- fixes). * batman-adv: fix integer overflow on buff_pos (git-fixes). * batman-adv: hold claim backbone gateways by reference (git-fixes). * batman-adv: reject new tp_meter sessions during teardown (git-fixes). * batman-adv: reject oversized global TT response buffers (git-fixes). * batman-adv: stop caching unowned originator pointers in BAT IV (git-fixes). * Bluetooth: bnep: fix incorrect length parsing in bnep_rx_frame() extension handling (git-fixes). * Bluetooth: fix locking in hci_conn_request_evt() with HCI_PROTO_DEFER (git- fixes). * Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt (git-fixes). * Bluetooth: hci_event: fix potential UAF in SSP passkey handlers (git-fixes). * Bluetooth: hci_ldisc: Clear HCI_UART_PROTO_INIT on error (git-fixes). * Bluetooth: HIDP: serialise l2cap_unregister_user via hidp_session_sem (git- fixes). * Bluetooth: ISO: Fix data-race on dst in iso_sock_connect() (git-fixes). * Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp (git- fixes). * Bluetooth: l2cap: fix MPS check in l2cap_ecred_reconf_req (git-fixes). * Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb() (git- fixes). * Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_state_change_cb() (git- fixes). * Bluetooth: L2CAP: Fix printing wrong information if SDU length exceeds MTU (git-fixes). * Bluetooth: RFCOMM: pull credit byte with skb_pull_data() (git-fixes). * Bluetooth: SCO: check for codecs->num_codecs == 1 before assigning to sco_pi(sk)->codec (git-fixes). * Bluetooth: SCO: fix sleeping under spinlock in sco_conn_ready (git-fixes). * Bluetooth: SCO: hold sk properly in sco_conn_ready (git-fixes). * Bluetooth: virtio_bt: clamp rx length before skb_put (git-fixes). * Bluetooth: virtio_bt: validate rx pkt_type header length (git-fixes). * btrfs: do not skip logging new dentries when logging a new name (git-fixes). * btrfs: reject root items with drop_progress and zero drop_level (git-fixes). * btrfs: replace BUG() with error handling in __btrfs_balance() (git-fixes). * can: mcp251x: add error handling for power enable in open and resume (stable-fixes). * can: raw: fix ro->uniq use-after-free in raw_rcv() (git-fixes). * can: ucan: fix devres lifetime (git-fixes). * cdc-acm: new quirk for EPSON HMD (stable-fixes). * check-for-config-changes: Exclude CC_MS_EXTENSIONS. * check-for-config-changes: Exclude HAVE_CFI_ICALL_NORMALIZE_INTEGERS{,_RUSTC}. * checkpatch: add support for Assisted-by tag (stable-fixes). * comedi: dt2815: add hardware detection to prevent crash (stable-fixes). * crypto: algif_aead - Fix minimum RX size check for decryption (git-fixes). * crypto: arm64/aes - Fix 32-bit aes_mac_update() arg treated as 64-bit (git- fixes). * crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup (git- fixes). * crypto: atmel-ecc - Release client on allocation failure (git-fixes). * crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path (git-fixes). * crypto: atmel-tdes - fix DMA sync direction (git-fixes). * crypto: authencesn - reject short ahash digests during instance creation (git-fixes). * crypto: ccp - copy IV using skcipher ivsize (git-fixes). * crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed (git-fixes). * crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed (git-fixes). * crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed (git-fixes). * crypto: ccree - fix a memory leak in cc_mac_digest() (git-fixes). * crypto: hisilicon - Fix dma_unmap_single() direction (git-fixes). * crypto: jitterentropy - replace long-held spinlock with mutex (git-fixes). * crypto: pcrypt - Fix handling of MAY_BACKLOG requests (git-fixes). * crypto: qat - fix type mismatch in RAS sysfs show functions (git-fixes). * crypto: qat - use swab32 macro (git-fixes). * crypto: sa2ul - Fix AEAD fallback algorithm names (git-fixes). * crypto: simd - reject compat registrations without __ prefixes (git-fixes). * crypto: talitos - fix SEC1 32k ahash request limitation (git-fixes). * crypto: testmgr - Hide ENOENT errors (stable-fixes). * crypto: testmgr - Hide ENOENT errors better (git-fixes). * devres: fix missing node debug info in devm_krealloc() (git-fixes). * dm init: ensure device probing has finished in dm-mod.waitfor= (git-fixes). * dmaengine: dw-axi-dmac: Remove unnecessary return statement from void function (git-fixes). * dmaengine: mxs-dma: Fix missing return value from of_dma_controller_register() (git-fixes). * drm/amd/display: Add NULL check for integrated_info in clk_mgr_construct (git-fixes). * drm/amd/display: Allow DCE link encoder without AUX registers (git-fixes). * drm/amd/display: Avoid NULL dereference in dc_dmub_srv error paths (git- fixes). * drm/amd/display: Disable 10-bit truncation and dithering on DCE 6.x (git- fixes). * drm/amd/display: Read EDID from VBIOS embedded panel info (git-fixes). * drm/amd/pm/ci: Clear EnabledForActivity field for memory levels (git-fixes). * drm/amd/pm/ci: Disable MCLK DPM on problematic CI ASICs (git-fixes). * drm/amd/pm/ci: Fill DW8 fields from SMC (git-fixes). * drm/amd/pm/ci: Fix powertune defaults for Hawaii 0x67B0 (git-fixes). * drm/amd/pm/ci: Use highest MCLK on CI when MCLK DPM is disabled (git-fixes). * drm/amd/pm/smu7: Add SCLK cap for quirky Hawaii board (git-fixes). * drm/amd/pm/smu7: Fix SMU7 voltage dependency on display clock (git-fixes). * drm/amdgpu/gfx6: Support harvested SI chips with disabled TCCs (v2) (git- fixes). * drm/amdgpu/gfx9: drop unnecessary 64-bit fence flag check in KIQ (stable- fixes). * drm/amdgpu/gfx10: look at the right prop for gfx queue priority (git-fixes). * drm/amdgpu/gmc: Fix AMDGPU_GART_PLACEMENT_LOW to not overlap with VRAM (git- fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v2.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v2.5 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v3.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.3 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.5 ring (git-fixes). * drm/amdgpu/pm: add missing revision check for CI (git-fixes). * drm/amdgpu/pm: align Hawaii mclk workaround with radeon (git-fixes). * drm/amdgpu/sdma4: replace BUG_ON with WARN_ON in fence emission (git-fixes). * drm/amdgpu/vce: Prevent partial address patches (stable-fixes). * drm/amdgpu/vcn3: Avoid overflow on msg bound check (git-fixes). * drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg (stable-fixes). * drm/amdgpu/vcn4: Avoid overflow on msg bound check (git-fixes). * drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg (stable-fixes). * drm/amdgpu/vcn4: Prevent OOB reads when parsing IB (stable-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v2.0 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v2.5 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v3.0 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0.3 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0.5 enc ring (git-fixes). * drm/amdgpu: Add bounds checking to ib_{get,set}_value (stable-fixes). * drm/amdgpu: fix AMDGPU_INFO_READ_MMR_REG (git-fixes). * drm/amdgpu: fix zero-size GDS range init on RDNA4 (stable-fixes). * drm/amdgpu: zero-initialize GART table on allocation (stable-fixes). * drm/amdkfd: Add upper bound check for num_of_nodes (stable-fixes). * drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure (stable- fixes). * drm/amdkfd: validate SVM ioctl nattr against buffer size (stable-fixes). * drm/arcpgu: fix device node leak (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Add mode_valid hook to drm_bridge_funcs (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Handle HDCP state in bridge atomic check (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Set the mhdp connector earlier in atomic_enable() (git-fixes). * drm/etnaviv: Fix armed job not being pushed to the DRM scheduler (git- fixes). * drm/fb-helper: Fix clipping when damage area spans a single scanline (git- fixes). * drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() (git-fixes). * drm/gma500/oaktrail_hdmi: fix i2c adapter leak on setup (git-fixes). * drm/gma500/oaktrail_lvds: fix hang on init failure (git-fixes). * drm/gma500/oaktrail_lvds: fix i2c adapter leaks on init (git-fixes). * drm/i915/dp: Fix VSC dynamic range signaling for RGB formats (git-fixes). * drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (git- fixes). * drm/i915/wm: Verify the correct plane DDB entry (git-fixes). * drm/i915: skip __i915_request_skip() for already signaled requests (git- fixes). * drm/komeda: fix integer overflow in AFBC framebuffer size check (git-fixes). * drm/msm/a6xx: Fix dumping A650+ debugbus blocks (git-fixes). * drm/msm/a6xx: Fix HLSQ register dumping (git-fixes). * drm/msm/a6xx: Use barriers while updating HFI Q headers (git-fixes). * drm/msm/dpu: fix mismatch between power and frequency (git-fixes). * drm/msm/dsi: add the missing parameter description (git-fixes). * drm/msm/dsi: fix bits_per_pclk (git-fixes). * drm/msm/dsi: fix hdisplay calculation for CMD mode panel (git-fixes). * drm/msm/dsi: rename MSM8998 DSI version from V2_2_0 to V2_0_0 (git-fixes). * drm/msm/shrinker: Fix can_block() logic (git-fixes). * drm/nouveau: fix u32 overflow in pushbuf reloc bounds check (git-fixes). * drm/panel: sharp-ls043t1le01: make use of prepare_prev_first (git-fixes). * drm/panel: simple: Correct G190EAN01 prepare timing (git-fixes). * drm/panfrost: Fix wait_bo ioctl leaking positive return from dma_resv_wait_timeout() (git-fixes). * drm/radeon: add missing revision check for CI (git-fixes). * drm/sun4i: backend: fix error pointer dereference (git-fixes). * drm/sun4i: Fix resource leaks (git-fixes). * drm/vc4: Fix a memory leak in hang state error path (git-fixes). * drm/vc4: Fix memory leak of BO array in hang state (git-fixes). * drm/vc4: platform_get_irq_byname() returns an int (stable-fixes). * drm/vc4: Protect madv read in vc4_gem_object_mmap() with madv_lock (git- fixes). * drm/vc4: Release runtime PM reference after binding V3D (git-fixes). * drm/vram: remove DRM_VRAM_MM_FILE_OPERATIONS from docs (git-fixes). * dt-bindings: net: Fix Tegra234 MGBE PTP clock (git-fixes). * efi/capsule-loader: fix incorrect sizeof in phys array reallocation (git- fixes). * efi: pstore: Drop efivar lock when efi_pstore_open() returns with an error (git-fixes). * ext4: fix fsync(2) for nojournal mode (git-fixes). * ext4: make recently_deleted() properly work with lazy itable initialization (git-fixes). * ext4: reject mount if bigalloc with s_first_data_block != 0 (git-fixes). * extcon: ptn5150: handle pending IRQ events during system resume (git-fixes). * fbdev: matroxfb: Mark variable with __maybe_unused to avoid W=1 build break (git-fixes). * fbdev: offb: fix PCI device reference leak on probe failure (git-fixes). * fbdev: tdfxfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (stable-fixes). * fbdev: udlfb: add vm_ops to dlfb_ops_mmap to prevent use-after-free (stable- fixes). * fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (git-fixes). * firmware: dmi: Correct an indexing error in dmi.h (git-fixes). * gpio: tegra: fix irq_release_resources calling enable instead of disable (git-fixes). * gtp: disable BH before calling udp_tunnel_xmit_skb() (git-fixes). * HID: alps: fix NULL pointer dereference in alps_raw_event() (git-fixes). * HID: asus: do not abort probe when not necessary (git-fixes). * HID: asus: make asus_resume adhere to linux kernel coding standards (git- fixes). * HID: core: clamp report_size in s32ton() to avoid undefined shift (stable- fixes). * HID: multitouch: Check to ensure report responses match the request (stable- fixes). * HID: playstation: Clamp num_touch_reports (git-fixes). * HID: quirks: add HID_QUIRK_ALWAYS_POLL for 8BitDo Pro 3 (stable-fixes). * HID: roccat: fix use-after-free in roccat_report_event (stable-fixes). * HID: usbhid: fix deadlock in hid_post_reset() (git-fixes). * HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq (stable-fixes). * hv_sock: fix ARM64 support (git-fixes). * hwmon: (ads7871) Fix endianness bug in 16-bit register reads (git-fixes). * hwmon: (corsair-psu) Close HID device on probe errors (git-fixes). * hwmon: (lm63) Add locking to avoid TOCTOU (git-fixes). * hwmon: (ltc2992) Clamp threshold writes to hardware range (git-fixes). * hwmon: (ltc2992) Fix u32 overflow in power read path (git-fixes). * i2c: s3c24xx: check the size of the SMBUS message before using it (stable- fixes). * i2c: smbus: reject oversized block transfers in the common path (git-fixes). * i2c: stm32f7: reinit_completion() per transfer not per msg (git-fixes). * i2c: stub: Reject I2C block transfers with invalid length (git-fixes). * i3c: master: Fix error codes at send_ccc_cmd (git-fixes). * i3c: mipi-i3c-hci: fix IBI payload length calculation for final status (git- fixes). * ibmveth: Disable GSO for packets with small MSS (bsc#1265144). * ice: set max queues in alloc_etherdev_mqs() (git-fixes). * iio: adc: ad7768-1: fix one-shot mode data acquisition (git-fixes). * iio: adc: ti-adc161s626: use DMA-safe memory for spi_read() (git-fixes). * iio: adc: ti-ads7950: use iio_push_to_buffers_with_ts_unaligned() (git- fixes). * Input: i8042 - add TUXEDO InfinityBook Max 16 Gen10 AMD to i8042 quirk table (stable-fixes). * Input: uinput - fix circular locking dependency with ff-core (git-fixes). * Input: uinput - take event lock when submitting FF request "event" (stable- fixes). * Input: xpad - add support for BETOP BTP-KP50B/C controller's wireless mode (stable-fixes). * Input: xpad - add support for Razer Wolverine V3 Pro (stable-fixes). * ipmi: Add limits to event and receive message requests (git-fixes). * ipmi: Check event message buffer response for bad data (git-fixes). * ipmi: ssif_bmc: change log level to dbg in irq callback (git-fixes). * ipmi: ssif_bmc: fix message desynchronization after truncated response (git- fixes). * ipmi: ssif_bmc: fix missing check for copy_to_user() partial failure (git- fixes). * irqchip/irq-pic32-evic: Address warning related to wrong printf() formatter (git-fixes). * kdump, documentation: describe craskernel CMA reservation (jsc#PED-7249). * KVM: Reject wrapped offset in kvm_reset_dirty_gfn() (git-fixes). * KVM: SVM: Mark VMCB_NPT as dirty on nested VMRUN (git-fixes). * KVM: SVM: Mark VMCB_PERM_MAP as dirty on nested VMRUN (git-fixes). * KVM: x86/mmu: Retry fault before acquiring mmu_lock if mapping is changing (bsc#1253122). * KVM: x86/xen: Fix cleanup logic in emulation of Xen schedop poll hypercalls (git-fixes). * KVM: x86: check for nEPT/nNPT in slow flush hypercalls (git-fixes). * KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (git- fixes). * KVM: x86: hyper-v: Validate all GVAs during PV TLB flush (git-fixes). * KVM: x86: Ignore cpuid faulting in SMM (git-fixes). * leds: lgm-sso: Remove duplicate assignments for priv->mmap (git-fixes). * lib/hexdump: print_hex_dump_bytes() calls print_hex_dump_debug() (git- fixes). * media: amphion: Fix race between m2m job_abort and device_run (git-fixes). * media: as102: fix to not free memory after the device is registered in as102_usb_probe() (git-fixes). * media: dib8000: avoid division by 0 in dib8000_set_dds() (git-fixes). * media: em28xx: fix use-after-free in em28xx_v4l2_open() (git-fixes). * media: hackrf: fix to not free memory after the device is registered in hackrf_probe() (git-fixes). * media: i2c: imx219: Check return value of devm_gpiod_get_optional() in imx219_probe() (git-fixes). * media: i2c: imx412: Assert reset GPIO during probe (git-fixes). * media: i2c: ov08d10: fix image vertical start setting (git-fixes). * media: i2c: ov8856: free control handler on error in ov8856_init_controls() (git-fixes). * media: mtk-jpeg: fix use-after-free in release path due to uncancelled work (git-fixes). * media: omap3isp: drop the use count of v4l2 pipeline (git-fixes). * media: pci: zoran: fix potential memory leak in zoran_probe() (git-fixes). * media: rc: streamzap: Error handling in probe (git-fixes). * media: rc: xbox_remote: heed DMA restrictions (git-fixes). * media: saa7164: add ioremap return checks and cleanups (git-fixes). * media: staging: imx: configure src_mux in csi_start (git-fixes). * media: staging: imx: request mbus_config in csi_start (git-fixes). * media: uvcvideo: Enable VB2_DMABUF for metadata stream (git-fixes). * media: videobuf2: Set vma_flags in vb2_dma_sg_mmap (git-fixes). * media: vidtv: fix nfeeds state corruption on start_streaming failure (git- fixes). * media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections (git-fixes). * media: vidtv: fix pass-by-value structs causing MSAN warnings (git-fixes). * memory: tegra30-emc: Fix dll_change check (git-fixes). * memory: tegra124-emc: Fix dll_change check (git-fixes). * mfd: mc13xxx-core: Fix memory leak in mc13xxx_add_subdevice_pdata() (git- fixes). * mkspec: Add signature to source list only when it exists. * mmc: sdhci-of-dwcmshc: Disable clock before DLL configuration (git-fixes). * mmc: vub300: fix NULL-deref on disconnect (git-fixes). * modpost: Amend ppc64 save/restfpr symnames for -Os build (bsc#1215199). * mtd: docg3: Convert to platform remove callback returning void (stable- fixes). * mtd: docg3: fix use-after-free in docg3_release() (git-fixes). * mtd: parsers: ofpart: call of_node_get() for dedicated subpartitions (git- fixes). * mtd: parsers: ofpart: call of_node_put() only in ofpart_fail path (git- fixes). * mtd: physmap_of_gemini: Fix disabled pinctrl state check (git-fixes). * mtd: rawnand: sunxi: fix sunxi_nfc_hw_ecc_read_extra_oob (git-fixes). * mtd: spi-nor: core: correct the op.dummy.nbytes when check read operations (git-fixes). * mtd: spi-nor: sst: Factor out common write operation to `sst_nor_write_data()` (stable-fixes). * mtd: spi-nor: sst: Fix SST write failure (git-fixes). * mtd: spi-nor: sst: Fix write enable before AAI sequence (git-fixes). * mtd: spi-nor: swp: check SR_TB flag when getting tb_mask (git-fixes). * net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * net/sched: cls_fw: fix NULL dereference of "old" filters before change() (git-fixes). * net/sched: fix pedit partial COW leading to page cache corruption (bsc#1265421). * net: gro: don't merge zcopy skbs (git-fixes). * net: mana: Add MAC address to vPort logs and clarify error messages (git- fixes). * net: mana: check xdp_rxq registration before unreg in mana_destroy_rxq() (git-fixes). * net: mana: Don't overwrite port probe error with add_adev result (git- fixes). * net: mana: Fix crash from unvalidated SHM offset read from BAR0 during FLR (bsc#1265846). * net: mana: Fix EQ leak in mana_remove on NULL port (git-fixes). * net: mana: Fix RX skb truesize accounting (bsc#1248754). * net: mana: fix use-after-free in mana_hwc_destroy_channel() by reordering teardown (git-fixes). * net: mana: Guard mana_remove against double invocation (git-fixes). * net: mana: hardening: Validate adapter_mtu from MANA_QUERY_DEV_CONFIG (git- fixes). * net: mana: hardening: Validate doorbell ID from GDMA_REGISTER_DEVICE response (git-fixes). * net: mana: Init gf_stats_work before potential error paths in probe (git- fixes). * net: mana: Init link_change_work before potential error paths in probe (git- fixes). * net: mana: remove double CQ cleanup in mana_create_rxq error path (git- fixes). * net: mana: Set default number of queues to 16 (bsc#1261648). * net: mana: Skip WQ object destruction for uninitialized RXQ (git-fixes). * net: mana: Use at least SZ_4K in doorbell ID range check (git-fixes). * net: mana: Use pci_name() for debugfs directory naming (git-fixes). * net: phy: dp83869: fix setting CLK_O_SEL field (git-fixes). * net: stmmac: Fix PTP ref clock for Tegra234 (git-fixes). * net: usb: asix: ax88772: re-add usbnet_link_change() in phylink callbacks (git-fixes). * net: usb: cdc-phonet: fix skb frags[] overflow in rx_complete() (git-fixes). * net: usb: rtl8150: fix use-after-free in rtl8150_start_xmit() (git-fixes). * net: usb: rtl8150: free skb on usb_submit_urb() failure in xmit (git-fixes). * net: wan: fsl_ucc_hdlc: fix ucc_hdlc_remove (git-fixes). * net: wan: fsl_ucc_hdlc: fix uhdlc_memclean (git-fixes). * net: wan: fsl_ucc_hdlc: free tx_skbuff in uhdlc_memclean (git-fixes). * NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (git- fixes). * nfc: llcp: add missing return after LLCP_CLOSED checks (git-fixes). * nfc: pn533: allocate rx skb before consuming bytes (git-fixes). * nfc: s3fwrn5: allocate rx skb before consuming bytes (git-fixes). * NFC: trf7970a: Ignore antenna noise when checking for RF field (git-fixes). * nvmet-tcp: propagate nvmet_tcp_build_pdu_iovec() errors to its callers (git- fixes). * ocfs2: fix possible deadlock between unlink and dio_end_io_write (bsc#1258718). * ocfs2: split transactions in dio completion to avoid credit exhaustion (bsc#1258718). * PCI/AER: Clear only error bits in PCIe Device Status (git-fixes). * PCI/AER: Stop ruling out unbound devices as error source (git-fixes). * PCI: dwc: Apply ECRC workaround to DesignWare 5.00a as well (git-fixes). * PCI: Enable AtomicOps only if Root Port supports them (git-fixes). * PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown (git-fixes). * PCI: hv: Set default NUMA node to 0 for devices without affinity info (git- fixes). * PCI: mediatek-gen3: Prevent leaking IRQ domains when IRQ not found (git- fixes). * PCI: tegra194: Allow system suspend when the Endpoint link is not up (git- fixes). * PCI: tegra194: Disable direct speed change for Endpoint mode (git-fixes). * PCI: tegra194: Disable LTSSM after transition to Detect on surprise link down (git-fixes). * PCI: tegra194: Disable PERST# IRQ only in Endpoint mode (git-fixes). * PCI: tegra194: Fix polling delay for L2 state (git-fixes). * PCI: tegra194: Increase LTSSM poll time on surprise link down (git-fixes). * PCI: tegra194: Set LTR message request before PCIe link up in Endpoint mode (git-fixes). * PCI: tegra194: Use devm_gpiod_get_optional() to parse "nvidia,refclk-select" (git-fixes). * PCI: tegra194: Use DWC IP core version (git-fixes). * pinctrl: abx500: Fix type of 'argument' variable (git-fixes). * pinctrl: Fix spelling problem (git-fixes). * pinctrl: intel: Fix the revision for new features (1kOhm PD, HW debouncer) (stable-fixes). * pinctrl: pic32: change all cases of bare 'unsigned' to 'unsigned int' (git- fixes). * pinctrl: pic32: use consistent spacing around '+' (git-fixes). * pinctrl: pinctrl-pic32: Fix resource leak (git-fixes). * platform/chrome: chromeos_tbmc: Drop wakeup source on remove (git-fixes). * platform/surface: surfacepro3_button: Drop wakeup source on remove (git- fixes). * platform/x86/amd: pmc: Add Thinkpad L14 Gen3 to quirk_s2idle_bug (stable- fixes). * platform/x86: dell-wmi-sysman: bound enumeration string aggregation (git- fixes). * platform/x86: dell_rbu: avoid uninit value usage in packet_size_write() (git-fixes). * platform/x86: hp-wmi: Ignore backlight and FnLock events (stable-fixes). * platform/x86: panasonic-laptop: Fix OPTD notifier registration and cleanup (git-fixes). * power: supply: axp288_charger: Do not cancel work before initializing it (git-fixes). * power: supply: max17042: avoid overflow when determining health (git-fixes). * powerpc/crash: fix backup region offset update to elfcorehdr (bsc#1259535). * RDMA/mana: Fix error unwind in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Fix mana_destroy_wq_obj() cleanup in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Validate rx_hash_key_len (git-fixes). * RDMA/mana_ib: cleanup the usage of mana_gd_send_request() (git-fixes). * RDMA/mana_ib: Disable RX steering on RSS QP destroy (git-fixes). * RDMA/mana_ib: Support memory windows (git-fixes). * regulator: act8945a: fix OF node reference imbalance (git-fixes). * regulator: bd9571mwv: fix OF node reference imbalance (git-fixes). * regulator: max77650: fix OF node reference imbalance (git-fixes). * regulator: mt6357: fix OF node reference imbalance (git-fixes). * remoteproc: xlnx: Only access buffer information if IPI is buffered (git- fixes). * Revert "ALSA: usb: Increase volume range that triggers a warning" (git- fixes). * rtc: abx80x: Disable alarm feature if no interrupt attached (git-fixes). * rtc: ntxec: fix OF node reference imbalance (git-fixes). * sched/balancing: Switch the 'DEFINE_SPINLOCK(balancing)' spinlock into an 'atomic_t sched_balance_running' flag (bsc#1253754). * sched/fair: Change likelyhood of nohz.nr_cpus (bsc#1234634 bsc#1258961). * sched/fair: Have SD_SERIALIZE affect newidle balancing (bsc#1253754). * sched/fair: Move checking for nohz cpus after time check (bsc#1234634 bsc#1258961). * sched/fair: Remove nohz.nr_cpus and use weight of cpumask instead (bsc#1234634 bsc#1258961). * sched/fair: Skip sched_balance_running cmpxchg when balance is not due (bsc#1253754). * scsi: storvsc: Handle PERSISTENT_RESERVE_IN truncation for Hyper-V vFC (git- fixes). * scsi: target: iscsi: validate CHAP_R length before base64 decode (bsc#1265449). * soc/tegra: cbb: Set ERD on resume for err interrupt (git-fixes). * soc: qcom: aoss: compare against normalized cooling state (git-fixes). * soc: qcom: llcc: fix v1 SB syndrome register offset (git-fixes). * sound: ua101: fix division by zero at probe (git-fixes). * soundwire: bus: demote UNATTACHED state warnings to dev_dbg() (git-fixes). * soundwire: cadence: Clear message complete before signaling waiting thread (git-fixes). * spi: at91-usart: fix controller deregistration (git-fixes). * spi: atmel: fix controller deregistration (git-fixes). * spi: cadence: fix controller deregistration (git-fixes). * spi: fix controller cleanup() documentation (git-fixes). * spi: fix misleading controller deregistration kernel-doc (git-fixes). * spi: fix misleading controller registration kernel-doc (git-fixes). * spi: fsl-qspi: Use reinit_completion() for repeated operations (git-fixes). * spi: hisi-kunpeng: prevent infinite while() loop in hisi_spi_flush_fifo (git-fixes). * spi: imx: fix runtime pm leak on probe deferral (git-fixes). * spi: imx: fix use-after-free on unbind (git-fixes). * spi: microchip-core-qspi: fix controller deregistration (git-fixes). * spi: microchip-core-qspi: Use helper function devm_clk_get_enabled() (stable-fixes). * spi: mpc52xx: fix use-after-free on unbind (git-fixes). * spi: mtk-nor: fix controller deregistration (git-fixes). * spi: mtk-snfi: unregister ECC engine on probe failure and remove() callback (git-fixes). * spi: omap2-mcspi: fix controller deregistration (git-fixes). * spi: orion: fix clock imbalance on registration failure (git-fixes). * spi: orion: fix runtime pm leak on unbind (git-fixes). * spi: rockchip: fix controller deregistration (git-fixes). * spi: rspi: fix controller deregistration (git-fixes). * spi: sh-hspi: fix controller deregistration (git-fixes). * spi: spi-ti-qspi: Convert to platform remove callback returning void (stable-fixes). * spi: sprd: fix controller deregistration (git-fixes). * spi: sun4i: fix controller deregistration (git-fixes). * spi: sun4i: switch to use modern name (stable-fixes). * spi: syncuacer: fix controller deregistration (git-fixes). * spi: synquacer: switch to use modern name (stable-fixes). * spi: uniphier: fix controller deregistration (git-fixes). * spi: uniphier: Simplify clock handling with devm_clk_get_enabled() (stable- fixes). * spi: uniphier: switch to use modern name (stable-fixes). * spi: zynq-qspi: switch to use modern name (stable-fixes). * spi: zynqmp-gqspi: fix controller deregistration (git-fixes). * staging: media: atomisp: Disallow all private IOCTLs (git-fixes). * staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify() (git-fixes). * staging: sm750fb: fix division by zero in ps_to_hz() (git-fixes). * staging: vme_user: added bound check to geoid (stable-fixes). * staging: vme_user: fix root device leak on init failure (git-fixes). * thermal/drivers/spear: Fix error condition for reading st,thermal-flags (git-fixes). * thermal/drivers/sprd: Fix raw temperature clamping in sprd_thm_rawdata_to_temp (git-fixes). * thermal/drivers/sprd: Fix temperature clamping in sprd_thm_temp_to_rawdata (git-fixes). * tpm: avoid -Wunused-but-set-variable (git-fixes). * tpm: tpm_tis: add error logging for data transfer (git-fixes). * tpm: tpm_tis: stop transmit if retries are exhausted (git-fixes). * tty: tty_io: update timestamps on all device nodes (bsc#1262020). * USB: cdc-acm: Add quirks for Yoga Book 9 14IAH10 INGENIC touchscreen (stable-fixes). * usb: chipidea: core: allow ci_irq_handler() handle both ID and VBUS change (git-fixes). * usb: chipidea: otg: not wait vbus drop if use role_switch (git-fixes). * USB: core: add NO_LPM quirk for Razer Kiyo Pro webcam (stable-fixes). * usb: gadget: dummy_hcd: fix premature URB completion when ZLP follows partial transfer (stable-fixes). * usb: gadget: f_ncm: validate minimum block_len in ncm_unwrap_ntb() (git- fixes). * usb: gadget: f_phonet: fix skb frags[] overflow in pn_rx_complete() (stable- fixes). * usb: gadget: f_uac1_legacy: validate control request size (stable-fixes). * usb: gadget: renesas_usb3: validate endpoint index in standard request handlers (git-fixes). * USB: omap_udc: DMA: Don't enable burst 4 mode (git-fixes). * usb: port: add delay after usb_hub_set_port_power() (git-fixes). * usb: quirks: add DELAY_INIT quirk for another Silicon Motion flash drive (stable-fixes). * USB: serial: io_edgeport: add support for Blackbox IC135A (stable-fixes). * USB: serial: option: add MeiG Smart SRM825WN (stable-fixes). * USB: serial: option: add support for Rolling Wireless RW135R-GL (stable- fixes). * USB: serial: option: add Telit Cinterion FN990A MBIM composition (stable- fixes). * USB: serial: option: add Telit Cinterion LE910Cx compositions (stable- fixes). * usb: storage: Expand range of matched versions for VL817 quirks entry (stable-fixes). * usb: ulpi: fix memory leak on ulpi_register() error paths (git-fixes). * usb: usblp: fix heap leak in IEEE 1284 device ID via short response (stable- fixes). * usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl (stable- fixes). * usb: xhci: Make usb_host_endpoint.hcpriv survive endpoint_disable() (git- fixes). * usbip: validate number_of_packets in usbip_pack_ret_submit() (git-fixes). * virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (git- fixes). * virt: tdx-guest: Return error for GetQuote failures (git-fixes). * wifi: ath5k: do not access array OOB (git-fixes). * wifi: ath9k: Fix typo (git-fixes). * wifi: ath11k: Pass the correct value of each TID during a stop AMPDU session (git-fixes). * wifi: ath11k: skip status ring entry processing (stable-fixes). * wifi: ath11k: Use dma_alloc_noncoherent for rx_tid buffer allocation (stable-fixes). * wifi: b43: enforce bounds check on firmware key index in b43_rx() (git- fixes). * wifi: b43legacy: enforce bounds check on firmware key index in RX path (git- fixes). * wifi: brcmfmac: Fix error pointer dereference (git-fixes). * wifi: brcmfmac: validate bsscfg indices in IF events (stable-fixes). * wifi: brcmsmac: Fix dma_free_coherent() size (git-fixes). * wifi: cw1200: Revert "Fix locking in error paths" (git-fixes). * wifi: libertas: notify firmware load wait on disconnect (git-fixes). * wifi: mac80211: check ieee80211_rx_data_set_link return in pubsta MLO path (git-fixes). * wifi: mac80211: drop stray 'static' from fast-RX rx_result (git-fixes). * wifi: mac80211: remove station if connection prep fails (git-fixes). * wifi: mt76: mt792x: describe USB WFSYS reset with a descriptor (stable- fixes). * wifi: mt76: mt792x: fix mt7925u USB WFSYS reset handling (git-fixes). * wifi: mt76: mt7615: fix use_cts_prot support (git-fixes). * wifi: mt76: mt7915: fix use-after-free bugs in mt7915_mac_dump_work() (git- fixes). * wifi: mt76: mt7915: fix use_cts_prot support (git-fixes). * wifi: mt76: mt7921: fix a potential clc buffer length underflow (git-fixes). * wifi: mt76: mt7921: fix ROC abort flow interruption in mt7921_roc_work (git- fixes). * wifi: mt76: mt7921: Reset ampdu_state state in case of failure in mt76_connac2_tx_check_aggr() (git-fixes). * wifi: mt76: mt7925: fix incorrect length field in txpower command (git- fixes). * wifi: mt76: mt7996: fix FCS error flag check in RX descriptor (git-fixes). * wifi: mt76: mt7996: fix struct mt7996_mcu_uni_event (git-fixes). * wifi: mwifiex: Fix memory leak in mwifiex_11n_aggregate_pkt() (git-fixes). * wifi: nl80211: fix NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST usage (git- fixes). * wifi: nl80211: require admin perm on SET_PMK / DEL_PMK (git-fixes). * wifi: rsi: fix kthread lifetime race between self-exit and external-stop (git-fixes). * wifi: rt2x00usb: fix devres lifetime (git-fixes). * wifi: rtlwifi: pci: fix possible use-after-free caused by unfinished irq_prepare_bcn_tasklet (git-fixes). * wifi: rtw88: check for PCI upstream bridge existence (git-fixes). * wifi: rtw88: fix device leak on probe failure (git-fixes). * wifi: rtw89: phy: fix uninitialized variable access in rtw89_phy_cfo_set_crystal_cap() (git-fixes). * wifi: wl1251: validate packet IDs before indexing tx_frames (stable-fixes). * workqueue: Break up enum definitions and give names to the types (bsc#1260522). * workqueue: Clean up enum work_bits and related constants (bsc#1260522). * workqueue: Factor out work_grab_pending() from __cancel_work_sync() (bsc#1260522). * workqueue: Fix UBSAN 'subtraction overflow' error in shift_and_mask() (bsc#1260522). * workqueue: Implement disable/enable for (delayed) work items (bsc#1260522). * workqueue: Introduce work_cancel_flags (bsc#1260522). * workqueue: Make @flags handling consistent across set_work_data() and friends (bsc#1260522). * workqueue: Preserve OFFQ bits in cancel[_sync] paths (bsc#1260522). * workqueue: Rename __cancel_work_timer() to __cancel_timer_sync() (bsc#1260522). * workqueue: Reorganize flush and cancel[_sync] functions (bsc#1260522). * x86/boot/64: Clear most of CR4 in startup_64(), except PAE, MCE and LA57 (git-fixes). * x86/boot/sev: Avoid shared GHCB page for early memory acceptance (git- fixes). * x86/boot: Don't add the EFI stub to targets, again (git-fixes). * x86/boot: Fix page table access in 5-level to 4-level paging transition (git-fixes). * X.509: Fix out-of-bounds access when parsing extensions (git-fixes). * Xarray: do not return sibling entries from xas_find_marked() (bsc#1263815). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-437=1 ## Package List: * SUSE Linux Micro 6.0 (noarch) * kernel-source-rt-6.4.0-47.1 * kernel-devel-rt-6.4.0-47.1 * SUSE Linux Micro 6.0 (nosrc x86_64) * kernel-rt-6.4.0-47.1 * SUSE Linux Micro 6.0 (x86_64) * kernel-rt-debuginfo-6.4.0-47.1 * kernel-rt-debugsource-6.4.0-47.1 * kernel-rt-livepatch-6.4.0-47.1 ## References: * https://www.suse.com/security/cve/CVE-2023-20585.html * https://www.suse.com/security/cve/CVE-2025-40219.html * https://www.suse.com/security/cve/CVE-2025-71183.html * https://www.suse.com/security/cve/CVE-2025-71238.html * https://www.suse.com/security/cve/CVE-2026-23168.html * https://www.suse.com/security/cve/CVE-2026-23209.html * https://www.suse.com/security/cve/CVE-2026-23236.html * https://www.suse.com/security/cve/CVE-2026-23237.html * https://www.suse.com/security/cve/CVE-2026-23239.html * https://www.suse.com/security/cve/CVE-2026-23240.html * https://www.suse.com/security/cve/CVE-2026-23245.html * https://www.suse.com/security/cve/CVE-2026-23246.html * https://www.suse.com/security/cve/CVE-2026-23253.html * https://www.suse.com/security/cve/CVE-2026-23260.html * https://www.suse.com/security/cve/CVE-2026-23264.html * https://www.suse.com/security/cve/CVE-2026-23266.html * https://www.suse.com/security/cve/CVE-2026-23268.html * https://www.suse.com/security/cve/CVE-2026-23269.html * https://www.suse.com/security/cve/CVE-2026-23271.html * https://www.suse.com/security/cve/CVE-2026-23273.html * https://www.suse.com/security/cve/CVE-2026-23276.html * https://www.suse.com/security/cve/CVE-2026-23279.html * https://www.suse.com/security/cve/CVE-2026-23290.html * https://www.suse.com/security/cve/CVE-2026-23291.html * https://www.suse.com/security/cve/CVE-2026-23298.html * https://www.suse.com/security/cve/CVE-2026-23300.html * https://www.suse.com/security/cve/CVE-2026-23306.html * https://www.suse.com/security/cve/CVE-2026-23307.html * https://www.suse.com/security/cve/CVE-2026-23308.html * https://www.suse.com/security/cve/CVE-2026-23312.html * https://www.suse.com/security/cve/CVE-2026-23313.html * https://www.suse.com/security/cve/CVE-2026-23315.html * https://www.suse.com/security/cve/CVE-2026-23318.html * https://www.suse.com/security/cve/CVE-2026-23321.html * https://www.suse.com/security/cve/CVE-2026-23324.html * https://www.suse.com/security/cve/CVE-2026-23325.html * https://www.suse.com/security/cve/CVE-2026-23336.html * https://www.suse.com/security/cve/CVE-2026-23339.html * https://www.suse.com/security/cve/CVE-2026-23340.html * https://www.suse.com/security/cve/CVE-2026-23346.html * https://www.suse.com/security/cve/CVE-2026-23351.html * https://www.suse.com/security/cve/CVE-2026-23357.html * https://www.suse.com/security/cve/CVE-2026-23362.html * https://www.suse.com/security/cve/CVE-2026-23363.html * https://www.suse.com/security/cve/CVE-2026-23365.html * https://www.suse.com/security/cve/CVE-2026-23367.html * https://www.suse.com/security/cve/CVE-2026-23368.html * https://www.suse.com/security/cve/CVE-2026-23370.html * https://www.suse.com/security/cve/CVE-2026-23372.html * https://www.suse.com/security/cve/CVE-2026-23373.html * https://www.suse.com/security/cve/CVE-2026-23374.html * https://www.suse.com/security/cve/CVE-2026-23378.html * https://www.suse.com/security/cve/CVE-2026-23382.html * https://www.suse.com/security/cve/CVE-2026-23391.html * https://www.suse.com/security/cve/CVE-2026-23392.html * https://www.suse.com/security/cve/CVE-2026-23393.html * https://www.suse.com/security/cve/CVE-2026-23396.html * https://www.suse.com/security/cve/CVE-2026-23397.html * https://www.suse.com/security/cve/CVE-2026-23399.html * https://www.suse.com/security/cve/CVE-2026-23403.html * https://www.suse.com/security/cve/CVE-2026-23404.html * https://www.suse.com/security/cve/CVE-2026-23405.html * https://www.suse.com/security/cve/CVE-2026-23406.html * https://www.suse.com/security/cve/CVE-2026-23407.html * https://www.suse.com/security/cve/CVE-2026-23408.html * https://www.suse.com/security/cve/CVE-2026-23409.html * https://www.suse.com/security/cve/CVE-2026-23410.html * https://www.suse.com/security/cve/CVE-2026-23411.html * https://www.suse.com/security/cve/CVE-2026-23420.html * https://www.suse.com/security/cve/CVE-2026-23426.html * https://www.suse.com/security/cve/CVE-2026-23434.html * https://www.suse.com/security/cve/CVE-2026-23440.html * https://www.suse.com/security/cve/CVE-2026-23441.html * https://www.suse.com/security/cve/CVE-2026-23442.html * https://www.suse.com/security/cve/CVE-2026-23443.html * https://www.suse.com/security/cve/CVE-2026-23446.html * https://www.suse.com/security/cve/CVE-2026-23447.html * https://www.suse.com/security/cve/CVE-2026-23448.html * https://www.suse.com/security/cve/CVE-2026-23449.html * https://www.suse.com/security/cve/CVE-2026-23450.html * https://www.suse.com/security/cve/CVE-2026-23452.html * https://www.suse.com/security/cve/CVE-2026-23455.html * https://www.suse.com/security/cve/CVE-2026-23456.html * https://www.suse.com/security/cve/CVE-2026-23457.html * https://www.suse.com/security/cve/CVE-2026-23458.html * https://www.suse.com/security/cve/CVE-2026-23460.html * https://www.suse.com/security/cve/CVE-2026-23461.html * https://www.suse.com/security/cve/CVE-2026-23462.html * https://www.suse.com/security/cve/CVE-2026-23463.html * https://www.suse.com/security/cve/CVE-2026-23465.html * https://www.suse.com/security/cve/CVE-2026-23468.html * https://www.suse.com/security/cve/CVE-2026-23472.html * https://www.suse.com/security/cve/CVE-2026-23473.html * https://www.suse.com/security/cve/CVE-2026-23474.html * https://www.suse.com/security/cve/CVE-2026-23475.html * https://www.suse.com/security/cve/CVE-2026-31389.html * https://www.suse.com/security/cve/CVE-2026-31393.html * https://www.suse.com/security/cve/CVE-2026-31400.html * https://www.suse.com/security/cve/CVE-2026-31402.html * https://www.suse.com/security/cve/CVE-2026-31403.html * https://www.suse.com/security/cve/CVE-2026-31404.html * https://www.suse.com/security/cve/CVE-2026-31405.html * https://www.suse.com/security/cve/CVE-2026-31407.html * https://www.suse.com/security/cve/CVE-2026-31408.html * https://www.suse.com/security/cve/CVE-2026-31411.html * https://www.suse.com/security/cve/CVE-2026-31412.html * https://www.suse.com/security/cve/CVE-2026-31415.html * https://www.suse.com/security/cve/CVE-2026-31416.html * https://www.suse.com/security/cve/CVE-2026-31417.html * https://www.suse.com/security/cve/CVE-2026-31420.html * https://www.suse.com/security/cve/CVE-2026-31421.html * https://www.suse.com/security/cve/CVE-2026-31422.html * https://www.suse.com/security/cve/CVE-2026-31423.html * https://www.suse.com/security/cve/CVE-2026-31424.html * https://www.suse.com/security/cve/CVE-2026-31425.html * https://www.suse.com/security/cve/CVE-2026-31426.html * https://www.suse.com/security/cve/CVE-2026-31427.html * https://www.suse.com/security/cve/CVE-2026-31428.html * https://www.suse.com/security/cve/CVE-2026-31436.html * https://www.suse.com/security/cve/CVE-2026-31449.html * https://www.suse.com/security/cve/CVE-2026-31470.html * https://www.suse.com/security/cve/CVE-2026-31488.html * https://www.suse.com/security/cve/CVE-2026-31494.html * https://www.suse.com/security/cve/CVE-2026-31496.html * https://www.suse.com/security/cve/CVE-2026-31504.html * https://www.suse.com/security/cve/CVE-2026-31505.html * https://www.suse.com/security/cve/CVE-2026-31507.html * https://www.suse.com/security/cve/CVE-2026-31512.html * https://www.suse.com/security/cve/CVE-2026-31515.html * https://www.suse.com/security/cve/CVE-2026-31519.html * https://www.suse.com/security/cve/CVE-2026-31525.html * https://www.suse.com/security/cve/CVE-2026-31528.html * https://www.suse.com/security/cve/CVE-2026-31533.html * https://www.suse.com/security/cve/CVE-2026-31550.html * https://www.suse.com/security/cve/CVE-2026-31565.html * https://www.suse.com/security/cve/CVE-2026-31570.html * https://www.suse.com/security/cve/CVE-2026-31586.html * https://www.suse.com/security/cve/CVE-2026-31588.html * https://www.suse.com/security/cve/CVE-2026-31602.html * https://www.suse.com/security/cve/CVE-2026-31607.html * https://www.suse.com/security/cve/CVE-2026-31622.html * https://www.suse.com/security/cve/CVE-2026-31649.html * https://www.suse.com/security/cve/CVE-2026-31656.html * https://www.suse.com/security/cve/CVE-2026-31662.html * https://www.suse.com/security/cve/CVE-2026-31668.html * https://www.suse.com/security/cve/CVE-2026-31669.html * https://www.suse.com/security/cve/CVE-2026-31675.html * https://www.suse.com/security/cve/CVE-2026-31679.html * https://www.suse.com/security/cve/CVE-2026-31681.html * https://www.suse.com/security/cve/CVE-2026-31682.html * https://www.suse.com/security/cve/CVE-2026-31684.html * https://www.suse.com/security/cve/CVE-2026-31685.html * https://www.suse.com/security/cve/CVE-2026-31694.html * https://www.suse.com/security/cve/CVE-2026-31700.html * https://www.suse.com/security/cve/CVE-2026-31738.html * https://www.suse.com/security/cve/CVE-2026-31787.html * https://www.suse.com/security/cve/CVE-2026-43009.html * https://www.suse.com/security/cve/CVE-2026-43025.html * https://www.suse.com/security/cve/CVE-2026-43027.html * https://www.suse.com/security/cve/CVE-2026-43037.html * https://www.suse.com/security/cve/CVE-2026-43038.html * https://www.suse.com/security/cve/CVE-2026-43044.html * https://www.suse.com/security/cve/CVE-2026-43050.html * https://www.suse.com/security/cve/CVE-2026-43060.html * https://www.suse.com/security/cve/CVE-2026-43088.html * https://www.suse.com/security/cve/CVE-2026-43110.html * https://www.suse.com/security/cve/CVE-2026-43120.html * https://www.suse.com/security/cve/CVE-2026-43126.html * https://www.suse.com/security/cve/CVE-2026-43190.html * https://www.suse.com/security/cve/CVE-2026-43214.html * https://www.suse.com/security/cve/CVE-2026-43265.html * https://www.suse.com/security/cve/CVE-2026-43329.html * https://www.suse.com/security/cve/CVE-2026-43330.html * https://www.suse.com/security/cve/CVE-2026-43334.html * https://www.suse.com/security/cve/CVE-2026-43365.html * https://www.suse.com/security/cve/CVE-2026-43366.html * https://www.suse.com/security/cve/CVE-2026-43419.html * https://www.suse.com/security/cve/CVE-2026-43437.html * https://www.suse.com/security/cve/CVE-2026-43441.html * https://www.suse.com/security/cve/CVE-2026-43494.html * https://www.suse.com/security/cve/CVE-2026-43503.html * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1234634 * https://bugzilla.suse.com/show_bug.cgi?id=1243603 * https://bugzilla.suse.com/show_bug.cgi?id=1248754 * https://bugzilla.suse.com/show_bug.cgi?id=1253122 * https://bugzilla.suse.com/show_bug.cgi?id=1253754 * https://bugzilla.suse.com/show_bug.cgi?id=1254518 * https://bugzilla.suse.com/show_bug.cgi?id=1256863 * https://bugzilla.suse.com/show_bug.cgi?id=1257631 * https://bugzilla.suse.com/show_bug.cgi?id=1258518 * https://bugzilla.suse.com/show_bug.cgi?id=1258718 * https://bugzilla.suse.com/show_bug.cgi?id=1258826 * https://bugzilla.suse.com/show_bug.cgi?id=1258849 * https://bugzilla.suse.com/show_bug.cgi?id=1258850 * https://bugzilla.suse.com/show_bug.cgi?id=1258854 * https://bugzilla.suse.com/show_bug.cgi?id=1258855 * https://bugzilla.suse.com/show_bug.cgi?id=1258856 * https://bugzilla.suse.com/show_bug.cgi?id=1258857 * https://bugzilla.suse.com/show_bug.cgi?id=1258961 * https://bugzilla.suse.com/show_bug.cgi?id=1259186 * https://bugzilla.suse.com/show_bug.cgi?id=1259199 * https://bugzilla.suse.com/show_bug.cgi?id=1259222 * https://bugzilla.suse.com/show_bug.cgi?id=1259484 * https://bugzilla.suse.com/show_bug.cgi?id=1259485 * https://bugzilla.suse.com/show_bug.cgi?id=1259535 * https://bugzilla.suse.com/show_bug.cgi?id=1259799 * https://bugzilla.suse.com/show_bug.cgi?id=1259806 * https://bugzilla.suse.com/show_bug.cgi?id=1259857 * https://bugzilla.suse.com/show_bug.cgi?id=1259868 * https://bugzilla.suse.com/show_bug.cgi?id=1259869 * https://bugzilla.suse.com/show_bug.cgi?id=1259873 * https://bugzilla.suse.com/show_bug.cgi?id=1259878 * https://bugzilla.suse.com/show_bug.cgi?id=1260010 * https://bugzilla.suse.com/show_bug.cgi?id=1260012 * https://bugzilla.suse.com/show_bug.cgi?id=1260018 * https://bugzilla.suse.com/show_bug.cgi?id=1260468 * https://bugzilla.suse.com/show_bug.cgi?id=1260483 * https://bugzilla.suse.com/show_bug.cgi?id=1260484 * https://bugzilla.suse.com/show_bug.cgi?id=1260485 * https://bugzilla.suse.com/show_bug.cgi?id=1260489 * https://bugzilla.suse.com/show_bug.cgi?id=1260501 * https://bugzilla.suse.com/show_bug.cgi?id=1260504 * https://bugzilla.suse.com/show_bug.cgi?id=1260505 * https://bugzilla.suse.com/show_bug.cgi?id=1260507 * https://bugzilla.suse.com/show_bug.cgi?id=1260522 * https://bugzilla.suse.com/show_bug.cgi?id=1260523 * https://bugzilla.suse.com/show_bug.cgi?id=1260526 * https://bugzilla.suse.com/show_bug.cgi?id=1260528 * https://bugzilla.suse.com/show_bug.cgi?id=1260529 * https://bugzilla.suse.com/show_bug.cgi?id=1260530 * https://bugzilla.suse.com/show_bug.cgi?id=1260531 * https://bugzilla.suse.com/show_bug.cgi?id=1260532 * https://bugzilla.suse.com/show_bug.cgi?id=1260533 * https://bugzilla.suse.com/show_bug.cgi?id=1260536 * https://bugzilla.suse.com/show_bug.cgi?id=1260537 * https://bugzilla.suse.com/show_bug.cgi?id=1260538 * https://bugzilla.suse.com/show_bug.cgi?id=1260541 * https://bugzilla.suse.com/show_bug.cgi?id=1260546 * https://bugzilla.suse.com/show_bug.cgi?id=1260549 * https://bugzilla.suse.com/show_bug.cgi?id=1260551 * https://bugzilla.suse.com/show_bug.cgi?id=1260552 * https://bugzilla.suse.com/show_bug.cgi?id=1260553 * https://bugzilla.suse.com/show_bug.cgi?id=1260555 * https://bugzilla.suse.com/show_bug.cgi?id=1260561 * https://bugzilla.suse.com/show_bug.cgi?id=1260566 * https://bugzilla.suse.com/show_bug.cgi?id=1260572 * https://bugzilla.suse.com/show_bug.cgi?id=1260581 * https://bugzilla.suse.com/show_bug.cgi?id=1260728 * https://bugzilla.suse.com/show_bug.cgi?id=1260729 * https://bugzilla.suse.com/show_bug.cgi?id=1260731 * https://bugzilla.suse.com/show_bug.cgi?id=1260800 * https://bugzilla.suse.com/show_bug.cgi?id=1260811 * https://bugzilla.suse.com/show_bug.cgi?id=1261020 * https://bugzilla.suse.com/show_bug.cgi?id=1261287 * https://bugzilla.suse.com/show_bug.cgi?id=1261295 * https://bugzilla.suse.com/show_bug.cgi?id=1261348 * https://bugzilla.suse.com/show_bug.cgi?id=1261503 * https://bugzilla.suse.com/show_bug.cgi?id=1261504 * https://bugzilla.suse.com/show_bug.cgi?id=1261581 * https://bugzilla.suse.com/show_bug.cgi?id=1261582 * https://bugzilla.suse.com/show_bug.cgi?id=1261584 * https://bugzilla.suse.com/show_bug.cgi?id=1261601 * https://bugzilla.suse.com/show_bug.cgi?id=1261602 * https://bugzilla.suse.com/show_bug.cgi?id=1261618 * https://bugzilla.suse.com/show_bug.cgi?id=1261628 * https://bugzilla.suse.com/show_bug.cgi?id=1261632 * https://bugzilla.suse.com/show_bug.cgi?id=1261636 * https://bugzilla.suse.com/show_bug.cgi?id=1261638 * https://bugzilla.suse.com/show_bug.cgi?id=1261641 * https://bugzilla.suse.com/show_bug.cgi?id=1261644 * https://bugzilla.suse.com/show_bug.cgi?id=1261645 * https://bugzilla.suse.com/show_bug.cgi?id=1261648 * https://bugzilla.suse.com/show_bug.cgi?id=1261679 * https://bugzilla.suse.com/show_bug.cgi?id=1261685 * https://bugzilla.suse.com/show_bug.cgi?id=1261686 * https://bugzilla.suse.com/show_bug.cgi?id=1261687 * https://bugzilla.suse.com/show_bug.cgi?id=1261692 * https://bugzilla.suse.com/show_bug.cgi?id=1261694 * https://bugzilla.suse.com/show_bug.cgi?id=1261700 * https://bugzilla.suse.com/show_bug.cgi?id=1261703 * https://bugzilla.suse.com/show_bug.cgi?id=1261707 * https://bugzilla.suse.com/show_bug.cgi?id=1261710 * https://bugzilla.suse.com/show_bug.cgi?id=1261713 * https://bugzilla.suse.com/show_bug.cgi?id=1261719 * https://bugzilla.suse.com/show_bug.cgi?id=1261750 * https://bugzilla.suse.com/show_bug.cgi?id=1261751 * https://bugzilla.suse.com/show_bug.cgi?id=1261752 * https://bugzilla.suse.com/show_bug.cgi?id=1261768 * https://bugzilla.suse.com/show_bug.cgi?id=1261778 * https://bugzilla.suse.com/show_bug.cgi?id=1261779 * https://bugzilla.suse.com/show_bug.cgi?id=1261781 * https://bugzilla.suse.com/show_bug.cgi?id=1261789 * https://bugzilla.suse.com/show_bug.cgi?id=1261796 * https://bugzilla.suse.com/show_bug.cgi?id=1261797 * https://bugzilla.suse.com/show_bug.cgi?id=1261896 * https://bugzilla.suse.com/show_bug.cgi?id=1262020 * https://bugzilla.suse.com/show_bug.cgi?id=1262053 * https://bugzilla.suse.com/show_bug.cgi?id=1262054 * https://bugzilla.suse.com/show_bug.cgi?id=1262055 * https://bugzilla.suse.com/show_bug.cgi?id=1262061 * https://bugzilla.suse.com/show_bug.cgi?id=1262063 * https://bugzilla.suse.com/show_bug.cgi?id=1262074 * https://bugzilla.suse.com/show_bug.cgi?id=1262078 * https://bugzilla.suse.com/show_bug.cgi?id=1262086 * https://bugzilla.suse.com/show_bug.cgi?id=1262087 * https://bugzilla.suse.com/show_bug.cgi?id=1262099 * https://bugzilla.suse.com/show_bug.cgi?id=1262100 * https://bugzilla.suse.com/show_bug.cgi?id=1262101 * https://bugzilla.suse.com/show_bug.cgi?id=1262179 * https://bugzilla.suse.com/show_bug.cgi?id=1262181 * https://bugzilla.suse.com/show_bug.cgi?id=1262602 * https://bugzilla.suse.com/show_bug.cgi?id=1262616 * https://bugzilla.suse.com/show_bug.cgi?id=1262665 * https://bugzilla.suse.com/show_bug.cgi?id=1262671 * https://bugzilla.suse.com/show_bug.cgi?id=1262673 * https://bugzilla.suse.com/show_bug.cgi?id=1262725 * https://bugzilla.suse.com/show_bug.cgi?id=1262731 * https://bugzilla.suse.com/show_bug.cgi?id=1262734 * https://bugzilla.suse.com/show_bug.cgi?id=1262746 * https://bugzilla.suse.com/show_bug.cgi?id=1262752 * https://bugzilla.suse.com/show_bug.cgi?id=1262758 * https://bugzilla.suse.com/show_bug.cgi?id=1263001 * https://bugzilla.suse.com/show_bug.cgi?id=1263012 * https://bugzilla.suse.com/show_bug.cgi?id=1263064 * https://bugzilla.suse.com/show_bug.cgi?id=1263065 * https://bugzilla.suse.com/show_bug.cgi?id=1263085 * https://bugzilla.suse.com/show_bug.cgi?id=1263093 * https://bugzilla.suse.com/show_bug.cgi?id=1263095 * https://bugzilla.suse.com/show_bug.cgi?id=1263104 * https://bugzilla.suse.com/show_bug.cgi?id=1263131 * https://bugzilla.suse.com/show_bug.cgi?id=1263140 * https://bugzilla.suse.com/show_bug.cgi?id=1263141 * https://bugzilla.suse.com/show_bug.cgi?id=1263149 * https://bugzilla.suse.com/show_bug.cgi?id=1263165 * https://bugzilla.suse.com/show_bug.cgi?id=1263170 * https://bugzilla.suse.com/show_bug.cgi?id=1263176 * https://bugzilla.suse.com/show_bug.cgi?id=1263556 * https://bugzilla.suse.com/show_bug.cgi?id=1263582 * https://bugzilla.suse.com/show_bug.cgi?id=1263592 * https://bugzilla.suse.com/show_bug.cgi?id=1263593 * https://bugzilla.suse.com/show_bug.cgi?id=1263595 * https://bugzilla.suse.com/show_bug.cgi?id=1263596 * https://bugzilla.suse.com/show_bug.cgi?id=1263600 * https://bugzilla.suse.com/show_bug.cgi?id=1263668 * https://bugzilla.suse.com/show_bug.cgi?id=1263723 * https://bugzilla.suse.com/show_bug.cgi?id=1263797 * https://bugzilla.suse.com/show_bug.cgi?id=1263815 * https://bugzilla.suse.com/show_bug.cgi?id=1263882 * https://bugzilla.suse.com/show_bug.cgi?id=1263901 * https://bugzilla.suse.com/show_bug.cgi?id=1263931 * https://bugzilla.suse.com/show_bug.cgi?id=1263933 * https://bugzilla.suse.com/show_bug.cgi?id=1263995 * https://bugzilla.suse.com/show_bug.cgi?id=1264014 * https://bugzilla.suse.com/show_bug.cgi?id=1264059 * https://bugzilla.suse.com/show_bug.cgi?id=1264082 * https://bugzilla.suse.com/show_bug.cgi?id=1264087 * https://bugzilla.suse.com/show_bug.cgi?id=1264097 * https://bugzilla.suse.com/show_bug.cgi?id=1264183 * https://bugzilla.suse.com/show_bug.cgi?id=1264427 * https://bugzilla.suse.com/show_bug.cgi?id=1264469 * https://bugzilla.suse.com/show_bug.cgi?id=1264482 * https://bugzilla.suse.com/show_bug.cgi?id=1264634 * https://bugzilla.suse.com/show_bug.cgi?id=1264651 * https://bugzilla.suse.com/show_bug.cgi?id=1264661 * https://bugzilla.suse.com/show_bug.cgi?id=1264674 * https://bugzilla.suse.com/show_bug.cgi?id=1264801 * https://bugzilla.suse.com/show_bug.cgi?id=1264848 * https://bugzilla.suse.com/show_bug.cgi?id=1265085 * https://bugzilla.suse.com/show_bug.cgi?id=1265090 * https://bugzilla.suse.com/show_bug.cgi?id=1265116 * https://bugzilla.suse.com/show_bug.cgi?id=1265119 * https://bugzilla.suse.com/show_bug.cgi?id=1265126 * https://bugzilla.suse.com/show_bug.cgi?id=1265144 * https://bugzilla.suse.com/show_bug.cgi?id=1265308 * https://bugzilla.suse.com/show_bug.cgi?id=1265421 * https://bugzilla.suse.com/show_bug.cgi?id=1265449 * https://bugzilla.suse.com/show_bug.cgi?id=1265456 * https://bugzilla.suse.com/show_bug.cgi?id=1265626 * https://bugzilla.suse.com/show_bug.cgi?id=1265846 * https://bugzilla.suse.com/show_bug.cgi?id=1265960 * https://jira.suse.com/browse/PED-7249 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:50:03 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:50:03 -0000 Subject: SUSE-SU-2026:21915-1: important: Security update for helm Message-ID: <178041900372.42.16637026251531832131@b0da085613fb> # Security update for helm Announcement ID: SUSE-SU-2026:21915-1 Release Date: 2026-05-28T15:45:22Z Rating: important References: * bsc#1265428 * bsc#1265758 Cross-References: * CVE-2026-33814 * CVE-2026-41888 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-41888 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-41888 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-41888 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-41888 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L Affected Products: * SUSE Linux Micro 6.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for helm fixes the following issues * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265758). * CVE-2026-41888: github.com/distribution/distribution/v3: tag deletion bypasses the storage.delete.enabled configuration (bsc#1265428). Changes for helm: * Update to version 3.21.0. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-734=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * helm-3.21.0-1.1 * helm-debuginfo-3.21.0-1.1 * SUSE Linux Micro 6.0 (noarch) * helm-bash-completion-3.21.0-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://www.suse.com/security/cve/CVE-2026-41888.html * https://bugzilla.suse.com/show_bug.cgi?id=1265428 * https://bugzilla.suse.com/show_bug.cgi?id=1265758 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:50:06 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:50:06 -0000 Subject: SUSE-SU-2026:21914-1: moderate: Security update for python-idna Message-ID: <178041900685.42.7293515426608800655@b0da085613fb> # Security update for python-idna Announcement ID: SUSE-SU-2026:21914-1 Release Date: 2026-05-28T15:43:54Z Rating: moderate References: * bsc#1265413 Cross-References: * CVE-2026-45409 CVSS scores: * CVE-2026-45409 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-45409 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for python-idna fixes the following issue * CVE-2026-45409: specially crafted inputs to idna.encode() can bypass earlier security fix (bsc#1265413). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-733=1 ## Package List: * SUSE Linux Micro 6.0 (noarch) * python311-idna-3.4-9.1 ## References: * https://www.suse.com/security/cve/CVE-2026-45409.html * https://bugzilla.suse.com/show_bug.cgi?id=1265413 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:50:27 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:50:27 -0000 Subject: SUSE-SU-2026:21913-1: important: Security update for unbound Message-ID: <178041902781.42.8277866126788117042@b0da085613fb> # Security update for unbound Announcement ID: SUSE-SU-2026:21913-1 Release Date: 2026-05-28T15:43:53Z Rating: important References: * bsc#1265578 * bsc#1265580 * bsc#1265581 * bsc#1265582 * bsc#1265583 * bsc#1265584 * bsc#1265585 * bsc#1265586 * bsc#1265587 * bsc#1265588 * bsc#1265589 Cross-References: * CVE-2026-32792 * CVE-2026-33278 * CVE-2026-40622 * CVE-2026-41292 * CVE-2026-42534 * CVE-2026-42923 * CVE-2026-42944 * CVE-2026-42959 * CVE-2026-42960 * CVE-2026-44390 * CVE-2026-44608 CVSS scores: * CVE-2026-32792 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32792 ( NVD ): 4.6 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green * CVE-2026-32792 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-33278 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-33278 ( NVD ): 9.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red * CVE-2026-33278 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-40622 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-40622 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-40622 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-41292 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-41292 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red * CVE-2026-41292 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42534 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42534 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-42534 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-42923 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42923 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-42923 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-42944 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-42944 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red * CVE-2026-42944 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42959 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42959 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red * CVE-2026-42959 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42960 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-42960 ( NVD ): 5.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-42960 ( NVD ): 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H * CVE-2026-44390 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-44390 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-44390 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-44608 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-44608 ( NVD ): 4.6 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-44608 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves 11 vulnerabilities can now be installed. ## Description: This update for unbound fixes the following issues * CVE-2026-32792: Packet of death with DNSCrypt (bsc#1265583). * CVE-2026-33278: Possible remote code execution during DNSSEC validation (bsc#1265587). * CVE-2026-40622: "Ghost domain name" variant (bsc#1265581). * CVE-2026-41292: Parsing a long list of incoming EDNS options degrades performance (bsc#1265580). * CVE-2026-42534: Jostle logic bypass degrades resolution performance (bsc#1265585). * CVE-2026-42923: Degradation of service with unbounded NSEC3 hash calculations (bsc#1265589). * CVE-2026-42944: Heap overflow and crash with multiple nsid, cookie, padding EDNS options (bsc#1265578). * CVE-2026-42959: Crash during DNSSEC validation of malicious content (bsc#1265586). * CVE-2026-42960: Possible cache poisoning attack while following delegation (bsc#1265588). * CVE-2026-44390: Unbounded name compression in certain cases causes degradation of service (bsc#1265584). * CVE-2026-44608: Use after free and crash in RPZ code (bsc#1265582). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-732=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * libunbound8-1.22.0-3.1 * unbound-anchor-1.22.0-3.1 * unbound-debugsource-1.22.0-3.1 * unbound-anchor-debuginfo-1.22.0-3.1 * libunbound8-debuginfo-1.22.0-3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-32792.html * https://www.suse.com/security/cve/CVE-2026-33278.html * https://www.suse.com/security/cve/CVE-2026-40622.html * https://www.suse.com/security/cve/CVE-2026-41292.html * https://www.suse.com/security/cve/CVE-2026-42534.html * https://www.suse.com/security/cve/CVE-2026-42923.html * https://www.suse.com/security/cve/CVE-2026-42944.html * https://www.suse.com/security/cve/CVE-2026-42959.html * https://www.suse.com/security/cve/CVE-2026-42960.html * https://www.suse.com/security/cve/CVE-2026-44390.html * https://www.suse.com/security/cve/CVE-2026-44608.html * https://bugzilla.suse.com/show_bug.cgi?id=1265578 * https://bugzilla.suse.com/show_bug.cgi?id=1265580 * https://bugzilla.suse.com/show_bug.cgi?id=1265581 * https://bugzilla.suse.com/show_bug.cgi?id=1265582 * https://bugzilla.suse.com/show_bug.cgi?id=1265583 * https://bugzilla.suse.com/show_bug.cgi?id=1265584 * https://bugzilla.suse.com/show_bug.cgi?id=1265585 * https://bugzilla.suse.com/show_bug.cgi?id=1265586 * https://bugzilla.suse.com/show_bug.cgi?id=1265587 * https://bugzilla.suse.com/show_bug.cgi?id=1265588 * https://bugzilla.suse.com/show_bug.cgi?id=1265589 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:50:42 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:50:42 -0000 Subject: SUSE-SU-2026:21912-1: important: Security update for qemu Message-ID: <178041904220.42.16930126151290278268@b0da085613fb> # Security update for qemu Announcement ID: SUSE-SU-2026:21912-1 Release Date: 2026-05-28T15:31:35Z Rating: important References: * bsc#1255400 * bsc#1256484 * bsc#1258509 * bsc#1259079 * bsc#1259080 * bsc#1262089 Cross-References: * CVE-2025-14876 * CVE-2026-0665 * CVE-2026-2243 * CVE-2026-3195 * CVE-2026-3196 * CVE-2026-3842 CVSS scores: * CVE-2025-14876 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-14876 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-14876 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-0665 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-0665 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-0665 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2026-2243 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-2243 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2026-2243 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-3195 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:H/SI:H/SA:H * CVE-2026-3195 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-3196 ( SUSE ): 8.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2026-3196 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2026-3842 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-3842 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for qemu fixes the following issues * CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto (bsc#1255400). * CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption (bsc#1256484). * CVE-2026-2243: incorrect bounds check leads to heap out-of-bounds read and a 12-byte information leak when processing specially crafted VMDK files (bsc#1258509). * CVE-2026-3195: heap buffer overflow when reading input audio in the virtio- snd device input callback due to insufficient checks in `virtio_snd_pcm_in_cb` (bsc#1259080). * CVE-2026-3196: integer overflow in the virtio-snd device via PCM_INFO requests from the guest leads to unbounded memory allocation and host denial-of-service (bsc#1259079). * CVE-2026-3842: hyperv/syndbg: missing mapped-length guard after cpu_physical_memory_map causes host OOB write (bsc#1262089). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-731=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * qemu-hw-usb-redirect-8.2.10-3.1 * qemu-ksm-8.2.10-3.1 * qemu-hw-display-qxl-8.2.10-3.1 * qemu-debuginfo-8.2.10-3.1 * qemu-hw-display-virtio-gpu-debuginfo-8.2.10-3.1 * qemu-ui-opengl-debuginfo-8.2.10-3.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-8.2.10-3.1 * qemu-hw-usb-host-8.2.10-3.1 * qemu-guest-agent-8.2.10-3.1 * qemu-block-rbd-debuginfo-8.2.10-3.1 * qemu-ui-spice-core-8.2.10-3.1 * qemu-block-curl-debuginfo-8.2.10-3.1 * qemu-hw-usb-redirect-debuginfo-8.2.10-3.1 * qemu-debugsource-8.2.10-3.1 * qemu-hw-display-virtio-gpu-pci-8.2.10-3.1 * qemu-hw-display-qxl-debuginfo-8.2.10-3.1 * qemu-guest-agent-debuginfo-8.2.10-3.1 * qemu-block-iscsi-8.2.10-3.1 * qemu-tools-8.2.10-3.1 * qemu-hw-display-virtio-vga-debuginfo-8.2.10-3.1 * qemu-audio-spice-debuginfo-8.2.10-3.1 * qemu-block-curl-8.2.10-3.1 * qemu-pr-helper-8.2.10-3.1 * qemu-block-rbd-8.2.10-3.1 * qemu-block-ssh-debuginfo-8.2.10-3.1 * qemu-chardev-spice-8.2.10-3.1 * qemu-chardev-spice-debuginfo-8.2.10-3.1 * qemu-audio-spice-8.2.10-3.1 * qemu-img-8.2.10-3.1 * qemu-hw-display-virtio-gpu-8.2.10-3.1 * qemu-ui-spice-core-debuginfo-8.2.10-3.1 * qemu-img-debuginfo-8.2.10-3.1 * qemu-hw-usb-host-debuginfo-8.2.10-3.1 * qemu-hw-display-virtio-vga-8.2.10-3.1 * qemu-ui-opengl-8.2.10-3.1 * qemu-8.2.10-3.1 * qemu-tools-debuginfo-8.2.10-3.1 * qemu-block-iscsi-debuginfo-8.2.10-3.1 * qemu-pr-helper-debuginfo-8.2.10-3.1 * qemu-block-ssh-8.2.10-3.1 * SUSE Linux Micro 6.0 (aarch64) * qemu-arm-8.2.10-3.1 * qemu-arm-debuginfo-8.2.10-3.1 * SUSE Linux Micro 6.0 (x86_64) * qemu-accel-tcg-x86-debuginfo-8.2.10-3.1 * qemu-x86-debuginfo-8.2.10-3.1 * qemu-accel-tcg-x86-8.2.10-3.1 * qemu-x86-8.2.10-3.1 * SUSE Linux Micro 6.0 (noarch) * qemu-ipxe-8.2.10-3.1 * qemu-lang-8.2.10-3.1 * qemu-seabios-8.2.101.16.3_3_ga95067eb-3.1 * qemu-vgabios-8.2.101.16.3_3_ga95067eb-3.1 * SUSE Linux Micro 6.0 (s390x) * qemu-s390x-debuginfo-8.2.10-3.1 * qemu-s390x-8.2.10-3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-14876.html * https://www.suse.com/security/cve/CVE-2026-0665.html * https://www.suse.com/security/cve/CVE-2026-2243.html * https://www.suse.com/security/cve/CVE-2026-3195.html * https://www.suse.com/security/cve/CVE-2026-3196.html * https://www.suse.com/security/cve/CVE-2026-3842.html * https://bugzilla.suse.com/show_bug.cgi?id=1255400 * https://bugzilla.suse.com/show_bug.cgi?id=1256484 * https://bugzilla.suse.com/show_bug.cgi?id=1258509 * https://bugzilla.suse.com/show_bug.cgi?id=1259079 * https://bugzilla.suse.com/show_bug.cgi?id=1259080 * https://bugzilla.suse.com/show_bug.cgi?id=1262089 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:50:57 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:50:57 -0000 Subject: SUSE-SU-2026:21910-1: important: Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041905741.42.2314544516426660465@b0da085613fb> # Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21910-1 Release Date: 2026-06-01T09:32:33Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-454=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-6_4_0-30-rt-debuginfo-19-1.3 * kernel-livepatch-MICRO-6-0-RT_Update_7-debugsource-19-1.3 * kernel-livepatch-6_4_0-30-rt-19-1.3 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:51:03 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:51:03 -0000 Subject: SUSE-SU-2026:21909-1: important: Security update for the Linux Kernel RT (Live Patch 19 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041906355.42.15970739320782988520@b0da085613fb> # Security update for the Linux Kernel RT (Live Patch 19 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21909-1 Release Date: 2026-06-01T09:26:53Z Rating: important References: * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-41.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-449=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-6_4_0-41-rt-4-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_19-debugsource-4-1.1 * kernel-livepatch-6_4_0-41-rt-debuginfo-4-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:51:12 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:51:12 -0000 Subject: SUSE-SU-2026:21908-1: important: Security update for the Linux Kernel RT (Live Patch 18 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041907260.42.10933477457262713662@b0da085613fb> # Security update for the Linux Kernel RT (Live Patch 18 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21908-1 Release Date: 2026-06-01T09:26:52Z Rating: important References: * bsc#1259798 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-40.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-448=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_18-debugsource-5-1.1 * kernel-livepatch-6_4_0-40-rt-5-1.1 * kernel-livepatch-6_4_0-40-rt-debuginfo-5-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:51:23 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:51:23 -0000 Subject: SUSE-SU-2026:21907-1: important: Security update for the Linux Kernel RT (Live Patch 15 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041908303.42.15587488002571566398@b0da085613fb> # Security update for the Linux Kernel RT (Live Patch 15 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21907-1 Release Date: 2026-06-01T09:26:52Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-39.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-447=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-6_4_0-39-rt-6-1.1 * kernel-livepatch-6_4_0-39-rt-debuginfo-6-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_15-debugsource-6-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:51:33 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:51:33 -0000 Subject: SUSE-SU-2026:21906-1: important: Security update for the Linux Kernel RT (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041909340.42.6969857915655319228@b0da085613fb> # Security update for the Linux Kernel RT (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21906-1 Release Date: 2026-06-01T09:26:52Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-446=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_14-debugsource-7-1.1 * kernel-livepatch-6_4_0-38-rt-7-1.1 * kernel-livepatch-6_4_0-38-rt-debuginfo-7-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:51:45 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:51:45 -0000 Subject: SUSE-SU-2026:21905-1: important: Security update for the Linux Kernel RT (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041910520.42.9688895371830116967@b0da085613fb> # Security update for the Linux Kernel RT (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21905-1 Release Date: 2026-06-01T09:26:52Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-37.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-445=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_13-debugsource-7-1.1 * kernel-livepatch-6_4_0-37-rt-debuginfo-7-1.1 * kernel-livepatch-6_4_0-37-rt-7-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:51:55 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:51:55 -0000 Subject: SUSE-SU-2026:21904-1: important: Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041911579.42.12267726373695650475@b0da085613fb> # Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21904-1 Release Date: 2026-06-01T09:26:52Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-444=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-6_4_0-36-rt-debuginfo-11-1.1 * kernel-livepatch-6_4_0-36-rt-11-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_12-debugsource-11-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:52:08 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:52:08 -0000 Subject: SUSE-SU-2026:21903-1: important: Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041912801.42.6640493476304031128@b0da085613fb> # Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21903-1 Release Date: 2026-06-01T09:26:52Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-32.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-443=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-6_4_0-35-rt-debuginfo-12-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_11-debugsource-12-1.1 * kernel-livepatch-6_4_0-35-rt-12-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:52:19 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:52:19 -0000 Subject: SUSE-SU-2026:21902-1: important: Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041913955.42.1622477134766550826@b0da085613fb> # Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21902-1 Release Date: 2026-06-01T09:26:51Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-442=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-6_4_0-34-rt-debuginfo-16-1.1 * kernel-livepatch-6_4_0-34-rt-16-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_10-debugsource-16-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:52:32 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:52:32 -0000 Subject: SUSE-SU-2026:21901-1: important: Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041915213.42.4743981779984900476@b0da085613fb> # Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21901-1 Release Date: 2026-06-01T09:26:51Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-33.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-441=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-6_4_0-33-rt-16-1.2 * kernel-livepatch-6_4_0-33-rt-debuginfo-16-1.2 * kernel-livepatch-MICRO-6-0-RT_Update_9-debugsource-16-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:52:42 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:52:42 -0000 Subject: SUSE-SU-2026:21900-1: important: Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041916289.42.1975195803026394933@b0da085613fb> # Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21900-1 Release Date: 2026-06-01T09:26:51Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-440=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-6_4_0-31-rt-debuginfo-18-1.2 * kernel-livepatch-MICRO-6-0-RT_Update_8-debugsource-18-1.2 * kernel-livepatch-6_4_0-31-rt-18-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:52:44 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:52:44 -0000 Subject: SUSE-SU-2026:21899-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_24 Message-ID: <178041916422.42.11708931117699738938@b0da085613fb> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_24 Announcement ID: SUSE-SU-2026:21899-1 Release Date: 2026-05-29T16:12:43Z Rating: important References: Affected Products: * SUSE Linux Micro 6.1 An update that can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_24 fixes the following issues: * New livepatch SLE Micro 6.0/6.1 kernel update 24 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-438=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_24-debugsource-1-1.1 * kernel-livepatch-6_4_0-47-rt-debuginfo-1-1.1 * kernel-livepatch-6_4_0-47-rt-1-1.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:52:55 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:52:55 -0000 Subject: SUSE-SU-2026:21897-1: moderate: Security update for ucode-intel Message-ID: <178041917550.42.1688202658497574858@b0da085613fb> # Security update for ucode-intel Announcement ID: SUSE-SU-2026:21897-1 Release Date: 2026-05-22T09:37:17Z Rating: moderate References: * bsc#1230400 * bsc#1249138 * bsc#1253319 * bsc#1265189 Cross-References: * CVE-2025-35979 CVSS scores: * CVE-2025-35979 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-35979 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-35979 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability and has three fixes can now be installed. ## Description: This update for ucode-intel fixes the following issues Security issue: * CVE-2025-35979: data leaks fixed in 20260512 release (bsc#1265189). Non security issues: * TW 20250826 Kernel 6.16.3 tainted with value of 4 after reboot. (bsc#1249138). * Intel CPU Microcode was updated to the 20260512 release (bsc#1265189) ### New Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | PTL 404 | A1 | 06-cc-03/90 | | 0000011b | Intel Core Ultra Processor (Series 3) | PTL-H 484/12Xe | A0/B0 | 06-cc-02/90 | | 0000011b | Intel Core Ultra Processor (Series 3) ### Updated Platforms | ARL-H | A1 | 06-c5-02/82 | 0000011b | 00000121 | Core Ultra Processor (Series 2) | ARL-S/HX (8P) | B0 | 06-c6-02/82 | 0000011b | 00000121 | Core Ultra Processor (Series 2) | EMR- SP | A1 | 06-cf-02/87 | 210002d3 | 210002e0 | Xeon Scalable Gen5 | GNR-AP/SP | Bx/Hx/Lx | 06-ad-01/95 | 01000405 | 01000423 | Xeon 6900/6700/6500 Series Processors with P-Cores | GNR-D | B0/B1 | 06-ae-01/97 | 01000303 | 01000307 | Xeon 6700P-B/6500P-B Series SoC with P-Cores | GNR-SP R1S | Bx/Hx/Lx | 06-ad-01/20 | 0a000133 | 0a000142 | Xeon 6700/6500-Series Processors with P-Cores | LNL | B0 | 06-bd-01/80 | 00000125 | 00000126 | Core Ultra 200 V Series Processor | SPR-SP | E4/S2 | 06-8f-07/87 | 2b000661 | 2b000670 | Xeon Scalable Gen4 | SPR-SP | E5/S3 | 06-8f-08/87 | 2b000661 | 2b000670 | Xeon Scalable Gen4 | SRF-AP/SP | C0 | 06-af-03/01 | 03000382 | 030003a3 | Xeon 6900/6700-Series Processors with E-Cores ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-545=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * ucode-intel-20260512-slfo.1.1_1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-35979.html * https://bugzilla.suse.com/show_bug.cgi?id=1230400 * https://bugzilla.suse.com/show_bug.cgi?id=1249138 * https://bugzilla.suse.com/show_bug.cgi?id=1253319 * https://bugzilla.suse.com/show_bug.cgi?id=1265189 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:53:05 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:53:05 -0000 Subject: SUSE-SU-2026:21896-1: important: Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041918593.42.1698307991281502906@b0da085613fb> # Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21896-1 Release Date: 2026-06-01T09:27:23Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-35.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-453=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_12-debugsource-11-1.1 * kernel-livepatch-6_4_0-35-default-debuginfo-11-1.1 * kernel-livepatch-6_4_0-35-default-11-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:53:12 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:53:12 -0000 Subject: SUSE-SU-2026:21895-1: important: Security update for the Linux Kernel (Live Patch 18 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041919250.42.1688974732200649726@b0da085613fb> # Security update for the Linux Kernel (Live Patch 18 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21895-1 Release Date: 2026-06-01T09:26:24Z Rating: important References: * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-41.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-461=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-41-default-debuginfo-4-1.1 * kernel-livepatch-MICRO-6-0_Update_18-debugsource-4-1.1 * kernel-livepatch-6_4_0-41-default-4-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:53:29 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:53:29 -0000 Subject: SUSE-SU-2026:21894-1: important: Security update for the Linux Kernel (Live Patch 17 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041920963.42.14124021391538495388@b0da085613fb> # Security update for the Linux Kernel (Live Patch 17 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21894-1 Release Date: 2026-06-01T09:26:24Z Rating: important References: * bsc#1259798 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-40.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-460=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_17-debugsource-5-1.1 * kernel-livepatch-6_4_0-40-default-debuginfo-5-1.1 * kernel-livepatch-6_4_0-40-default-5-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:53:40 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:53:40 -0000 Subject: SUSE-SU-2026:21893-1: important: Security update for the Linux Kernel (Live Patch 16 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041922033.42.1022518357854914106@b0da085613fb> # Security update for the Linux Kernel (Live Patch 16 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21893-1 Release Date: 2026-06-01T09:26:24Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-39.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-459=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-39-default-6-1.1 * kernel-livepatch-6_4_0-39-default-debuginfo-6-1.1 * kernel-livepatch-MICRO-6-0_Update_16-debugsource-6-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:53:50 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:53:50 -0000 Subject: SUSE-SU-2026:21892-1: important: Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041923075.42.16397801251223017621@b0da085613fb> # Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21892-1 Release Date: 2026-06-01T09:26:24Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-458=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-38-default-debuginfo-7-1.2 * kernel-livepatch-6_4_0-38-default-7-1.2 * kernel-livepatch-MICRO-6-0_Update_14-debugsource-7-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:54:01 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:54:01 -0000 Subject: SUSE-SU-2026:21891-1: important: Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041924166.42.9824736421490322938@b0da085613fb> # Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21891-1 Release Date: 2026-06-01T09:26:24Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-457=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_13-debugsource-9-1.1 * kernel-livepatch-6_4_0-36-default-debuginfo-9-1.1 * kernel-livepatch-6_4_0-36-default-9-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:54:12 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:54:12 -0000 Subject: SUSE-SU-2026:21890-1: important: Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041925279.42.8825988448940988704@b0da085613fb> # Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21890-1 Release Date: 2026-06-01T09:26:24Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-452=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-34-default-debuginfo-11-1.1 * kernel-livepatch-MICRO-6-0_Update_11-debugsource-11-1.1 * kernel-livepatch-6_4_0-34-default-11-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:54:23 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:54:23 -0000 Subject: SUSE-SU-2026:21889-1: important: Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041926367.42.12331598049124335992@b0da085613fb> # Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21889-1 Release Date: 2026-06-01T09:26:24Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-32.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-451=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_10-debugsource-12-1.1 * kernel-livepatch-6_4_0-32-default-debuginfo-12-1.1 * kernel-livepatch-6_4_0-32-default-12-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:54:33 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:54:33 -0000 Subject: SUSE-SU-2026:21888-1: important: Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041927386.42.1663002034622822757@b0da085613fb> # Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21888-1 Release Date: 2026-06-01T09:26:24Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-456=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-31-default-18-1.2 * kernel-livepatch-MICRO-6-0_Update_9-debugsource-18-1.2 * kernel-livepatch-6_4_0-31-default-debuginfo-18-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:54:48 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:54:48 -0000 Subject: SUSE-SU-2026:21887-1: important: Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041928823.42.9374634822409664551@b0da085613fb> # Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21887-1 Release Date: 2026-06-01T09:26:24Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-455=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-30-default-18-1.2 * kernel-livepatch-6_4_0-30-default-debuginfo-18-1.2 * kernel-livepatch-MICRO-6-0_Update_8-debugsource-18-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:54:58 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:54:58 -0000 Subject: SUSE-SU-2026:21886-1: important: Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) Message-ID: <178041929884.42.2242145580426075867@b0da085613fb> # Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21886-1 Release Date: 2026-06-01T09:26:24Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-29.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-450=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_7-debugsource-19-1.2 * kernel-livepatch-6_4_0-29-default-debuginfo-19-1.2 * kernel-livepatch-6_4_0-29-default-19-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:55:00 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:55:00 -0000 Subject: SUSE-SU-2026:21885-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_23 Message-ID: <178041930020.42.3824003357792384788@b0da085613fb> # Security update for kernel-livepatch-MICRO-6-0_Update_23 Announcement ID: SUSE-SU-2026:21885-1 Release Date: 2026-05-29T16:13:04Z Rating: important References: Affected Products: * SUSE Linux Micro 6.1 An update that can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_23 fixes the following issues: * New livepatch SLE Micro 6.0/6.1 kernel update 23 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-436=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-46-default-1-1.1 * kernel-livepatch-6_4_0-46-default-debuginfo-1-1.1 * kernel-livepatch-MICRO-6-0_Update_23-debugsource-1-1.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:55:25 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:55:25 -0000 Subject: SUSE-SU-2026:21883-1: important: Security update for qemu Message-ID: <178041932514.42.13549856661121689834@b0da085613fb> # Security update for qemu Announcement ID: SUSE-SU-2026:21883-1 Release Date: 2026-06-01T13:50:04Z Rating: important References: * bsc#1255400 * bsc#1256484 * bsc#1258509 * bsc#1259079 * bsc#1259080 * bsc#1262089 Cross-References: * CVE-2025-14876 * CVE-2026-0665 * CVE-2026-2243 * CVE-2026-3195 * CVE-2026-3196 * CVE-2026-3842 CVSS scores: * CVE-2025-14876 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-14876 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-14876 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-0665 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-0665 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-0665 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2026-2243 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-2243 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2026-2243 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-3195 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:H/SI:H/SA:H * CVE-2026-3195 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-3196 ( SUSE ): 8.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2026-3196 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2026-3842 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-3842 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for qemu fixes the following issues * CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto (bsc#1255400). * CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption (bsc#1256484). * CVE-2026-2243: incorrect bounds check leads to heap out-of-bounds read and a 12-byte information leak when processing specially crafted VMDK files (bsc#1258509). * CVE-2026-3195: heap buffer overflow when reading input audio in the virtio- snd device input callback due to insufficient checks in `virtio_snd_pcm_in_cb` (bsc#1259080). * CVE-2026-3196: integer overflow in the virtio-snd device via PCM_INFO requests from the guest leads to unbounded memory allocation and host denial-of-service (bsc#1259079). * CVE-2026-3842: hyperv/syndbg: missing mapped-length guard after cpu_physical_memory_map causes host OOB write (bsc#1262089). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-558=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * qemu-img-8.2.10-slfo.1.1_5.1 * qemu-block-nfs-8.2.10-slfo.1.1_5.1 * qemu-8.2.10-slfo.1.1_5.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-8.2.10-slfo.1.1_5.1 * qemu-spice-8.2.10-slfo.1.1_5.1 * qemu-block-nfs-debuginfo-8.2.10-slfo.1.1_5.1 * qemu-chardev-spice-debuginfo-8.2.10-slfo.1.1_5.1 * qemu-audio-spice-debuginfo-8.2.10-slfo.1.1_5.1 * qemu-hw-display-qxl-debuginfo-8.2.10-slfo.1.1_5.1 * qemu-hw-display-virtio-gpu-debuginfo-8.2.10-slfo.1.1_5.1 * qemu-guest-agent-debuginfo-8.2.10-slfo.1.1_5.1 * qemu-block-rbd-8.2.10-slfo.1.1_5.1 * qemu-hw-usb-host-debuginfo-8.2.10-slfo.1.1_5.1 * qemu-hw-display-virtio-vga-debuginfo-8.2.10-slfo.1.1_5.1 * qemu-block-iscsi-8.2.10-slfo.1.1_5.1 * qemu-ui-opengl-debuginfo-8.2.10-slfo.1.1_5.1 * qemu-block-ssh-debuginfo-8.2.10-slfo.1.1_5.1 * qemu-tools-8.2.10-slfo.1.1_5.1 * qemu-hw-usb-host-8.2.10-slfo.1.1_5.1 * qemu-block-ssh-8.2.10-slfo.1.1_5.1 * qemu-chardev-spice-8.2.10-slfo.1.1_5.1 * qemu-guest-agent-8.2.10-slfo.1.1_5.1 * qemu-ui-spice-core-debuginfo-8.2.10-slfo.1.1_5.1 * qemu-hw-display-virtio-vga-8.2.10-slfo.1.1_5.1 * qemu-block-curl-8.2.10-slfo.1.1_5.1 * qemu-hw-display-virtio-gpu-pci-8.2.10-slfo.1.1_5.1 * qemu-pr-helper-debuginfo-8.2.10-slfo.1.1_5.1 * qemu-hw-usb-redirect-debuginfo-8.2.10-slfo.1.1_5.1 * qemu-hw-display-virtio-gpu-8.2.10-slfo.1.1_5.1 * qemu-block-curl-debuginfo-8.2.10-slfo.1.1_5.1 * qemu-headless-8.2.10-slfo.1.1_5.1 * qemu-block-rbd-debuginfo-8.2.10-slfo.1.1_5.1 * qemu-tools-debuginfo-8.2.10-slfo.1.1_5.1 * qemu-debuginfo-8.2.10-slfo.1.1_5.1 * qemu-ksm-8.2.10-slfo.1.1_5.1 * qemu-hw-display-qxl-8.2.10-slfo.1.1_5.1 * qemu-img-debuginfo-8.2.10-slfo.1.1_5.1 * qemu-hw-usb-redirect-8.2.10-slfo.1.1_5.1 * qemu-ui-opengl-8.2.10-slfo.1.1_5.1 * qemu-debugsource-8.2.10-slfo.1.1_5.1 * qemu-block-iscsi-debuginfo-8.2.10-slfo.1.1_5.1 * qemu-pr-helper-8.2.10-slfo.1.1_5.1 * qemu-ui-spice-core-8.2.10-slfo.1.1_5.1 * qemu-audio-spice-8.2.10-slfo.1.1_5.1 * SUSE Linux Micro 6.1 (noarch) * qemu-SLOF-8.2.10-slfo.1.1_5.1 * qemu-lang-8.2.10-slfo.1.1_5.1 * qemu-vgabios-8.2.101.16.3_3_ga95067eb-slfo.1.1_5.1 * qemu-ipxe-8.2.10-slfo.1.1_5.1 * qemu-seabios-8.2.101.16.3_3_ga95067eb-slfo.1.1_5.1 * SUSE Linux Micro 6.1 (aarch64) * qemu-arm-8.2.10-slfo.1.1_5.1 * qemu-arm-debuginfo-8.2.10-slfo.1.1_5.1 * SUSE Linux Micro 6.1 (s390x) * qemu-s390x-debuginfo-8.2.10-slfo.1.1_5.1 * qemu-s390x-8.2.10-slfo.1.1_5.1 * SUSE Linux Micro 6.1 (x86_64) * qemu-accel-tcg-x86-debuginfo-8.2.10-slfo.1.1_5.1 * qemu-x86-debuginfo-8.2.10-slfo.1.1_5.1 * qemu-accel-tcg-x86-8.2.10-slfo.1.1_5.1 * qemu-x86-8.2.10-slfo.1.1_5.1 * SUSE Linux Micro 6.1 (ppc64le) * qemu-ppc-8.2.10-slfo.1.1_5.1 * qemu-ppc-debuginfo-8.2.10-slfo.1.1_5.1 ## References: * https://www.suse.com/security/cve/CVE-2025-14876.html * https://www.suse.com/security/cve/CVE-2026-0665.html * https://www.suse.com/security/cve/CVE-2026-2243.html * https://www.suse.com/security/cve/CVE-2026-3195.html * https://www.suse.com/security/cve/CVE-2026-3196.html * https://www.suse.com/security/cve/CVE-2026-3842.html * https://bugzilla.suse.com/show_bug.cgi?id=1255400 * https://bugzilla.suse.com/show_bug.cgi?id=1256484 * https://bugzilla.suse.com/show_bug.cgi?id=1258509 * https://bugzilla.suse.com/show_bug.cgi?id=1259079 * https://bugzilla.suse.com/show_bug.cgi?id=1259080 * https://bugzilla.suse.com/show_bug.cgi?id=1262089 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:55:33 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:55:33 -0000 Subject: SUSE-SU-2026:21882-1: critical: Security update for nvidia-open-driver-G06-signed Message-ID: <178041933386.42.6336174757172184354@b0da085613fb> # Security update for nvidia-open-driver-G06-signed Announcement ID: SUSE-SU-2026:21882-1 Release Date: 2026-06-01T12:57:24Z Rating: critical References: * bsc#1212841 * bsc#1259719 * bsc#1259740 * bsc#1262749 * bsc#1263834 * jsc#PED-15826 Cross-References: * CVE-2025-33221 * CVE-2026-24182 * CVE-2026-24187 * CVE-2026-24192 * CVE-2026-24194 * CVE-2026-24195 * CVE-2026-24196 * CVE-2026-24197 * CVE-2026-24198 * CVE-2026-24199 CVSS scores: * CVE-2025-33221 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-24182 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2026-24187 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-24192 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-24194 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-24195 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H * CVE-2026-24196 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-24197 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2026-24198 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2026-24199 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves 10 vulnerabilities and contains one feature can now be installed. ## Description: This update for nvidia-open-driver-G06-signed fixes the following issues: * Get rid of "'naked' return found in MITIGATION_RETHUNK build" objtool warnings (bsc#1212841, bsc#1263834) * update CUDA variant to 580.159.03 * update non-CUDA variant to 580.159.03 (bsc#1262749) * Fixes CVEs: CVE-2025-33221, CVE-2026-24187, CVE-2026-24182, CVE-2026-24192, CVE-2026-24194, CVE-2026-24195, CVE-2026-24196, CVE-2026-24197, CVE-2026-24198, CVE-2026-24199 * add 'Provides: open-driver-non-cuda-variant = %version' for non-CUDA variant to be able to distinguish between both variants; to be used by nvidia-open- driver-G06-signed-kmp-meta for TW ... (bsc#1259740) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-462=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 x86_64) * nvidia-open-driver-G06-signed-cuda-debugsource-580.159.03-1.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-580.159.03_k6.4.0_46-1.1 * nvidia-open-driver-G06-signed-kmp-default-580.159.03_k6.4.0_46-1.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-580.159.03_k6.4.0_46-1.1 * nvidia-open-driver-G06-signed-debugsource-580.159.03-1.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-580.159.03_k6.4.0_46-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-33221.html * https://www.suse.com/security/cve/CVE-2026-24182.html * https://www.suse.com/security/cve/CVE-2026-24187.html * https://www.suse.com/security/cve/CVE-2026-24192.html * https://www.suse.com/security/cve/CVE-2026-24194.html * https://www.suse.com/security/cve/CVE-2026-24195.html * https://www.suse.com/security/cve/CVE-2026-24196.html * https://www.suse.com/security/cve/CVE-2026-24197.html * https://www.suse.com/security/cve/CVE-2026-24198.html * https://www.suse.com/security/cve/CVE-2026-24199.html * https://bugzilla.suse.com/show_bug.cgi?id=1212841 * https://bugzilla.suse.com/show_bug.cgi?id=1259719 * https://bugzilla.suse.com/show_bug.cgi?id=1259740 * https://bugzilla.suse.com/show_bug.cgi?id=1262749 * https://bugzilla.suse.com/show_bug.cgi?id=1263834 * https://jira.suse.com/browse/PED-15826 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:55:42 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:55:42 -0000 Subject: SUSE-SU-2026:21881-1: important: Security update for helm Message-ID: <178041934228.42.15747331363538609126@b0da085613fb> # Security update for helm Announcement ID: SUSE-SU-2026:21881-1 Release Date: 2026-06-01T10:45:04Z Rating: important References: * bsc#1265428 * bsc#1265758 Cross-References: * CVE-2026-33814 * CVE-2026-41888 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-41888 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-41888 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-41888 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-41888 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L Affected Products: * SUSE Linux Micro 6.1 An update that solves two vulnerabilities can now be installed. ## Description: This update for helm fixes the following issues * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265758). * CVE-2026-41888: github.com/distribution/distribution/v3: tag deletion bypasses the storage.delete.enabled configuration (bsc#1265428). Changes for helm: * Update to version 3.21.0. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-554=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * helm-3.21.0-slfo.1.1_1.1 * helm-debuginfo-3.21.0-slfo.1.1_1.1 * SUSE Linux Micro 6.1 (noarch) * helm-bash-completion-3.21.0-slfo.1.1_1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://www.suse.com/security/cve/CVE-2026-41888.html * https://bugzilla.suse.com/show_bug.cgi?id=1265428 * https://bugzilla.suse.com/show_bug.cgi?id=1265758 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:55:55 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:55:55 -0000 Subject: SUSE-SU-2026:21879-1: important: Security update for libsoup Message-ID: <178041935545.42.4677524221122044094@b0da085613fb> # Security update for libsoup Announcement ID: SUSE-SU-2026:21879-1 Release Date: 2026-06-01T10:09:20Z Rating: important References: * bsc#1259767 Cross-References: * CVE-2026-4271 CVSS scores: * CVE-2026-4271 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-4271 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-4271 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-4271 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for libsoup fixes the following issue * CVE-2026-4271: use-after-free in the HTTP/2 server when user signal handlers disconnect connections during callback execution (bsc#1259767). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-556=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * libsoup-debugsource-3.4.4-slfo.1.1_9.1 * libsoup-3_0-0-debuginfo-3.4.4-slfo.1.1_9.1 * libsoup-3_0-0-3.4.4-slfo.1.1_9.1 ## References: * https://www.suse.com/security/cve/CVE-2026-4271.html * https://bugzilla.suse.com/show_bug.cgi?id=1259767 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:55:52 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:55:52 -0000 Subject: SUSE-SU-2026:21880-1: important: Security update for vim Message-ID: <178041935249.42.190238389136905409@b0da085613fb> # Security update for vim Announcement ID: SUSE-SU-2026:21880-1 Release Date: 2026-06-01T10:45:03Z Rating: important References: * bsc#1262395 * bsc#1264706 * bsc#1264707 * bsc#1264708 * bsc#1265349 * bsc#1265360 Cross-References: * CVE-2026-42307 * CVE-2026-43961 * CVE-2026-44656 * CVE-2026-45130 * CVE-2026-46483 CVSS scores: * CVE-2026-42307 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-43961 ( SUSE ): 5.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43961 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2026-44656 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-44656 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-44656 ( NVD ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-44656 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-45130 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2026-45130 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2026-45130 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-46483 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46483 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-46483 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-46483 ( NVD ): 3.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves five vulnerabilities and has one fix can now be installed. ## Description: This update for vim fixes the following issues * CVE-2026-42307: Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim (bsc#1264706). * CVE-2026-43961: Vimscript Code Injection in netrw NetrwMarkFile() via crafted filename (bsc#1265349). * CVE-2026-44656: Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's: find command-line completion (bsc#1264707). * CVE-2026-45130: Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 encoding active (bsc#1264708). * CVE-2026-46483: command injection via `tar#Vimuntar()` in `runtime/autoload/tar.vim` when decompressing `.tgz` archives on Unix-like systems (bsc#1265360). Changes for vim: * Update to v9.2.0530. * Fix for incorrectly detecting scientific parameter files as bitbake recipies. (bsc#1262395) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-557=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * vim-debugsource-9.2.0530-slfo.1.1_1.1 * vim-small-9.2.0530-slfo.1.1_1.1 * vim-small-debuginfo-9.2.0530-slfo.1.1_1.1 * SUSE Linux Micro 6.1 (noarch) * vim-data-common-9.2.0530-slfo.1.1_1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-42307.html * https://www.suse.com/security/cve/CVE-2026-43961.html * https://www.suse.com/security/cve/CVE-2026-44656.html * https://www.suse.com/security/cve/CVE-2026-45130.html * https://www.suse.com/security/cve/CVE-2026-46483.html * https://bugzilla.suse.com/show_bug.cgi?id=1262395 * https://bugzilla.suse.com/show_bug.cgi?id=1264706 * https://bugzilla.suse.com/show_bug.cgi?id=1264707 * https://bugzilla.suse.com/show_bug.cgi?id=1264708 * https://bugzilla.suse.com/show_bug.cgi?id=1265349 * https://bugzilla.suse.com/show_bug.cgi?id=1265360 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 16:56:01 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 16:56:01 -0000 Subject: SUSE-SU-2026:21878-1: critical: Security update for nvidia-open-driver-G07-signed Message-ID: <178041936121.42.14981253241439817820@b0da085613fb> # Security update for nvidia-open-driver-G07-signed Announcement ID: SUSE-SU-2026:21878-1 Release Date: 2026-06-01T09:27:25Z Rating: critical References: * bsc#1212841 * bsc#1262574 * bsc#1263834 Cross-References: * CVE-2025-33221 * CVE-2026-24182 * CVE-2026-24187 * CVE-2026-24192 * CVE-2026-24194 * CVE-2026-24195 * CVE-2026-24196 * CVE-2026-24197 * CVE-2026-24198 * CVE-2026-24199 CVSS scores: * CVE-2025-33221 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-24182 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2026-24187 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-24192 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-24194 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-24195 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H * CVE-2026-24196 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-24197 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2026-24198 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2026-24199 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for nvidia-open-driver-G07-signed fixes the following issues: * update CUDA variant to 595.71.05 * update non-CUDA variant to 595.71.05 (bsc#1262574) * CVEs fixed: CVE-2025-33221, CVE-2026-24187, CVE-2026-24182, CVE-2026-24192, CVE-2026-24194, CVE-2026-24195, CVE-2026-24196, CVE-2026-24197, CVE-2026-24198, CVE-2026-24199 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-439=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 x86_64) * nvidia-open-driver-G07-signed-kmp-default-595.71.05_k6.4.0_46-1.1 * nvidia-open-driver-G07-signed-cuda-debugsource-595.71.05-1.1 * nvidia-open-driver-G07-signed-cuda-kmp-default-debuginfo-595.71.05_k6.4.0_46-1.1 * nvidia-open-driver-G07-signed-cuda-kmp-default-595.71.05_k6.4.0_46-1.1 * nvidia-open-driver-G07-signed-kmp-default-debuginfo-595.71.05_k6.4.0_46-1.1 * nvidia-open-driver-G07-signed-debugsource-595.71.05-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-33221.html * https://www.suse.com/security/cve/CVE-2026-24182.html * https://www.suse.com/security/cve/CVE-2026-24187.html * https://www.suse.com/security/cve/CVE-2026-24192.html * https://www.suse.com/security/cve/CVE-2026-24194.html * https://www.suse.com/security/cve/CVE-2026-24195.html * https://www.suse.com/security/cve/CVE-2026-24196.html * https://www.suse.com/security/cve/CVE-2026-24197.html * https://www.suse.com/security/cve/CVE-2026-24198.html * https://www.suse.com/security/cve/CVE-2026-24199.html * https://bugzilla.suse.com/show_bug.cgi?id=1212841 * https://bugzilla.suse.com/show_bug.cgi?id=1262574 * https://bugzilla.suse.com/show_bug.cgi?id=1263834 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 17:00:54 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 17:00:54 -0000 Subject: SUSE-SU-2026:21877-1: important: Security update for the Linux Kernel Message-ID: <178041965425.42.12803105263587243220@b0da085613fb> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:21877-1 Release Date: 2026-05-29T17:53:27Z Rating: important References: * bsc#1215199 * bsc#1234634 * bsc#1243603 * bsc#1248754 * bsc#1253122 * bsc#1253754 * bsc#1254518 * bsc#1256863 * bsc#1257631 * bsc#1258518 * bsc#1258718 * bsc#1258826 * bsc#1258849 * bsc#1258850 * bsc#1258854 * bsc#1258855 * bsc#1258856 * bsc#1258857 * bsc#1258961 * bsc#1259186 * bsc#1259199 * bsc#1259222 * bsc#1259484 * bsc#1259485 * bsc#1259535 * bsc#1259799 * bsc#1259806 * bsc#1259857 * bsc#1259868 * bsc#1259869 * bsc#1259873 * bsc#1259878 * bsc#1260010 * bsc#1260012 * bsc#1260018 * bsc#1260468 * bsc#1260483 * bsc#1260484 * bsc#1260485 * bsc#1260489 * bsc#1260501 * bsc#1260504 * bsc#1260505 * bsc#1260507 * bsc#1260522 * bsc#1260523 * bsc#1260526 * bsc#1260528 * bsc#1260529 * bsc#1260530 * bsc#1260531 * bsc#1260532 * bsc#1260533 * bsc#1260536 * bsc#1260537 * bsc#1260538 * bsc#1260541 * bsc#1260546 * bsc#1260549 * bsc#1260551 * bsc#1260552 * bsc#1260553 * bsc#1260555 * bsc#1260561 * bsc#1260566 * bsc#1260572 * bsc#1260581 * bsc#1260728 * bsc#1260729 * bsc#1260731 * bsc#1260800 * bsc#1260811 * bsc#1261020 * bsc#1261287 * bsc#1261295 * bsc#1261348 * bsc#1261503 * bsc#1261504 * bsc#1261581 * bsc#1261582 * bsc#1261584 * bsc#1261601 * bsc#1261602 * bsc#1261618 * bsc#1261628 * bsc#1261632 * bsc#1261636 * bsc#1261638 * bsc#1261641 * bsc#1261644 * bsc#1261645 * bsc#1261648 * bsc#1261679 * bsc#1261685 * bsc#1261686 * bsc#1261687 * bsc#1261692 * bsc#1261694 * bsc#1261700 * bsc#1261703 * bsc#1261707 * bsc#1261710 * bsc#1261713 * bsc#1261719 * bsc#1261750 * bsc#1261751 * bsc#1261752 * bsc#1261768 * bsc#1261778 * bsc#1261779 * bsc#1261781 * bsc#1261789 * bsc#1261796 * bsc#1261797 * bsc#1261896 * bsc#1262020 * bsc#1262053 * bsc#1262054 * bsc#1262055 * bsc#1262061 * bsc#1262063 * bsc#1262074 * bsc#1262078 * bsc#1262086 * bsc#1262087 * bsc#1262099 * bsc#1262100 * bsc#1262101 * bsc#1262179 * bsc#1262181 * bsc#1262602 * bsc#1262616 * bsc#1262665 * bsc#1262671 * bsc#1262673 * bsc#1262725 * bsc#1262731 * bsc#1262734 * bsc#1262746 * bsc#1262752 * bsc#1262758 * bsc#1263001 * bsc#1263012 * bsc#1263064 * bsc#1263065 * bsc#1263085 * bsc#1263093 * bsc#1263095 * bsc#1263104 * bsc#1263131 * bsc#1263140 * bsc#1263141 * bsc#1263149 * bsc#1263165 * bsc#1263170 * bsc#1263176 * bsc#1263556 * bsc#1263582 * bsc#1263592 * bsc#1263593 * bsc#1263595 * bsc#1263596 * bsc#1263600 * bsc#1263668 * bsc#1263723 * bsc#1263797 * bsc#1263815 * bsc#1263882 * bsc#1263901 * bsc#1263931 * bsc#1263933 * bsc#1263995 * bsc#1264014 * bsc#1264059 * bsc#1264082 * bsc#1264087 * bsc#1264097 * bsc#1264183 * bsc#1264427 * bsc#1264469 * bsc#1264482 * bsc#1264634 * bsc#1264651 * bsc#1264661 * bsc#1264674 * bsc#1264801 * bsc#1264848 * bsc#1265085 * bsc#1265090 * bsc#1265116 * bsc#1265119 * bsc#1265126 * bsc#1265144 * bsc#1265308 * bsc#1265421 * bsc#1265449 * bsc#1265456 * bsc#1265626 * bsc#1265846 * bsc#1265960 * jsc#PED-7249 Cross-References: * CVE-2023-2058 * CVE-2025-40219 * CVE-2025-71183 * CVE-2025-71238 * CVE-2026-23168 * CVE-2026-23209 * CVE-2026-23236 * CVE-2026-23237 * CVE-2026-23239 * CVE-2026-23240 * CVE-2026-23245 * CVE-2026-23246 * CVE-2026-23253 * CVE-2026-23260 * CVE-2026-23264 * CVE-2026-23266 * CVE-2026-23268 * CVE-2026-23269 * CVE-2026-23271 * CVE-2026-23273 * CVE-2026-23276 * CVE-2026-23279 * CVE-2026-23290 * CVE-2026-23291 * CVE-2026-23298 * CVE-2026-23300 * CVE-2026-23306 * CVE-2026-23307 * CVE-2026-23308 * CVE-2026-23312 * CVE-2026-23313 * CVE-2026-23315 * CVE-2026-23318 * CVE-2026-23321 * CVE-2026-23324 * CVE-2026-23325 * CVE-2026-23336 * CVE-2026-23339 * CVE-2026-23340 * CVE-2026-23346 * CVE-2026-23351 * CVE-2026-23357 * CVE-2026-23362 * CVE-2026-23363 * CVE-2026-23365 * CVE-2026-23367 * CVE-2026-23368 * CVE-2026-23370 * CVE-2026-23372 * CVE-2026-23373 * CVE-2026-23374 * CVE-2026-23378 * CVE-2026-23382 * CVE-2026-23391 * CVE-2026-23392 * CVE-2026-23393 * CVE-2026-23396 * CVE-2026-23397 * CVE-2026-23399 * CVE-2026-23403 * CVE-2026-23404 * CVE-2026-23405 * CVE-2026-23406 * CVE-2026-23407 * CVE-2026-23408 * CVE-2026-23409 * CVE-2026-23410 * CVE-2026-23411 * CVE-2026-23420 * CVE-2026-23426 * CVE-2026-23434 * CVE-2026-23440 * CVE-2026-23441 * CVE-2026-23442 * CVE-2026-23443 * CVE-2026-23446 * CVE-2026-23447 * CVE-2026-23448 * CVE-2026-23449 * CVE-2026-23450 * CVE-2026-23452 * CVE-2026-23455 * CVE-2026-23456 * CVE-2026-23457 * CVE-2026-23458 * CVE-2026-23460 * CVE-2026-23461 * CVE-2026-23462 * CVE-2026-23463 * CVE-2026-23465 * CVE-2026-23468 * CVE-2026-23472 * CVE-2026-23473 * CVE-2026-23474 * CVE-2026-23475 * CVE-2026-31389 * CVE-2026-31393 * CVE-2026-31400 * CVE-2026-31402 * CVE-2026-31403 * CVE-2026-31404 * CVE-2026-31405 * CVE-2026-31407 * CVE-2026-31408 * CVE-2026-31411 * CVE-2026-31412 * CVE-2026-31415 * CVE-2026-31416 * CVE-2026-31417 * CVE-2026-31420 * CVE-2026-31421 * CVE-2026-31422 * CVE-2026-31423 * CVE-2026-31424 * CVE-2026-31425 * CVE-2026-31426 * CVE-2026-31427 * CVE-2026-31428 * CVE-2026-31436 * CVE-2026-31449 * CVE-2026-31470 * CVE-2026-31488 * CVE-2026-31494 * CVE-2026-31496 * CVE-2026-31504 * CVE-2026-31505 * CVE-2026-31507 * CVE-2026-31512 * CVE-2026-31515 * CVE-2026-31519 * CVE-2026-31525 * CVE-2026-31528 * CVE-2026-31533 * CVE-2026-31550 * CVE-2026-31565 * CVE-2026-31570 * CVE-2026-31586 * CVE-2026-31588 * CVE-2026-31602 * CVE-2026-31607 * CVE-2026-31622 * CVE-2026-31649 * CVE-2026-31656 * CVE-2026-31662 * CVE-2026-31668 * CVE-2026-31669 * CVE-2026-31675 * CVE-2026-31679 * CVE-2026-31681 * CVE-2026-31682 * CVE-2026-31684 * CVE-2026-31685 * CVE-2026-31694 * CVE-2026-31700 * CVE-2026-31738 * CVE-2026-31787 * CVE-2026-43009 * CVE-2026-43025 * CVE-2026-43027 * CVE-2026-43037 * CVE-2026-43038 * CVE-2026-43044 * CVE-2026-43050 * CVE-2026-43060 * CVE-2026-43088 * CVE-2026-43110 * CVE-2026-43120 * CVE-2026-43126 * CVE-2026-43190 * CVE-2026-43214 * CVE-2026-43265 * CVE-2026-43329 * CVE-2026-43330 * CVE-2026-43334 * CVE-2026-43365 * CVE-2026-43366 * CVE-2026-43419 * CVE-2026-43437 * CVE-2026-43441 * CVE-2026-43494 * CVE-2026-43503 CVSS scores: * CVE-2023-2058 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2023-2058 ( NVD ): 2.4 CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N * CVE-2025-40219 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40219 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-71183 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71183 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71238 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-71238 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-71238 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23168 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23168 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23168 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23209 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23209 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23236 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23236 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23236 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23236 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2026-23237 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23237 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23239 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23239 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23240 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23245 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23245 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23245 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23246 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23253 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23253 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23260 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23260 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23260 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23264 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23264 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23266 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23266 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23266 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23268 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23268 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23269 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23269 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23269 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23271 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23271 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23273 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23276 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23276 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23279 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23279 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23279 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23290 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23290 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23290 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23291 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23291 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23298 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23298 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23298 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23300 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23300 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23300 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23306 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23306 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H * CVE-2026-23306 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23307 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23308 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23308 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23312 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23312 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23312 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23313 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23315 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23315 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23318 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23318 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23321 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23321 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23321 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23324 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23324 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23324 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23325 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23325 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23336 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23336 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23339 ( SUSE ): 2.3 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23339 ( SUSE ): 3.1 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23339 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23340 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23340 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23340 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23346 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23346 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23346 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23357 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23357 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23357 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23362 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23363 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23365 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23365 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23365 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23367 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-23367 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-23367 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23368 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23368 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23368 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23370 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23370 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23372 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23372 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23373 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23373 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23374 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23374 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23374 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23378 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23378 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23378 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23378 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23382 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23382 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23382 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23391 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23391 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23392 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23393 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23396 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23396 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23396 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23397 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23397 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23397 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23399 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23399 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23399 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23403 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23403 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23404 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23406 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23406 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23407 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23407 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23407 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23408 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23409 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23409 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23410 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23410 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23411 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23420 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23426 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23426 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23426 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23434 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23434 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23434 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23434 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23440 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23440 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23440 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23440 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23441 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23441 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23442 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23442 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23442 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23443 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23443 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23443 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23446 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23446 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23446 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23447 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23447 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23448 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23448 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23448 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23450 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23452 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23452 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23452 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23455 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23455 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23455 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23456 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23456 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-23456 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23457 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23457 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23457 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23458 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23458 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23458 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23460 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23460 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23460 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23461 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23461 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23461 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23462 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23463 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23463 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2026-23463 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23465 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2026-23465 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2026-23465 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23468 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23472 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23472 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23472 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23473 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23473 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23474 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23474 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23474 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23475 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23475 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23475 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31389 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31389 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31389 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31393 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31393 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31393 ( NVD ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31400 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31400 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31400 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31402 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31402 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-31402 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31403 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31404 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31404 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31404 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31405 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31405 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31407 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31407 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31407 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31408 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31408 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31408 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31411 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31411 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31411 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31412 ( SUSE ): 7.0 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31412 ( SUSE ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31412 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31415 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31415 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31415 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31416 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31416 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-31416 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31417 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31417 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31417 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31420 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31421 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31421 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31421 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31422 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31422 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31422 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31423 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31423 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31423 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31424 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31424 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31424 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31425 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31425 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31426 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31426 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-31426 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31427 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-31427 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2026-31427 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31428 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31428 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31428 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31436 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31436 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31436 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31449 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-31470 ( SUSE ): 6.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31470 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31470 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31488 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31488 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31488 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31494 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-31494 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2026-31494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31496 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31496 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31496 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31504 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31504 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31504 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31505 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31507 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31512 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31512 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-31512 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31515 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31515 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31515 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31519 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31519 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31525 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31525 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31525 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31528 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31528 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31528 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31533 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31550 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31550 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31550 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31565 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31565 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31565 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31570 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:N/SA:N * CVE-2026-31570 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31586 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31588 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-31602 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31602 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31602 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31607 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31607 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2026-31607 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31622 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31622 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31622 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31649 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31656 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31662 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31662 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31662 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31668 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-31668 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2026-31668 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31669 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31675 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31675 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2026-31675 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31679 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31679 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31679 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31681 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31681 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31681 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31682 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31682 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31682 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31684 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31684 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-31684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31685 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31685 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31685 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31694 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31694 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31694 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31700 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31738 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43009 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-43027 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43027 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43038 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43038 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43044 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43044 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43044 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43050 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43060 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43060 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43088 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-43088 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-43110 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43110 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43110 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43120 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43126 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43190 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43190 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43190 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43214 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43214 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43214 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43265 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43265 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43265 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43329 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43329 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43329 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43330 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43330 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43330 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43334 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-43334 ( SUSE ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-43334 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43365 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43365 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43365 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43366 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43366 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43366 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43419 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-43419 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-43437 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43437 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43441 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43441 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43494 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43494 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43503 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43503 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43503 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves 181 vulnerabilities, contains one feature and has 19 fixes can now be installed. ## Description: The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2023-2058: x86/CPU: Fix FPDSS on Zen1 (bsc#1243603). * CVE-2025-71183: btrfs: always detect conflicting inodes when logging inode refs (bsc#1257631). * CVE-2026-23168: flex_proportions: make fprop_new_period() hardirq safe (bsc#1258826). * CVE-2026-23239: espintcp: Fix race condition in espintcp_close() (bsc#1259485). * CVE-2026-23240: tls: Fix race condition in tls_sw_cancel_work_tx() (bsc#1259484). * CVE-2026-23245: net/sched: act_gate: snapshot parameters with RCU on replace (bsc#1259799). * CVE-2026-23271: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race (bsc#1260018). * CVE-2026-23276: net: move dev_xmit_recursion() helpers to net/core/dev.h (bsc#1260012). * CVE-2026-23300: net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop (bsc#1260538). * CVE-2026-23306: scsi: pm8001: Fix use-after-free in pm8001_queue_command() (bsc#1260501). * CVE-2026-23313: i40e: Fix preempt count leak in napi poll tracepoint (bsc#1260555). * CVE-2026-23321: mptcp: pm: in-kernel: always mark signal+subflow endp as used (bsc#1260505). * CVE-2026-23340: net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs (bsc#1260523). * CVE-2026-23346: mm/ioremap: define generic_ioremap_prot() and generic_iounmap() (bsc#1260529). * CVE-2026-23351: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase (bsc#1260526). * CVE-2026-23368: net: phy: register phy led_triggers during probe to avoid AB-BA deadlock (bsc#1260530). * CVE-2026-23374: blktrace: fix __this_cpu_read/write in preemptible context (bsc#1260811). * CVE-2026-23378: net/sched: act_ife: Fix metalist update behavior (bsc#1260546). * CVE-2026-23391: netfilter: xt_CT: drop pending enqueued packets on template removal (bsc#1260566). * CVE-2026-23392: netfilter: nf_tables: release flowtable after rcu grace period on error (bsc#1260531). * CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260522). * CVE-2026-23397: nfnetlink_osf: validate individual option lengths in fingerprints (bsc#1260728). * CVE-2026-23399: nf_tables: nft_dynset: fix possible stateful expression memleak in error path (bsc#1261020). * CVE-2026-23440: net/mlx5e: Fix race condition during IPSec ESN update (bsc#1261641). * CVE-2026-23441: net/mlx5e: Prevent concurrent access to IPSec ASO context (bsc#1261768). * CVE-2026-23442: ipv6: add NULL checks for idev in SRv6 paths (bsc#1261581). * CVE-2026-23449: net/sched: teql: Fix double-free in teql_master_xmit (bsc#1261779). * CVE-2026-23450: net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock() (bsc#1261584). * CVE-2026-23455: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() (bsc#1261687). * CVE-2026-23456: netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case (bsc#1261703). * CVE-2026-23457: netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp() (bsc#1261686). * CVE-2026-23458: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() (bsc#1261781). * CVE-2026-23461: Bluetooth: L2CAP: Fix use-after-free in l2cap_unregister_user (bsc#1261707). * CVE-2026-23462: Bluetooth: HIDP: Fix possible UAF (bsc#1261710). * CVE-2026-23468: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion (bsc#1261692). * CVE-2026-23472: serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN (bsc#1261636). * CVE-2026-23473: io_uring/poll: fix multishot recv missing EOF on wakeup race (bsc#1261694). * CVE-2026-31400: sunrpc: fix cache_request leak in cache_release (bsc#1261645). * CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (bsc#1261638). * CVE-2026-31403: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd (bsc#1261796). * CVE-2026-31404: xfs: avoid dereferencing log items after push callbacks (bsc#1261628). * CVE-2026-31407: netfilter: conntrack: add missing netlink policy validations (bsc#1261632). * CVE-2026-31411: net: atm: fix crash due to unvalidated vcc pointer in sigd_send() (bsc#1261752). * CVE-2026-31415: ipv6: avoid overflows in ip6_datagram_send_ctl() (bsc#1262099). * CVE-2026-31416: netfilter: nfnetlink_log: account for netlink header size (bsc#1262100). * CVE-2026-31420: bridge: mrp: reject zero test interval to avoid OOM panic (bsc#1262055). * CVE-2026-31421: net/sched: cls_fw: fix NULL pointer dereference on shared blocks (bsc#1262061). * CVE-2026-31422: net/sched: cls_flow: fix NULL pointer dereference on shared blocks (bsc#1262054). * CVE-2026-31423: net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() (bsc#1262063). * CVE-2026-31424: netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP (bsc#1262053). * CVE-2026-31425: rds: ib: reject FRMR registration before IB connection is established (bsc#1262074). * CVE-2026-31427: netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp (bsc#1262086). * CVE-2026-31428: netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD (bsc#1262087). * CVE-2026-31436: dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() (bsc#1262602). * CVE-2026-31449: ext4: validate p_idx bounds in ext4_ext_correct_indexes (bsc#1262616). * CVE-2026-31470: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (bsc#1262665). * CVE-2026-31488: drm/amd/display: Do not skip unrelated mode changes in DSC validation (bsc#1262746). * CVE-2026-31494: net: cadence: macb: Synchronize stats calculations (bsc#1262671). * CVE-2026-31496: netfilter: nf_conntrack_expect: skip expectations in other netns via proc (bsc#1262673). * CVE-2026-31504: net: fix fanout UAF in packet_release() via NETDEV_UP race (bsc#1263085). * CVE-2026-31505: iavf: fix out-of-bounds writes in iavf_get_ethtool_stats() (bsc#1263093). * CVE-2026-31507: net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer (bsc#1263095). * CVE-2026-31512: Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv() (bsc#1262734). * CVE-2026-31515: af_key: validate families in pfkey_send_migrate() (bsc#1262752). * CVE-2026-31519: btrfs: set BTRFS_ROOT_ORPHAN_CLEANUP during subvol create (bsc#1263012). * CVE-2026-31525: bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN (bsc#1262725). * CVE-2026-31528: perf: Make sure to use pmu_ctx->pmu for groups (bsc#1263001). * CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (bsc#1262758). * CVE-2026-31550: pmdomain: bcm: bcm2835-power: Increase ASB control timeout (bsc#1263104). * CVE-2026-31565: RDMA/irdma: Fix deadlock during netdev reset with active connections (bsc#1263064). * CVE-2026-31570: can: gw: fix OOB heap access in cgw_csum_crc8_rel() (bsc#1263065). * CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (bsc#1263176). * CVE-2026-31588: KVM: x86: Use scratch field in MMIO fragment to hold small write values (bsc#1263165). * CVE-2026-31602: ALSA: ctxfi: Limit PTP to a single page (bsc#1263723). * CVE-2026-31607: usbip: validate number_of_packets in usbip_pack_ret_submit() (bsc#1263600). * CVE-2026-31622: NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (bsc#1263797). * CVE-2026-31649: net: stmmac: fix integer underflow in chain mode (bsc#1263582). * CVE-2026-31656: drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (bsc#1263170). * CVE-2026-31662: tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG (bsc#1263131). * CVE-2026-31668: seg6: separate dst_cache for input and output paths in seg6 lwtunnel (bsc#1263140). * CVE-2026-31669: mptcp: fix slab-use-after-free in __inet_lookup_established (bsc#1263141). * CVE-2026-31675: net/sched: sch_netem: fix out-of-bounds access in packet corruption (bsc#1263556). * CVE-2026-31679: openvswitch: validate MPLS set/set_masked payload length (bsc#1263592). * CVE-2026-31681: netfilter: xt_multiport: validate range encoding in checkentry (bsc#1263593). * CVE-2026-31682: bridge: br_nd_send: linearize skb before parsing ND options (bsc#1263595). * CVE-2026-31684: net: sched: act_csum: validate nested VLAN headers (bsc#1263596). * CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263668). * CVE-2026-31694: fuse: reject oversized dirents in page cache (bsc#1263901). * CVE-2026-31700: net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (bsc#1263882). * CVE-2026-31738: vxlan: validate ND option lengths in vxlan_na_create (bsc#1264059). * CVE-2026-31787: xen/privcmd: fix double free via VMA splitting (bsc#1262181). * CVE-2026-43009: bpf: Fix incorrect pruning due to atomic fetch precision tracking (bsc#1264014). * CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new expectations (bsc#1263931). * CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect cleanup (bsc#1263933). * CVE-2026-43037: ip6_tunnel: clear skb2->cb in ip4ip6_err() (bsc#1263995). * CVE-2026-43038: ipv6: icmp: clear skb2->cb in ip6_err_gen_icmpv6_unreach() (bsc#1264097). * CVE-2026-43044: crypto: caam - fix DMA corruption on long hmac keys (bsc#1264087). * CVE-2026-43050: atm: lec: fix use-after-free in sock_def_readable() (bsc#1264082). * CVE-2026-43060: netfilter: nft_ct: drop pending enqueued packets on removal (bsc#1264183). * CVE-2026-43088: net: af_key: zero aligned sockaddr tail in PF_KEY exports (bsc#1264469). * CVE-2026-43110: wifi: brcmfmac: validate bsscfg indices in IF events (bsc#1264482). * CVE-2026-43120: RDMA/irdma: Fix double free related to rereg_user_mr. * CVE-2026-43126: ALSA: mixer: oss: Add card disconnect checkpoints (bsc#1264634). * CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264848). * CVE-2026-43214: KVM: x86: Add SRCU protection for reading PDPTRs in __get_sregs2() (bsc#1264651). * CVE-2026-43265: KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block() (bsc#1264427). * CVE-2026-43329: netfilter: flowtable: strictly check for maximum number of actions (bsc#1265085). * CVE-2026-43330: crypto: caam - fix overflow on long hmac keys (bsc#1264801). * CVE-2026-43334: Bluetooth: SMP: force responder MITM requirements before building the pairing response (bsc#1265090). * CVE-2026-43365: xfs: fix undersized l_iclog_roundoff values (bsc#1265119). * CVE-2026-43366: io_uring/kbuf: check if target buffer list is still legacy on recycle (bsc#1265116). * CVE-2026-43419: ceph: fix memory leaks in ceph_mdsc_build_path() (bsc#1264661). * CVE-2026-43437: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (bsc#1265126). * CVE-2026-43441: net: bonding: Fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1264674). * CVE-2026-43494: net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * CVE-2026-43503: net: skbuff: propagate shared-frag marker through frag- transfer helpers (bsc#1265960). The following non security issues were fixed: * accel/qaic: Add overflow check to remap_pfn_range during mmap (git-fixes). * ACPI: AGDI: fix missing newline in error message (git-fixes). * ACPI: CPPC: Fix related_cpus inconsistency during CPU hotplug (git-fixes). * ACPI: scan: Use acpi_dev_put() in object add error paths (git-fixes). * ACPI: video: force native backlight on HP OMEN 16 (8A44) (stable-fixes). * ALSA: 6fire: Fix input volume change detection (git-fixes). * ALSA: 6fire: fix use-after-free on disconnect (git-fixes). * ALSA: aoa: i2sbus: clear stale prepared state (git-fixes). * ALSA: aoa: i2sbus: fix OF node lifetime handling (git-fixes). * ALSA: aoa: Skip devices with no codecs in i2sbus_resume() (git-fixes). * ALSA: aoa: Use guard() for mutex locks (stable-fixes). * ALSA: asihpi: avoid write overflow check warning (stable-fixes). * ALSA: caiaq: Don't abort when no input device is available (git-fixes). * ALSA: caiaq: Fix control_put() result and cache rollback (git-fixes). * ALSA: caiaq: Fix potentially leftover ep1_in_urb at error path (git-fixes). * ALSA: caiaq: fix usb_dev refcount leak on probe failure (git-fixes). * ALSA: caiaq: Handle probe errors properly (git-fixes). * ALSA: caiaq: take a reference on the USB device in create_card() (git- fixes). * ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names() (git-fixes). * ALSA: core: Fix potential data race at fasync handling (git-fixes). * ALSA: core: Serialize deferred fasync state checks (git-fixes). * ALSA: core: Validate compress device numbers without dynamic minors (git- fixes). * ALSA: ctxfi: Add fallback to default RSR for S/PDIF (git-fixes). * ALSA: ctxfi: Fix missing SPDIFI1 index handling (stable-fixes). * ALSA: ctxfi: Limit PTP to a single page (git-fixes). * ALSA: firewire-tascam: Do not drop unread control events (git-fixes). * ALSA: fireworks: bound device-supplied status before string array lookup (git-fixes). * ALSA: hda/realtek - fixed speaker no sound update (git-fixes). * ALSA: hda/realtek: Add HP ENVY Laptop 13-ba0xxx quirk (stable-fixes). * ALSA: hda/realtek: Add mute LED quirk for HP Pavilion 15-eg0xxx (stable- fixes). * ALSA: hda/realtek: Add quirk for ASUS ROG Flow Z13-KJP GZ302EAC (stable- fixes). * ALSA: hda/realtek: add quirk for Framework F111:000F (stable-fixes). * ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14IAH10 (stable-fixes). * ALSA: hda/realtek: fix code style (ERROR: else should follow close brace '}') (git-fixes). * ALSA: misc: Use guard() for spin locks (stable-fixes). * ALSA: scarlett2: Add missing sentinel initializer field (git-fixes). * ALSA: seq: Notify client and port info changes (stable-fixes). * ALSA: seq_oss: return full count for successful SEQ_FULLSIZE writes (stable- fixes). * ALSA: usb-audio: apply quirk for MOONDROP JU Jiu (stable-fixes). * ALSA: usb-audio: Avoid false E-MU sample-rate notifications (git-fixes). * ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3() (git- fixes). * ALSA: usb-audio: Evaluate packsize caps at the right place (git-fixes). * ALSA: usb-audio: Fix Audio Advantage Micro II SPDIF switch (git-fixes). * ALSA: usb-audio: Fix potential leak of pd at parsing UAC3 streams (git- fixes). * ALSA: usb-audio: Fix quirk flags for NeuralDSP Quad Cortex (stable-fixes). * ALSA: usb-audio: Fix UAC3 cluster descriptor size check (git-fixes). * ALSA: usb-audio: midi2: Restart output URBs on resume (git-fixes). * ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES (git-fixes). * ASoC: amd: yc: Add DMI entry for HP Laptop 15-fc0xxx (stable-fixes). * ASoC: amd: yc: Add DMI quirk for ASUS EXPERTBOOK BM1403CDA (stable-fixes). * ASoC: amd: yc: Add DMI quirk for Thin A15 B7VF (stable-fixes). * ASoC: amd: yc: Add HP OMEN Gaming Laptop 16-ap0xxx product line in quirk table (stable-fixes). * ASoC: codecs: ab8500: Fix casting of private data (git-fixes). * ASoC: cs35l56: Destroy workqueue in probe error path (git-fixes). * ASoC: cs35l56: Don't use devres to unregister component (git-fixes). * ASoC: fsl_easrc: Change the type for iec958 channel status controls (git- fixes). * ASoC: fsl_easrc: Check the variable range in fsl_easrc_iec958_put_bits() (git-fixes). * ASoC: fsl_easrc: fix comment typo (git-fixes). * ASoC: fsl_easrc: Fix value type in fsl_easrc_iec958_get_bits() (git-fixes). * ASoC: fsl_micfil: Add access property for "VAD Detected" (git-fixes). * ASoC: fsl_micfil: Fix event generation in hwvad_put_enable() (git-fixes). * ASoC: fsl_micfil: Fix event generation in hwvad_put_init_mode() (git-fixes). * ASoC: fsl_micfil: Fix event generation in micfil_put_dc_remover_state() (git-fixes). * ASoC: fsl_micfil: Fix event generation in micfil_quality_set() (git-fixes). * ASoC: fsl_xcvr: Fix event generation for cached controls (git-fixes). * ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_arc_mode_put() (git-fixes). * ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_mode_put() (git-fixes). * ASoC: Intel: bytcr_wm5102: Fix MCLK leak on platform_clock_control error (git-fixes). * ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens (git-fixes). * ASoC: qcom: q6apm: move component registration to unmanaged version (git- fixes). * ASoC: qcom: q6apm: remove child devices when apm is removed (git-fixes). * ASoC: qcom: qdsp6: topology: check widget type before accessing data (git- fixes). * ASoC: soc-core: call missing INIT_LIST_HEAD() for card_aux_list (stable- fixes). * ASoC: SOF: compress: return the configured codec from get_params (git- fixes). * ASoC: SOF: Don't allow pointer operations on unconfigured streams (git- fixes). * ASoC: SOF: Intel: hda: Place check before dereference (git-fixes). * ASoC: SOF: topology: reject invalid vendor array size in token parser (stable-fixes). * ASoC: sti: Return errors from regmap_field_alloc() (git-fixes). * ASoC: sti: use managed regmap_field allocations (git-fixes). * ASoC: stm32_sai: fix incorrect BCLK polarity for DSP_A/B, LEFT_J (stable- fixes). * ata: ahci: force 32-bit DMA for JMicron JMB582/JMB585 (stable-fixes). * batman-adv: bla: only purge non-released claims (git-fixes). * batman-adv: bla: prevent use-after-free when deleting claims (git-fixes). * batman-adv: bla: put backbone reference on failed claim hash insert (git- fixes). * batman-adv: fix integer overflow on buff_pos (git-fixes). * batman-adv: hold claim backbone gateways by reference (git-fixes). * batman-adv: reject new tp_meter sessions during teardown (git-fixes). * batman-adv: reject oversized global TT response buffers (git-fixes). * batman-adv: stop caching unowned originator pointers in BAT IV (git-fixes). * Bluetooth: bnep: fix incorrect length parsing in bnep_rx_frame() extension handling (git-fixes). * Bluetooth: fix locking in hci_conn_request_evt() with HCI_PROTO_DEFER (git- fixes). * Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt (git-fixes). * Bluetooth: hci_event: fix potential UAF in SSP passkey handlers (git-fixes). * Bluetooth: hci_ldisc: Clear HCI_UART_PROTO_INIT on error (git-fixes). * Bluetooth: HIDP: serialise l2cap_unregister_user via hidp_session_sem (git- fixes). * Bluetooth: ISO: Fix data-race on dst in iso_sock_connect() (git-fixes). * Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp (git- fixes). * Bluetooth: l2cap: fix MPS check in l2cap_ecred_reconf_req (git-fixes). * Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb() (git- fixes). * Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_state_change_cb() (git- fixes). * Bluetooth: L2CAP: Fix printing wrong information if SDU length exceeds MTU (git-fixes). * Bluetooth: RFCOMM: pull credit byte with skb_pull_data() (git-fixes). * Bluetooth: SCO: check for codecs->num_codecs == 1 before assigning to sco_pi(sk)->codec (git-fixes). * Bluetooth: SCO: fix sleeping under spinlock in sco_conn_ready (git-fixes). * Bluetooth: SCO: hold sk properly in sco_conn_ready (git-fixes). * Bluetooth: virtio_bt: clamp rx length before skb_put (git-fixes). * Bluetooth: virtio_bt: validate rx pkt_type header length (git-fixes). * btrfs: do not skip logging new dentries when logging a new name (git-fixes). * btrfs: reject root items with drop_progress and zero drop_level (git-fixes). * btrfs: replace BUG() with error handling in __btrfs_balance() (git-fixes). * can: mcp251x: add error handling for power enable in open and resume (stable-fixes). * can: raw: fix ro->uniq use-after-free in raw_rcv() (git-fixes). * can: ucan: fix devres lifetime (git-fixes). * cdc-acm: new quirk for EPSON HMD (stable-fixes). * check-for-config-changes: Exclude CC_MS_EXTENSIONS. * check-for-config-changes: Exclude HAVE_CFI_ICALL_NORMALIZE_INTEGERS{,_RUSTC}. * checkpatch: add support for Assisted-by tag (stable-fixes). * comedi: dt2815: add hardware detection to prevent crash (stable-fixes). * crypto: algif_aead - Fix minimum RX size check for decryption (git-fixes). * crypto: arm64/aes - Fix 32-bit aes_mac_update() arg treated as 64-bit (git- fixes). * crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup (git- fixes). * crypto: atmel-ecc - Release client on allocation failure (git-fixes). * crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path (git-fixes). * crypto: atmel-tdes - fix DMA sync direction (git-fixes). * crypto: authencesn - reject short ahash digests during instance creation (git-fixes). * crypto: ccp - copy IV using skcipher ivsize (git-fixes). * crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed (git-fixes). * crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed (git-fixes). * crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed (git-fixes). * crypto: ccree - fix a memory leak in cc_mac_digest() (git-fixes). * crypto: hisilicon - Fix dma_unmap_single() direction (git-fixes). * crypto: jitterentropy - replace long-held spinlock with mutex (git-fixes). * crypto: pcrypt - Fix handling of MAY_BACKLOG requests (git-fixes). * crypto: qat - fix type mismatch in RAS sysfs show functions (git-fixes). * crypto: qat - use swab32 macro (git-fixes). * crypto: sa2ul - Fix AEAD fallback algorithm names (git-fixes). * crypto: simd - reject compat registrations without __ prefixes (git-fixes). * crypto: talitos - fix SEC1 32k ahash request limitation (git-fixes). * crypto: testmgr - Hide ENOENT errors (stable-fixes). * crypto: testmgr - Hide ENOENT errors better (git-fixes). * devres: fix missing node debug info in devm_krealloc() (git-fixes). * dm init: ensure device probing has finished in dm-mod.waitfor= (git-fixes). * dmaengine: dw-axi-dmac: Remove unnecessary return statement from void function (git-fixes). * dmaengine: mxs-dma: Fix missing return value from of_dma_controller_register() (git-fixes). * drm/amd/display: Add NULL check for integrated_info in clk_mgr_construct (git-fixes). * drm/amd/display: Allow DCE link encoder without AUX registers (git-fixes). * drm/amd/display: Avoid NULL dereference in dc_dmub_srv error paths (git- fixes). * drm/amd/display: Disable 10-bit truncation and dithering on DCE 6.x (git- fixes). * drm/amd/display: Read EDID from VBIOS embedded panel info (git-fixes). * drm/amd/pm/ci: Clear EnabledForActivity field for memory levels (git-fixes). * drm/amd/pm/ci: Disable MCLK DPM on problematic CI ASICs (git-fixes). * drm/amd/pm/ci: Fill DW8 fields from SMC (git-fixes). * drm/amd/pm/ci: Fix powertune defaults for Hawaii 0x67B0 (git-fixes). * drm/amd/pm/ci: Use highest MCLK on CI when MCLK DPM is disabled (git-fixes). * drm/amd/pm/smu7: Add SCLK cap for quirky Hawaii board (git-fixes). * drm/amd/pm/smu7: Fix SMU7 voltage dependency on display clock (git-fixes). * drm/amdgpu/gfx6: Support harvested SI chips with disabled TCCs (v2) (git- fixes). * drm/amdgpu/gfx9: drop unnecessary 64-bit fence flag check in KIQ (stable- fixes). * drm/amdgpu/gfx10: look at the right prop for gfx queue priority (git-fixes). * drm/amdgpu/gmc: Fix AMDGPU_GART_PLACEMENT_LOW to not overlap with VRAM (git- fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v2.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v2.5 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v3.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.3 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.5 ring (git-fixes). * drm/amdgpu/pm: add missing revision check for CI (git-fixes). * drm/amdgpu/pm: align Hawaii mclk workaround with radeon (git-fixes). * drm/amdgpu/sdma4: replace BUG_ON with WARN_ON in fence emission (git-fixes). * drm/amdgpu/vce: Prevent partial address patches (stable-fixes). * drm/amdgpu/vcn3: Avoid overflow on msg bound check (git-fixes). * drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg (stable-fixes). * drm/amdgpu/vcn4: Avoid overflow on msg bound check (git-fixes). * drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg (stable-fixes). * drm/amdgpu/vcn4: Prevent OOB reads when parsing IB (stable-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v2.0 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v2.5 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v3.0 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0.3 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0.5 enc ring (git-fixes). * drm/amdgpu: Add bounds checking to ib_{get,set}_value (stable-fixes). * drm/amdgpu: fix AMDGPU_INFO_READ_MMR_REG (git-fixes). * drm/amdgpu: fix zero-size GDS range init on RDNA4 (stable-fixes). * drm/amdgpu: zero-initialize GART table on allocation (stable-fixes). * drm/amdkfd: Add upper bound check for num_of_nodes (stable-fixes). * drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure (stable- fixes). * drm/amdkfd: validate SVM ioctl nattr against buffer size (stable-fixes). * drm/arcpgu: fix device node leak (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Add mode_valid hook to drm_bridge_funcs (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Handle HDCP state in bridge atomic check (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Set the mhdp connector earlier in atomic_enable() (git-fixes). * drm/etnaviv: Fix armed job not being pushed to the DRM scheduler (git- fixes). * drm/fb-helper: Fix clipping when damage area spans a single scanline (git- fixes). * drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() (git-fixes). * drm/gma500/oaktrail_hdmi: fix i2c adapter leak on setup (git-fixes). * drm/gma500/oaktrail_lvds: fix hang on init failure (git-fixes). * drm/gma500/oaktrail_lvds: fix i2c adapter leaks on init (git-fixes). * drm/i915/dp: Fix VSC dynamic range signaling for RGB formats (git-fixes). * drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (git- fixes). * drm/i915/wm: Verify the correct plane DDB entry (git-fixes). * drm/i915: skip __i915_request_skip() for already signaled requests (git- fixes). * drm/komeda: fix integer overflow in AFBC framebuffer size check (git-fixes). * drm/msm/a6xx: Fix dumping A650+ debugbus blocks (git-fixes). * drm/msm/a6xx: Fix HLSQ register dumping (git-fixes). * drm/msm/a6xx: Use barriers while updating HFI Q headers (git-fixes). * drm/msm/dpu: fix mismatch between power and frequency (git-fixes). * drm/msm/dsi: add the missing parameter description (git-fixes). * drm/msm/dsi: fix bits_per_pclk (git-fixes). * drm/msm/dsi: fix hdisplay calculation for CMD mode panel (git-fixes). * drm/msm/dsi: rename MSM8998 DSI version from V2_2_0 to V2_0_0 (git-fixes). * drm/msm/shrinker: Fix can_block() logic (git-fixes). * drm/nouveau: fix u32 overflow in pushbuf reloc bounds check (git-fixes). * drm/panel: sharp-ls043t1le01: make use of prepare_prev_first (git-fixes). * drm/panel: simple: Correct G190EAN01 prepare timing (git-fixes). * drm/panfrost: Fix wait_bo ioctl leaking positive return from dma_resv_wait_timeout() (git-fixes). * drm/radeon: add missing revision check for CI (git-fixes). * drm/sun4i: backend: fix error pointer dereference (git-fixes). * drm/sun4i: Fix resource leaks (git-fixes). * drm/vc4: Fix a memory leak in hang state error path (git-fixes). * drm/vc4: Fix memory leak of BO array in hang state (git-fixes). * drm/vc4: platform_get_irq_byname() returns an int (stable-fixes). * drm/vc4: Protect madv read in vc4_gem_object_mmap() with madv_lock (git- fixes). * drm/vc4: Release runtime PM reference after binding V3D (git-fixes). * drm/vram: remove DRM_VRAM_MM_FILE_OPERATIONS from docs (git-fixes). * dt-bindings: net: Fix Tegra234 MGBE PTP clock (git-fixes). * efi/capsule-loader: fix incorrect sizeof in phys array reallocation (git- fixes). * efi: pstore: Drop efivar lock when efi_pstore_open() returns with an error (git-fixes). * ext4: fix fsync(2) for nojournal mode (git-fixes). * ext4: make recently_deleted() properly work with lazy itable initialization (git-fixes). * ext4: reject mount if bigalloc with s_first_data_block != 0 (git-fixes). * extcon: ptn5150: handle pending IRQ events during system resume (git-fixes). * fbdev: matroxfb: Mark variable with __maybe_unused to avoid W=1 build break (git-fixes). * fbdev: offb: fix PCI device reference leak on probe failure (git-fixes). * fbdev: tdfxfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (stable-fixes). * fbdev: udlfb: add vm_ops to dlfb_ops_mmap to prevent use-after-free (stable- fixes). * fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (git-fixes). * firmware: dmi: Correct an indexing error in dmi.h (git-fixes). * gpio: tegra: fix irq_release_resources calling enable instead of disable (git-fixes). * gtp: disable BH before calling udp_tunnel_xmit_skb() (git-fixes). * HID: alps: fix NULL pointer dereference in alps_raw_event() (git-fixes). * HID: asus: do not abort probe when not necessary (git-fixes). * HID: asus: make asus_resume adhere to linux kernel coding standards (git- fixes). * HID: core: clamp report_size in s32ton() to avoid undefined shift (stable- fixes). * HID: multitouch: Check to ensure report responses match the request (stable- fixes). * HID: playstation: Clamp num_touch_reports (git-fixes). * HID: quirks: add HID_QUIRK_ALWAYS_POLL for 8BitDo Pro 3 (stable-fixes). * HID: roccat: fix use-after-free in roccat_report_event (stable-fixes). * HID: usbhid: fix deadlock in hid_post_reset() (git-fixes). * HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq (stable-fixes). * hv_sock: fix ARM64 support (git-fixes). * hwmon: (ads7871) Fix endianness bug in 16-bit register reads (git-fixes). * hwmon: (corsair-psu) Close HID device on probe errors (git-fixes). * hwmon: (lm63) Add locking to avoid TOCTOU (git-fixes). * hwmon: (ltc2992) Clamp threshold writes to hardware range (git-fixes). * hwmon: (ltc2992) Fix u32 overflow in power read path (git-fixes). * i2c: s3c24xx: check the size of the SMBUS message before using it (stable- fixes). * i2c: smbus: reject oversized block transfers in the common path (git-fixes). * i2c: stm32f7: reinit_completion() per transfer not per msg (git-fixes). * i2c: stub: Reject I2C block transfers with invalid length (git-fixes). * i3c: master: Fix error codes at send_ccc_cmd (git-fixes). * i3c: mipi-i3c-hci: fix IBI payload length calculation for final status (git- fixes). * ibmveth: Disable GSO for packets with small MSS (bsc#1265144). * ice: set max queues in alloc_etherdev_mqs() (git-fixes). * iio: adc: ad7768-1: fix one-shot mode data acquisition (git-fixes). * iio: adc: ti-adc161s626: use DMA-safe memory for spi_read() (git-fixes). * iio: adc: ti-ads7950: use iio_push_to_buffers_with_ts_unaligned() (git- fixes). * Input: i8042 - add TUXEDO InfinityBook Max 16 Gen10 AMD to i8042 quirk table (stable-fixes). * Input: uinput - fix circular locking dependency with ff-core (git-fixes). * Input: uinput - take event lock when submitting FF request "event" (stable- fixes). * Input: xpad - add support for BETOP BTP-KP50B/C controller's wireless mode (stable-fixes). * Input: xpad - add support for Razer Wolverine V3 Pro (stable-fixes). * ipmi: Add limits to event and receive message requests (git-fixes). * ipmi: Check event message buffer response for bad data (git-fixes). * ipmi: ssif_bmc: change log level to dbg in irq callback (git-fixes). * ipmi: ssif_bmc: fix message desynchronization after truncated response (git- fixes). * ipmi: ssif_bmc: fix missing check for copy_to_user() partial failure (git- fixes). * irqchip/irq-pic32-evic: Address warning related to wrong printf() formatter (git-fixes). * kdump, documentation: describe craskernel CMA reservation (jsc#PED-7249). * KVM: Reject wrapped offset in kvm_reset_dirty_gfn() (git-fixes). * KVM: SVM: Mark VMCB_NPT as dirty on nested VMRUN (git-fixes). * KVM: SVM: Mark VMCB_PERM_MAP as dirty on nested VMRUN (git-fixes). * KVM: x86/mmu: Retry fault before acquiring mmu_lock if mapping is changing (bsc#1253122). * KVM: x86/xen: Fix cleanup logic in emulation of Xen schedop poll hypercalls (git-fixes). * KVM: x86: check for nEPT/nNPT in slow flush hypercalls (git-fixes). * KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (git- fixes). * KVM: x86: hyper-v: Validate all GVAs during PV TLB flush (git-fixes). * KVM: x86: Ignore cpuid faulting in SMM (git-fixes). * leds: lgm-sso: Remove duplicate assignments for priv->mmap (git-fixes). * lib/hexdump: print_hex_dump_bytes() calls print_hex_dump_debug() (git- fixes). * media: amphion: Fix race between m2m job_abort and device_run (git-fixes). * media: as102: fix to not free memory after the device is registered in as102_usb_probe() (git-fixes). * media: dib8000: avoid division by 0 in dib8000_set_dds() (git-fixes). * media: em28xx: fix use-after-free in em28xx_v4l2_open() (git-fixes). * media: hackrf: fix to not free memory after the device is registered in hackrf_probe() (git-fixes). * media: i2c: imx219: Check return value of devm_gpiod_get_optional() in imx219_probe() (git-fixes). * media: i2c: imx412: Assert reset GPIO during probe (git-fixes). * media: i2c: ov08d10: fix image vertical start setting (git-fixes). * media: i2c: ov8856: free control handler on error in ov8856_init_controls() (git-fixes). * media: mtk-jpeg: fix use-after-free in release path due to uncancelled work (git-fixes). * media: omap3isp: drop the use count of v4l2 pipeline (git-fixes). * media: pci: zoran: fix potential memory leak in zoran_probe() (git-fixes). * media: rc: streamzap: Error handling in probe (git-fixes). * media: rc: xbox_remote: heed DMA restrictions (git-fixes). * media: saa7164: add ioremap return checks and cleanups (git-fixes). * media: staging: imx: configure src_mux in csi_start (git-fixes). * media: staging: imx: request mbus_config in csi_start (git-fixes). * media: uvcvideo: Enable VB2_DMABUF for metadata stream (git-fixes). * media: videobuf2: Set vma_flags in vb2_dma_sg_mmap (git-fixes). * media: vidtv: fix nfeeds state corruption on start_streaming failure (git- fixes). * media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections (git-fixes). * media: vidtv: fix pass-by-value structs causing MSAN warnings (git-fixes). * memory: tegra30-emc: Fix dll_change check (git-fixes). * memory: tegra124-emc: Fix dll_change check (git-fixes). * mfd: mc13xxx-core: Fix memory leak in mc13xxx_add_subdevice_pdata() (git- fixes). * mkspec: Add signature to source list only when it exists. * mmc: sdhci-of-dwcmshc: Disable clock before DLL configuration (git-fixes). * mmc: vub300: fix NULL-deref on disconnect (git-fixes). * modpost: Amend ppc64 save/restfpr symnames for -Os build (bsc#1215199). * mtd: docg3: Convert to platform remove callback returning void (stable- fixes). * mtd: docg3: fix use-after-free in docg3_release() (git-fixes). * mtd: parsers: ofpart: call of_node_get() for dedicated subpartitions (git- fixes). * mtd: parsers: ofpart: call of_node_put() only in ofpart_fail path (git- fixes). * mtd: physmap_of_gemini: Fix disabled pinctrl state check (git-fixes). * mtd: rawnand: sunxi: fix sunxi_nfc_hw_ecc_read_extra_oob (git-fixes). * mtd: spi-nor: core: correct the op.dummy.nbytes when check read operations (git-fixes). * mtd: spi-nor: sst: Factor out common write operation to `sst_nor_write_data()` (stable-fixes). * mtd: spi-nor: sst: Fix SST write failure (git-fixes). * mtd: spi-nor: sst: Fix write enable before AAI sequence (git-fixes). * mtd: spi-nor: swp: check SR_TB flag when getting tb_mask (git-fixes). * net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * net/sched: cls_fw: fix NULL dereference of "old" filters before change() (git-fixes). * net/sched: fix pedit partial COW leading to page cache corruption (bsc#1265421). * net: gro: don't merge zcopy skbs (git-fixes). * net: mana: Add MAC address to vPort logs and clarify error messages (git- fixes). * net: mana: check xdp_rxq registration before unreg in mana_destroy_rxq() (git-fixes). * net: mana: Don't overwrite port probe error with add_adev result (git- fixes). * net: mana: Fix crash from unvalidated SHM offset read from BAR0 during FLR (bsc#1265846). * net: mana: Fix EQ leak in mana_remove on NULL port (git-fixes). * net: mana: Fix RX skb truesize accounting (bsc#1248754). * net: mana: fix use-after-free in mana_hwc_destroy_channel() by reordering teardown (git-fixes). * net: mana: Guard mana_remove against double invocation (git-fixes). * net: mana: hardening: Validate adapter_mtu from MANA_QUERY_DEV_CONFIG (git- fixes). * net: mana: hardening: Validate doorbell ID from GDMA_REGISTER_DEVICE response (git-fixes). * net: mana: Init gf_stats_work before potential error paths in probe (git- fixes). * net: mana: Init link_change_work before potential error paths in probe (git- fixes). * net: mana: remove double CQ cleanup in mana_create_rxq error path (git- fixes). * net: mana: Set default number of queues to 16 (bsc#1261648). * net: mana: Skip WQ object destruction for uninitialized RXQ (git-fixes). * net: mana: Use at least SZ_4K in doorbell ID range check (git-fixes). * net: mana: Use pci_name() for debugfs directory naming (git-fixes). * net: phy: dp83869: fix setting CLK_O_SEL field (git-fixes). * net: stmmac: Fix PTP ref clock for Tegra234 (git-fixes). * net: usb: asix: ax88772: re-add usbnet_link_change() in phylink callbacks (git-fixes). * net: usb: cdc-phonet: fix skb frags[] overflow in rx_complete() (git-fixes). * net: usb: rtl8150: fix use-after-free in rtl8150_start_xmit() (git-fixes). * net: usb: rtl8150: free skb on usb_submit_urb() failure in xmit (git-fixes). * net: wan: fsl_ucc_hdlc: fix ucc_hdlc_remove (git-fixes). * net: wan: fsl_ucc_hdlc: fix uhdlc_memclean (git-fixes). * net: wan: fsl_ucc_hdlc: free tx_skbuff in uhdlc_memclean (git-fixes). * NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (git- fixes). * nfc: llcp: add missing return after LLCP_CLOSED checks (git-fixes). * nfc: pn533: allocate rx skb before consuming bytes (git-fixes). * nfc: s3fwrn5: allocate rx skb before consuming bytes (git-fixes). * NFC: trf7970a: Ignore antenna noise when checking for RF field (git-fixes). * nvmet-tcp: propagate nvmet_tcp_build_pdu_iovec() errors to its callers (git- fixes). * ocfs2: fix possible deadlock between unlink and dio_end_io_write (bsc#1258718). * ocfs2: split transactions in dio completion to avoid credit exhaustion (bsc#1258718). * PCI/AER: Clear only error bits in PCIe Device Status (git-fixes). * PCI/AER: Stop ruling out unbound devices as error source (git-fixes). * PCI: dwc: Apply ECRC workaround to DesignWare 5.00a as well (git-fixes). * PCI: Enable AtomicOps only if Root Port supports them (git-fixes). * PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown (git-fixes). * PCI: hv: Set default NUMA node to 0 for devices without affinity info (git- fixes). * PCI: mediatek-gen3: Prevent leaking IRQ domains when IRQ not found (git- fixes). * PCI: tegra194: Allow system suspend when the Endpoint link is not up (git- fixes). * PCI: tegra194: Disable direct speed change for Endpoint mode (git-fixes). * PCI: tegra194: Disable LTSSM after transition to Detect on surprise link down (git-fixes). * PCI: tegra194: Disable PERST# IRQ only in Endpoint mode (git-fixes). * PCI: tegra194: Fix polling delay for L2 state (git-fixes). * PCI: tegra194: Increase LTSSM poll time on surprise link down (git-fixes). * PCI: tegra194: Set LTR message request before PCIe link up in Endpoint mode (git-fixes). * PCI: tegra194: Use devm_gpiod_get_optional() to parse "nvidia,refclk-select" (git-fixes). * PCI: tegra194: Use DWC IP core version (git-fixes). * pinctrl: abx500: Fix type of 'argument' variable (git-fixes). * pinctrl: Fix spelling problem (git-fixes). * pinctrl: intel: Fix the revision for new features (1kOhm PD, HW debouncer) (stable-fixes). * pinctrl: pic32: change all cases of bare 'unsigned' to 'unsigned int' (git- fixes). * pinctrl: pic32: use consistent spacing around '+' (git-fixes). * pinctrl: pinctrl-pic32: Fix resource leak (git-fixes). * platform/chrome: chromeos_tbmc: Drop wakeup source on remove (git-fixes). * platform/surface: surfacepro3_button: Drop wakeup source on remove (git- fixes). * platform/x86/amd: pmc: Add Thinkpad L14 Gen3 to quirk_s2idle_bug (stable- fixes). * platform/x86: dell-wmi-sysman: bound enumeration string aggregation (git- fixes). * platform/x86: dell_rbu: avoid uninit value usage in packet_size_write() (git-fixes). * platform/x86: hp-wmi: Ignore backlight and FnLock events (stable-fixes). * platform/x86: panasonic-laptop: Fix OPTD notifier registration and cleanup (git-fixes). * power: supply: axp288_charger: Do not cancel work before initializing it (git-fixes). * power: supply: max17042: avoid overflow when determining health (git-fixes). * powerpc/crash: fix backup region offset update to elfcorehdr (bsc#1259535). * RDMA/mana: Fix error unwind in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Fix mana_destroy_wq_obj() cleanup in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Validate rx_hash_key_len (git-fixes). * RDMA/mana_ib: cleanup the usage of mana_gd_send_request() (git-fixes). * RDMA/mana_ib: Disable RX steering on RSS QP destroy (git-fixes). * RDMA/mana_ib: Support memory windows (git-fixes). * regulator: act8945a: fix OF node reference imbalance (git-fixes). * regulator: bd9571mwv: fix OF node reference imbalance (git-fixes). * regulator: max77650: fix OF node reference imbalance (git-fixes). * regulator: mt6357: fix OF node reference imbalance (git-fixes). * remoteproc: xlnx: Only access buffer information if IPI is buffered (git- fixes). * Revert "ALSA: usb: Increase volume range that triggers a warning" (git- fixes). * rtc: abx80x: Disable alarm feature if no interrupt attached (git-fixes). * rtc: ntxec: fix OF node reference imbalance (git-fixes). * sched/balancing: Switch the 'DEFINE_SPINLOCK(balancing)' spinlock into an 'atomic_t sched_balance_running' flag (bsc#1253754). * sched/fair: Change likelyhood of nohz.nr_cpus (bsc#1234634 bsc#1258961). * sched/fair: Have SD_SERIALIZE affect newidle balancing (bsc#1253754). * sched/fair: Move checking for nohz cpus after time check (bsc#1234634 bsc#1258961). * sched/fair: Remove nohz.nr_cpus and use weight of cpumask instead (bsc#1234634 bsc#1258961). * sched/fair: Skip sched_balance_running cmpxchg when balance is not due (bsc#1253754). * scsi: storvsc: Handle PERSISTENT_RESERVE_IN truncation for Hyper-V vFC (git- fixes). * scsi: target: iscsi: validate CHAP_R length before base64 decode (bsc#1265449). * soc/tegra: cbb: Set ERD on resume for err interrupt (git-fixes). * soc: qcom: aoss: compare against normalized cooling state (git-fixes). * soc: qcom: llcc: fix v1 SB syndrome register offset (git-fixes). * sound: ua101: fix division by zero at probe (git-fixes). * soundwire: bus: demote UNATTACHED state warnings to dev_dbg() (git-fixes). * soundwire: cadence: Clear message complete before signaling waiting thread (git-fixes). * spi: at91-usart: fix controller deregistration (git-fixes). * spi: atmel: fix controller deregistration (git-fixes). * spi: cadence: fix controller deregistration (git-fixes). * spi: fix controller cleanup() documentation (git-fixes). * spi: fix misleading controller deregistration kernel-doc (git-fixes). * spi: fix misleading controller registration kernel-doc (git-fixes). * spi: fsl-qspi: Use reinit_completion() for repeated operations (git-fixes). * spi: hisi-kunpeng: prevent infinite while() loop in hisi_spi_flush_fifo (git-fixes). * spi: imx: fix runtime pm leak on probe deferral (git-fixes). * spi: imx: fix use-after-free on unbind (git-fixes). * spi: microchip-core-qspi: fix controller deregistration (git-fixes). * spi: microchip-core-qspi: Use helper function devm_clk_get_enabled() (stable-fixes). * spi: mpc52xx: fix use-after-free on unbind (git-fixes). * spi: mtk-nor: fix controller deregistration (git-fixes). * spi: mtk-snfi: unregister ECC engine on probe failure and remove() callback (git-fixes). * spi: omap2-mcspi: fix controller deregistration (git-fixes). * spi: orion: fix clock imbalance on registration failure (git-fixes). * spi: orion: fix runtime pm leak on unbind (git-fixes). * spi: rockchip: fix controller deregistration (git-fixes). * spi: rspi: fix controller deregistration (git-fixes). * spi: sh-hspi: fix controller deregistration (git-fixes). * spi: spi-ti-qspi: Convert to platform remove callback returning void (stable-fixes). * spi: sprd: fix controller deregistration (git-fixes). * spi: sun4i: fix controller deregistration (git-fixes). * spi: sun4i: switch to use modern name (stable-fixes). * spi: syncuacer: fix controller deregistration (git-fixes). * spi: synquacer: switch to use modern name (stable-fixes). * spi: uniphier: fix controller deregistration (git-fixes). * spi: uniphier: Simplify clock handling with devm_clk_get_enabled() (stable- fixes). * spi: uniphier: switch to use modern name (stable-fixes). * spi: zynq-qspi: switch to use modern name (stable-fixes). * spi: zynqmp-gqspi: fix controller deregistration (git-fixes). * staging: media: atomisp: Disallow all private IOCTLs (git-fixes). * staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify() (git-fixes). * staging: sm750fb: fix division by zero in ps_to_hz() (git-fixes). * staging: vme_user: added bound check to geoid (stable-fixes). * staging: vme_user: fix root device leak on init failure (git-fixes). * thermal/drivers/spear: Fix error condition for reading st,thermal-flags (git-fixes). * thermal/drivers/sprd: Fix raw temperature clamping in sprd_thm_rawdata_to_temp (git-fixes). * thermal/drivers/sprd: Fix temperature clamping in sprd_thm_temp_to_rawdata (git-fixes). * tpm: avoid -Wunused-but-set-variable (git-fixes). * tpm: tpm_tis: add error logging for data transfer (git-fixes). * tpm: tpm_tis: stop transmit if retries are exhausted (git-fixes). * tty: tty_io: update timestamps on all device nodes (bsc#1262020). * USB: cdc-acm: Add quirks for Yoga Book 9 14IAH10 INGENIC touchscreen (stable-fixes). * usb: chipidea: core: allow ci_irq_handler() handle both ID and VBUS change (git-fixes). * usb: chipidea: otg: not wait vbus drop if use role_switch (git-fixes). * USB: core: add NO_LPM quirk for Razer Kiyo Pro webcam (stable-fixes). * usb: gadget: dummy_hcd: fix premature URB completion when ZLP follows partial transfer (stable-fixes). * usb: gadget: f_ncm: validate minimum block_len in ncm_unwrap_ntb() (git- fixes). * usb: gadget: f_phonet: fix skb frags[] overflow in pn_rx_complete() (stable- fixes). * usb: gadget: f_uac1_legacy: validate control request size (stable-fixes). * usb: gadget: renesas_usb3: validate endpoint index in standard request handlers (git-fixes). * USB: omap_udc: DMA: Don't enable burst 4 mode (git-fixes). * usb: port: add delay after usb_hub_set_port_power() (git-fixes). * usb: quirks: add DELAY_INIT quirk for another Silicon Motion flash drive (stable-fixes). * USB: serial: io_edgeport: add support for Blackbox IC135A (stable-fixes). * USB: serial: option: add MeiG Smart SRM825WN (stable-fixes). * USB: serial: option: add support for Rolling Wireless RW135R-GL (stable- fixes). * USB: serial: option: add Telit Cinterion FN990A MBIM composition (stable- fixes). * USB: serial: option: add Telit Cinterion LE910Cx compositions (stable- fixes). * usb: storage: Expand range of matched versions for VL817 quirks entry (stable-fixes). * usb: ulpi: fix memory leak on ulpi_register() error paths (git-fixes). * usb: usblp: fix heap leak in IEEE 1284 device ID via short response (stable- fixes). * usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl (stable- fixes). * usb: xhci: Make usb_host_endpoint.hcpriv survive endpoint_disable() (git- fixes). * usbip: validate number_of_packets in usbip_pack_ret_submit() (git-fixes). * virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (git- fixes). * virt: tdx-guest: Return error for GetQuote failures (git-fixes). * wifi: ath5k: do not access array OOB (git-fixes). * wifi: ath9k: Fix typo (git-fixes). * wifi: ath11k: Pass the correct value of each TID during a stop AMPDU session (git-fixes). * wifi: ath11k: skip status ring entry processing (stable-fixes). * wifi: ath11k: Use dma_alloc_noncoherent for rx_tid buffer allocation (stable-fixes). * wifi: b43: enforce bounds check on firmware key index in b43_rx() (git- fixes). * wifi: b43legacy: enforce bounds check on firmware key index in RX path (git- fixes). * wifi: brcmfmac: Fix error pointer dereference (git-fixes). * wifi: brcmfmac: validate bsscfg indices in IF events (stable-fixes). * wifi: brcmsmac: Fix dma_free_coherent() size (git-fixes). * wifi: cw1200: Revert "Fix locking in error paths" (git-fixes). * wifi: libertas: notify firmware load wait on disconnect (git-fixes). * wifi: mac80211: check ieee80211_rx_data_set_link return in pubsta MLO path (git-fixes). * wifi: mac80211: drop stray 'static' from fast-RX rx_result (git-fixes). * wifi: mac80211: remove station if connection prep fails (git-fixes). * wifi: mt76: mt792x: describe USB WFSYS reset with a descriptor (stable- fixes). * wifi: mt76: mt792x: fix mt7925u USB WFSYS reset handling (git-fixes). * wifi: mt76: mt7615: fix use_cts_prot support (git-fixes). * wifi: mt76: mt7915: fix use-after-free bugs in mt7915_mac_dump_work() (git- fixes). * wifi: mt76: mt7915: fix use_cts_prot support (git-fixes). * wifi: mt76: mt7921: fix a potential clc buffer length underflow (git-fixes). * wifi: mt76: mt7921: fix ROC abort flow interruption in mt7921_roc_work (git- fixes). * wifi: mt76: mt7921: Reset ampdu_state state in case of failure in mt76_connac2_tx_check_aggr() (git-fixes). * wifi: mt76: mt7925: fix incorrect length field in txpower command (git- fixes). * wifi: mt76: mt7996: fix FCS error flag check in RX descriptor (git-fixes). * wifi: mt76: mt7996: fix struct mt7996_mcu_uni_event (git-fixes). * wifi: mwifiex: Fix memory leak in mwifiex_11n_aggregate_pkt() (git-fixes). * wifi: nl80211: fix NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST usage (git- fixes). * wifi: nl80211: require admin perm on SET_PMK / DEL_PMK (git-fixes). * wifi: rsi: fix kthread lifetime race between self-exit and external-stop (git-fixes). * wifi: rt2x00usb: fix devres lifetime (git-fixes). * wifi: rtlwifi: pci: fix possible use-after-free caused by unfinished irq_prepare_bcn_tasklet (git-fixes). * wifi: rtw88: check for PCI upstream bridge existence (git-fixes). * wifi: rtw88: fix device leak on probe failure (git-fixes). * wifi: rtw89: phy: fix uninitialized variable access in rtw89_phy_cfo_set_crystal_cap() (git-fixes). * wifi: wl1251: validate packet IDs before indexing tx_frames (stable-fixes). * workqueue: Break up enum definitions and give names to the types (bsc#1260522). * workqueue: Clean up enum work_bits and related constants (bsc#1260522). * workqueue: Factor out work_grab_pending() from __cancel_work_sync() (bsc#1260522). * workqueue: Fix UBSAN 'subtraction overflow' error in shift_and_mask() (bsc#1260522). * workqueue: Implement disable/enable for (delayed) work items (bsc#1260522). * workqueue: Introduce work_cancel_flags (bsc#1260522). * workqueue: Make @flags handling consistent across set_work_data() and friends (bsc#1260522). * workqueue: Preserve OFFQ bits in cancel[_sync] paths (bsc#1260522). * workqueue: Rename __cancel_work_timer() to __cancel_timer_sync() (bsc#1260522). * workqueue: Reorganize flush and cancel[_sync] functions (bsc#1260522). * x86/boot/64: Clear most of CR4 in startup_64(), except PAE, MCE and LA57 (git-fixes). * x86/boot/sev: Avoid shared GHCB page for early memory acceptance (git- fixes). * x86/boot: Don't add the EFI stub to targets, again (git-fixes). * x86/boot: Fix page table access in 5-level to 4-level paging transition (git-fixes). * X.509: Fix out-of-bounds access when parsing extensions (git-fixes). * Xarray: do not return sibling entries from xas_find_marked() (bsc#1263815). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-435=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le x86_64) * kernel-default-base-6.4.0-46.1.21.23 * SUSE Linux Micro 6.1 (noarch) * kernel-macros-6.4.0-46.1 * kernel-devel-6.4.0-46.1 * kernel-source-6.4.0-46.1 * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-46.1 * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-6.4.0-46.1 * kernel-default-debuginfo-6.4.0-46.1 * kernel-default-debugsource-6.4.0-46.1 * SUSE Linux Micro 6.1 (ppc64le x86_64) * kernel-default-devel-debuginfo-6.4.0-46.1 * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-default-livepatch-6.4.0-46.1 * SUSE Linux Micro 6.1 (nosrc x86_64) * kernel-kvmsmall-6.4.0-46.1 * SUSE Linux Micro 6.1 (x86_64) * kernel-kvmsmall-debugsource-6.4.0-46.1 * kernel-kvmsmall-debuginfo-6.4.0-46.1 ## References: * https://www.suse.com/security/cve/CVE-2023-2058.html * https://www.suse.com/security/cve/CVE-2025-40219.html * https://www.suse.com/security/cve/CVE-2025-71183.html * https://www.suse.com/security/cve/CVE-2025-71238.html * https://www.suse.com/security/cve/CVE-2026-23168.html * https://www.suse.com/security/cve/CVE-2026-23209.html * https://www.suse.com/security/cve/CVE-2026-23236.html * https://www.suse.com/security/cve/CVE-2026-23237.html * https://www.suse.com/security/cve/CVE-2026-23239.html * https://www.suse.com/security/cve/CVE-2026-23240.html * https://www.suse.com/security/cve/CVE-2026-23245.html * https://www.suse.com/security/cve/CVE-2026-23246.html * https://www.suse.com/security/cve/CVE-2026-23253.html * https://www.suse.com/security/cve/CVE-2026-23260.html * https://www.suse.com/security/cve/CVE-2026-23264.html * https://www.suse.com/security/cve/CVE-2026-23266.html * https://www.suse.com/security/cve/CVE-2026-23268.html * https://www.suse.com/security/cve/CVE-2026-23269.html * https://www.suse.com/security/cve/CVE-2026-23271.html * https://www.suse.com/security/cve/CVE-2026-23273.html * https://www.suse.com/security/cve/CVE-2026-23276.html * https://www.suse.com/security/cve/CVE-2026-23279.html * https://www.suse.com/security/cve/CVE-2026-23290.html * https://www.suse.com/security/cve/CVE-2026-23291.html * https://www.suse.com/security/cve/CVE-2026-23298.html * https://www.suse.com/security/cve/CVE-2026-23300.html * https://www.suse.com/security/cve/CVE-2026-23306.html * https://www.suse.com/security/cve/CVE-2026-23307.html * https://www.suse.com/security/cve/CVE-2026-23308.html * https://www.suse.com/security/cve/CVE-2026-23312.html * https://www.suse.com/security/cve/CVE-2026-23313.html * https://www.suse.com/security/cve/CVE-2026-23315.html * https://www.suse.com/security/cve/CVE-2026-23318.html * https://www.suse.com/security/cve/CVE-2026-23321.html * https://www.suse.com/security/cve/CVE-2026-23324.html * https://www.suse.com/security/cve/CVE-2026-23325.html * https://www.suse.com/security/cve/CVE-2026-23336.html * https://www.suse.com/security/cve/CVE-2026-23339.html * https://www.suse.com/security/cve/CVE-2026-23340.html * https://www.suse.com/security/cve/CVE-2026-23346.html * https://www.suse.com/security/cve/CVE-2026-23351.html * https://www.suse.com/security/cve/CVE-2026-23357.html * https://www.suse.com/security/cve/CVE-2026-23362.html * https://www.suse.com/security/cve/CVE-2026-23363.html * https://www.suse.com/security/cve/CVE-2026-23365.html * https://www.suse.com/security/cve/CVE-2026-23367.html * https://www.suse.com/security/cve/CVE-2026-23368.html * https://www.suse.com/security/cve/CVE-2026-23370.html * https://www.suse.com/security/cve/CVE-2026-23372.html * https://www.suse.com/security/cve/CVE-2026-23373.html * https://www.suse.com/security/cve/CVE-2026-23374.html * https://www.suse.com/security/cve/CVE-2026-23378.html * https://www.suse.com/security/cve/CVE-2026-23382.html * https://www.suse.com/security/cve/CVE-2026-23391.html * https://www.suse.com/security/cve/CVE-2026-23392.html * https://www.suse.com/security/cve/CVE-2026-23393.html * https://www.suse.com/security/cve/CVE-2026-23396.html * https://www.suse.com/security/cve/CVE-2026-23397.html * https://www.suse.com/security/cve/CVE-2026-23399.html * https://www.suse.com/security/cve/CVE-2026-23403.html * https://www.suse.com/security/cve/CVE-2026-23404.html * https://www.suse.com/security/cve/CVE-2026-23405.html * https://www.suse.com/security/cve/CVE-2026-23406.html * https://www.suse.com/security/cve/CVE-2026-23407.html * https://www.suse.com/security/cve/CVE-2026-23408.html * https://www.suse.com/security/cve/CVE-2026-23409.html * https://www.suse.com/security/cve/CVE-2026-23410.html * https://www.suse.com/security/cve/CVE-2026-23411.html * https://www.suse.com/security/cve/CVE-2026-23420.html * https://www.suse.com/security/cve/CVE-2026-23426.html * https://www.suse.com/security/cve/CVE-2026-23434.html * https://www.suse.com/security/cve/CVE-2026-23440.html * https://www.suse.com/security/cve/CVE-2026-23441.html * https://www.suse.com/security/cve/CVE-2026-23442.html * https://www.suse.com/security/cve/CVE-2026-23443.html * https://www.suse.com/security/cve/CVE-2026-23446.html * https://www.suse.com/security/cve/CVE-2026-23447.html * https://www.suse.com/security/cve/CVE-2026-23448.html * https://www.suse.com/security/cve/CVE-2026-23449.html * https://www.suse.com/security/cve/CVE-2026-23450.html * https://www.suse.com/security/cve/CVE-2026-23452.html * https://www.suse.com/security/cve/CVE-2026-23455.html * https://www.suse.com/security/cve/CVE-2026-23456.html * https://www.suse.com/security/cve/CVE-2026-23457.html * https://www.suse.com/security/cve/CVE-2026-23458.html * https://www.suse.com/security/cve/CVE-2026-23460.html * https://www.suse.com/security/cve/CVE-2026-23461.html * https://www.suse.com/security/cve/CVE-2026-23462.html * https://www.suse.com/security/cve/CVE-2026-23463.html * https://www.suse.com/security/cve/CVE-2026-23465.html * https://www.suse.com/security/cve/CVE-2026-23468.html * https://www.suse.com/security/cve/CVE-2026-23472.html * https://www.suse.com/security/cve/CVE-2026-23473.html * https://www.suse.com/security/cve/CVE-2026-23474.html * https://www.suse.com/security/cve/CVE-2026-23475.html * https://www.suse.com/security/cve/CVE-2026-31389.html * https://www.suse.com/security/cve/CVE-2026-31393.html * https://www.suse.com/security/cve/CVE-2026-31400.html * https://www.suse.com/security/cve/CVE-2026-31402.html * https://www.suse.com/security/cve/CVE-2026-31403.html * https://www.suse.com/security/cve/CVE-2026-31404.html * https://www.suse.com/security/cve/CVE-2026-31405.html * https://www.suse.com/security/cve/CVE-2026-31407.html * https://www.suse.com/security/cve/CVE-2026-31408.html * https://www.suse.com/security/cve/CVE-2026-31411.html * https://www.suse.com/security/cve/CVE-2026-31412.html * https://www.suse.com/security/cve/CVE-2026-31415.html * https://www.suse.com/security/cve/CVE-2026-31416.html * https://www.suse.com/security/cve/CVE-2026-31417.html * https://www.suse.com/security/cve/CVE-2026-31420.html * https://www.suse.com/security/cve/CVE-2026-31421.html * https://www.suse.com/security/cve/CVE-2026-31422.html * https://www.suse.com/security/cve/CVE-2026-31423.html * https://www.suse.com/security/cve/CVE-2026-31424.html * https://www.suse.com/security/cve/CVE-2026-31425.html * https://www.suse.com/security/cve/CVE-2026-31426.html * https://www.suse.com/security/cve/CVE-2026-31427.html * https://www.suse.com/security/cve/CVE-2026-31428.html * https://www.suse.com/security/cve/CVE-2026-31436.html * https://www.suse.com/security/cve/CVE-2026-31449.html * https://www.suse.com/security/cve/CVE-2026-31470.html * https://www.suse.com/security/cve/CVE-2026-31488.html * https://www.suse.com/security/cve/CVE-2026-31494.html * https://www.suse.com/security/cve/CVE-2026-31496.html * https://www.suse.com/security/cve/CVE-2026-31504.html * https://www.suse.com/security/cve/CVE-2026-31505.html * https://www.suse.com/security/cve/CVE-2026-31507.html * https://www.suse.com/security/cve/CVE-2026-31512.html * https://www.suse.com/security/cve/CVE-2026-31515.html * https://www.suse.com/security/cve/CVE-2026-31519.html * https://www.suse.com/security/cve/CVE-2026-31525.html * https://www.suse.com/security/cve/CVE-2026-31528.html * https://www.suse.com/security/cve/CVE-2026-31533.html * https://www.suse.com/security/cve/CVE-2026-31550.html * https://www.suse.com/security/cve/CVE-2026-31565.html * https://www.suse.com/security/cve/CVE-2026-31570.html * https://www.suse.com/security/cve/CVE-2026-31586.html * https://www.suse.com/security/cve/CVE-2026-31588.html * https://www.suse.com/security/cve/CVE-2026-31602.html * https://www.suse.com/security/cve/CVE-2026-31607.html * https://www.suse.com/security/cve/CVE-2026-31622.html * https://www.suse.com/security/cve/CVE-2026-31649.html * https://www.suse.com/security/cve/CVE-2026-31656.html * https://www.suse.com/security/cve/CVE-2026-31662.html * https://www.suse.com/security/cve/CVE-2026-31668.html * https://www.suse.com/security/cve/CVE-2026-31669.html * https://www.suse.com/security/cve/CVE-2026-31675.html * https://www.suse.com/security/cve/CVE-2026-31679.html * https://www.suse.com/security/cve/CVE-2026-31681.html * https://www.suse.com/security/cve/CVE-2026-31682.html * https://www.suse.com/security/cve/CVE-2026-31684.html * https://www.suse.com/security/cve/CVE-2026-31685.html * https://www.suse.com/security/cve/CVE-2026-31694.html * https://www.suse.com/security/cve/CVE-2026-31700.html * https://www.suse.com/security/cve/CVE-2026-31738.html * https://www.suse.com/security/cve/CVE-2026-31787.html * https://www.suse.com/security/cve/CVE-2026-43009.html * https://www.suse.com/security/cve/CVE-2026-43025.html * https://www.suse.com/security/cve/CVE-2026-43027.html * https://www.suse.com/security/cve/CVE-2026-43037.html * https://www.suse.com/security/cve/CVE-2026-43038.html * https://www.suse.com/security/cve/CVE-2026-43044.html * https://www.suse.com/security/cve/CVE-2026-43050.html * https://www.suse.com/security/cve/CVE-2026-43060.html * https://www.suse.com/security/cve/CVE-2026-43088.html * https://www.suse.com/security/cve/CVE-2026-43110.html * https://www.suse.com/security/cve/CVE-2026-43120.html * https://www.suse.com/security/cve/CVE-2026-43126.html * https://www.suse.com/security/cve/CVE-2026-43190.html * https://www.suse.com/security/cve/CVE-2026-43214.html * https://www.suse.com/security/cve/CVE-2026-43265.html * https://www.suse.com/security/cve/CVE-2026-43329.html * https://www.suse.com/security/cve/CVE-2026-43330.html * https://www.suse.com/security/cve/CVE-2026-43334.html * https://www.suse.com/security/cve/CVE-2026-43365.html * https://www.suse.com/security/cve/CVE-2026-43366.html * https://www.suse.com/security/cve/CVE-2026-43419.html * https://www.suse.com/security/cve/CVE-2026-43437.html * https://www.suse.com/security/cve/CVE-2026-43441.html * https://www.suse.com/security/cve/CVE-2026-43494.html * https://www.suse.com/security/cve/CVE-2026-43503.html * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1234634 * https://bugzilla.suse.com/show_bug.cgi?id=1243603 * https://bugzilla.suse.com/show_bug.cgi?id=1248754 * https://bugzilla.suse.com/show_bug.cgi?id=1253122 * https://bugzilla.suse.com/show_bug.cgi?id=1253754 * https://bugzilla.suse.com/show_bug.cgi?id=1254518 * https://bugzilla.suse.com/show_bug.cgi?id=1256863 * https://bugzilla.suse.com/show_bug.cgi?id=1257631 * https://bugzilla.suse.com/show_bug.cgi?id=1258518 * https://bugzilla.suse.com/show_bug.cgi?id=1258718 * https://bugzilla.suse.com/show_bug.cgi?id=1258826 * https://bugzilla.suse.com/show_bug.cgi?id=1258849 * https://bugzilla.suse.com/show_bug.cgi?id=1258850 * https://bugzilla.suse.com/show_bug.cgi?id=1258854 * https://bugzilla.suse.com/show_bug.cgi?id=1258855 * https://bugzilla.suse.com/show_bug.cgi?id=1258856 * https://bugzilla.suse.com/show_bug.cgi?id=1258857 * https://bugzilla.suse.com/show_bug.cgi?id=1258961 * https://bugzilla.suse.com/show_bug.cgi?id=1259186 * https://bugzilla.suse.com/show_bug.cgi?id=1259199 * https://bugzilla.suse.com/show_bug.cgi?id=1259222 * https://bugzilla.suse.com/show_bug.cgi?id=1259484 * https://bugzilla.suse.com/show_bug.cgi?id=1259485 * https://bugzilla.suse.com/show_bug.cgi?id=1259535 * https://bugzilla.suse.com/show_bug.cgi?id=1259799 * https://bugzilla.suse.com/show_bug.cgi?id=1259806 * https://bugzilla.suse.com/show_bug.cgi?id=1259857 * https://bugzilla.suse.com/show_bug.cgi?id=1259868 * https://bugzilla.suse.com/show_bug.cgi?id=1259869 * https://bugzilla.suse.com/show_bug.cgi?id=1259873 * https://bugzilla.suse.com/show_bug.cgi?id=1259878 * https://bugzilla.suse.com/show_bug.cgi?id=1260010 * https://bugzilla.suse.com/show_bug.cgi?id=1260012 * https://bugzilla.suse.com/show_bug.cgi?id=1260018 * https://bugzilla.suse.com/show_bug.cgi?id=1260468 * https://bugzilla.suse.com/show_bug.cgi?id=1260483 * https://bugzilla.suse.com/show_bug.cgi?id=1260484 * https://bugzilla.suse.com/show_bug.cgi?id=1260485 * https://bugzilla.suse.com/show_bug.cgi?id=1260489 * https://bugzilla.suse.com/show_bug.cgi?id=1260501 * https://bugzilla.suse.com/show_bug.cgi?id=1260504 * https://bugzilla.suse.com/show_bug.cgi?id=1260505 * https://bugzilla.suse.com/show_bug.cgi?id=1260507 * https://bugzilla.suse.com/show_bug.cgi?id=1260522 * https://bugzilla.suse.com/show_bug.cgi?id=1260523 * https://bugzilla.suse.com/show_bug.cgi?id=1260526 * https://bugzilla.suse.com/show_bug.cgi?id=1260528 * https://bugzilla.suse.com/show_bug.cgi?id=1260529 * https://bugzilla.suse.com/show_bug.cgi?id=1260530 * https://bugzilla.suse.com/show_bug.cgi?id=1260531 * https://bugzilla.suse.com/show_bug.cgi?id=1260532 * https://bugzilla.suse.com/show_bug.cgi?id=1260533 * https://bugzilla.suse.com/show_bug.cgi?id=1260536 * https://bugzilla.suse.com/show_bug.cgi?id=1260537 * https://bugzilla.suse.com/show_bug.cgi?id=1260538 * https://bugzilla.suse.com/show_bug.cgi?id=1260541 * https://bugzilla.suse.com/show_bug.cgi?id=1260546 * https://bugzilla.suse.com/show_bug.cgi?id=1260549 * https://bugzilla.suse.com/show_bug.cgi?id=1260551 * https://bugzilla.suse.com/show_bug.cgi?id=1260552 * https://bugzilla.suse.com/show_bug.cgi?id=1260553 * https://bugzilla.suse.com/show_bug.cgi?id=1260555 * https://bugzilla.suse.com/show_bug.cgi?id=1260561 * https://bugzilla.suse.com/show_bug.cgi?id=1260566 * https://bugzilla.suse.com/show_bug.cgi?id=1260572 * https://bugzilla.suse.com/show_bug.cgi?id=1260581 * https://bugzilla.suse.com/show_bug.cgi?id=1260728 * https://bugzilla.suse.com/show_bug.cgi?id=1260729 * https://bugzilla.suse.com/show_bug.cgi?id=1260731 * https://bugzilla.suse.com/show_bug.cgi?id=1260800 * https://bugzilla.suse.com/show_bug.cgi?id=1260811 * https://bugzilla.suse.com/show_bug.cgi?id=1261020 * https://bugzilla.suse.com/show_bug.cgi?id=1261287 * https://bugzilla.suse.com/show_bug.cgi?id=1261295 * https://bugzilla.suse.com/show_bug.cgi?id=1261348 * https://bugzilla.suse.com/show_bug.cgi?id=1261503 * https://bugzilla.suse.com/show_bug.cgi?id=1261504 * https://bugzilla.suse.com/show_bug.cgi?id=1261581 * https://bugzilla.suse.com/show_bug.cgi?id=1261582 * https://bugzilla.suse.com/show_bug.cgi?id=1261584 * https://bugzilla.suse.com/show_bug.cgi?id=1261601 * https://bugzilla.suse.com/show_bug.cgi?id=1261602 * https://bugzilla.suse.com/show_bug.cgi?id=1261618 * https://bugzilla.suse.com/show_bug.cgi?id=1261628 * https://bugzilla.suse.com/show_bug.cgi?id=1261632 * https://bugzilla.suse.com/show_bug.cgi?id=1261636 * https://bugzilla.suse.com/show_bug.cgi?id=1261638 * https://bugzilla.suse.com/show_bug.cgi?id=1261641 * https://bugzilla.suse.com/show_bug.cgi?id=1261644 * https://bugzilla.suse.com/show_bug.cgi?id=1261645 * https://bugzilla.suse.com/show_bug.cgi?id=1261648 * https://bugzilla.suse.com/show_bug.cgi?id=1261679 * https://bugzilla.suse.com/show_bug.cgi?id=1261685 * https://bugzilla.suse.com/show_bug.cgi?id=1261686 * https://bugzilla.suse.com/show_bug.cgi?id=1261687 * https://bugzilla.suse.com/show_bug.cgi?id=1261692 * https://bugzilla.suse.com/show_bug.cgi?id=1261694 * https://bugzilla.suse.com/show_bug.cgi?id=1261700 * https://bugzilla.suse.com/show_bug.cgi?id=1261703 * https://bugzilla.suse.com/show_bug.cgi?id=1261707 * https://bugzilla.suse.com/show_bug.cgi?id=1261710 * https://bugzilla.suse.com/show_bug.cgi?id=1261713 * https://bugzilla.suse.com/show_bug.cgi?id=1261719 * https://bugzilla.suse.com/show_bug.cgi?id=1261750 * https://bugzilla.suse.com/show_bug.cgi?id=1261751 * https://bugzilla.suse.com/show_bug.cgi?id=1261752 * https://bugzilla.suse.com/show_bug.cgi?id=1261768 * https://bugzilla.suse.com/show_bug.cgi?id=1261778 * https://bugzilla.suse.com/show_bug.cgi?id=1261779 * https://bugzilla.suse.com/show_bug.cgi?id=1261781 * https://bugzilla.suse.com/show_bug.cgi?id=1261789 * https://bugzilla.suse.com/show_bug.cgi?id=1261796 * https://bugzilla.suse.com/show_bug.cgi?id=1261797 * https://bugzilla.suse.com/show_bug.cgi?id=1261896 * https://bugzilla.suse.com/show_bug.cgi?id=1262020 * https://bugzilla.suse.com/show_bug.cgi?id=1262053 * https://bugzilla.suse.com/show_bug.cgi?id=1262054 * https://bugzilla.suse.com/show_bug.cgi?id=1262055 * https://bugzilla.suse.com/show_bug.cgi?id=1262061 * https://bugzilla.suse.com/show_bug.cgi?id=1262063 * https://bugzilla.suse.com/show_bug.cgi?id=1262074 * https://bugzilla.suse.com/show_bug.cgi?id=1262078 * https://bugzilla.suse.com/show_bug.cgi?id=1262086 * https://bugzilla.suse.com/show_bug.cgi?id=1262087 * https://bugzilla.suse.com/show_bug.cgi?id=1262099 * https://bugzilla.suse.com/show_bug.cgi?id=1262100 * https://bugzilla.suse.com/show_bug.cgi?id=1262101 * https://bugzilla.suse.com/show_bug.cgi?id=1262179 * https://bugzilla.suse.com/show_bug.cgi?id=1262181 * https://bugzilla.suse.com/show_bug.cgi?id=1262602 * https://bugzilla.suse.com/show_bug.cgi?id=1262616 * https://bugzilla.suse.com/show_bug.cgi?id=1262665 * https://bugzilla.suse.com/show_bug.cgi?id=1262671 * https://bugzilla.suse.com/show_bug.cgi?id=1262673 * https://bugzilla.suse.com/show_bug.cgi?id=1262725 * https://bugzilla.suse.com/show_bug.cgi?id=1262731 * https://bugzilla.suse.com/show_bug.cgi?id=1262734 * https://bugzilla.suse.com/show_bug.cgi?id=1262746 * https://bugzilla.suse.com/show_bug.cgi?id=1262752 * https://bugzilla.suse.com/show_bug.cgi?id=1262758 * https://bugzilla.suse.com/show_bug.cgi?id=1263001 * https://bugzilla.suse.com/show_bug.cgi?id=1263012 * https://bugzilla.suse.com/show_bug.cgi?id=1263064 * https://bugzilla.suse.com/show_bug.cgi?id=1263065 * https://bugzilla.suse.com/show_bug.cgi?id=1263085 * https://bugzilla.suse.com/show_bug.cgi?id=1263093 * https://bugzilla.suse.com/show_bug.cgi?id=1263095 * https://bugzilla.suse.com/show_bug.cgi?id=1263104 * https://bugzilla.suse.com/show_bug.cgi?id=1263131 * https://bugzilla.suse.com/show_bug.cgi?id=1263140 * https://bugzilla.suse.com/show_bug.cgi?id=1263141 * https://bugzilla.suse.com/show_bug.cgi?id=1263149 * https://bugzilla.suse.com/show_bug.cgi?id=1263165 * https://bugzilla.suse.com/show_bug.cgi?id=1263170 * https://bugzilla.suse.com/show_bug.cgi?id=1263176 * https://bugzilla.suse.com/show_bug.cgi?id=1263556 * https://bugzilla.suse.com/show_bug.cgi?id=1263582 * https://bugzilla.suse.com/show_bug.cgi?id=1263592 * https://bugzilla.suse.com/show_bug.cgi?id=1263593 * https://bugzilla.suse.com/show_bug.cgi?id=1263595 * https://bugzilla.suse.com/show_bug.cgi?id=1263596 * https://bugzilla.suse.com/show_bug.cgi?id=1263600 * https://bugzilla.suse.com/show_bug.cgi?id=1263668 * https://bugzilla.suse.com/show_bug.cgi?id=1263723 * https://bugzilla.suse.com/show_bug.cgi?id=1263797 * https://bugzilla.suse.com/show_bug.cgi?id=1263815 * https://bugzilla.suse.com/show_bug.cgi?id=1263882 * https://bugzilla.suse.com/show_bug.cgi?id=1263901 * https://bugzilla.suse.com/show_bug.cgi?id=1263931 * https://bugzilla.suse.com/show_bug.cgi?id=1263933 * https://bugzilla.suse.com/show_bug.cgi?id=1263995 * https://bugzilla.suse.com/show_bug.cgi?id=1264014 * https://bugzilla.suse.com/show_bug.cgi?id=1264059 * https://bugzilla.suse.com/show_bug.cgi?id=1264082 * https://bugzilla.suse.com/show_bug.cgi?id=1264087 * https://bugzilla.suse.com/show_bug.cgi?id=1264097 * https://bugzilla.suse.com/show_bug.cgi?id=1264183 * https://bugzilla.suse.com/show_bug.cgi?id=1264427 * https://bugzilla.suse.com/show_bug.cgi?id=1264469 * https://bugzilla.suse.com/show_bug.cgi?id=1264482 * https://bugzilla.suse.com/show_bug.cgi?id=1264634 * https://bugzilla.suse.com/show_bug.cgi?id=1264651 * https://bugzilla.suse.com/show_bug.cgi?id=1264661 * https://bugzilla.suse.com/show_bug.cgi?id=1264674 * https://bugzilla.suse.com/show_bug.cgi?id=1264801 * https://bugzilla.suse.com/show_bug.cgi?id=1264848 * https://bugzilla.suse.com/show_bug.cgi?id=1265085 * https://bugzilla.suse.com/show_bug.cgi?id=1265090 * https://bugzilla.suse.com/show_bug.cgi?id=1265116 * https://bugzilla.suse.com/show_bug.cgi?id=1265119 * https://bugzilla.suse.com/show_bug.cgi?id=1265126 * https://bugzilla.suse.com/show_bug.cgi?id=1265144 * https://bugzilla.suse.com/show_bug.cgi?id=1265308 * https://bugzilla.suse.com/show_bug.cgi?id=1265421 * https://bugzilla.suse.com/show_bug.cgi?id=1265449 * https://bugzilla.suse.com/show_bug.cgi?id=1265456 * https://bugzilla.suse.com/show_bug.cgi?id=1265626 * https://bugzilla.suse.com/show_bug.cgi?id=1265846 * https://bugzilla.suse.com/show_bug.cgi?id=1265960 * https://jira.suse.com/browse/PED-7249 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 17:05:47 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 17:05:47 -0000 Subject: SUSE-SU-2026:21876-1: important: Security update for the Linux Kernel Message-ID: <178041994798.42.3117187017345937212@b0da085613fb> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:21876-1 Release Date: 2026-05-29T17:37:36Z Rating: important References: * bsc#1215199 * bsc#1234634 * bsc#1243603 * bsc#1248754 * bsc#1253122 * bsc#1253754 * bsc#1254518 * bsc#1256863 * bsc#1257631 * bsc#1258518 * bsc#1258718 * bsc#1258826 * bsc#1258849 * bsc#1258850 * bsc#1258854 * bsc#1258855 * bsc#1258856 * bsc#1258857 * bsc#1258961 * bsc#1259186 * bsc#1259199 * bsc#1259222 * bsc#1259484 * bsc#1259485 * bsc#1259535 * bsc#1259799 * bsc#1259806 * bsc#1259857 * bsc#1259868 * bsc#1259869 * bsc#1259873 * bsc#1259878 * bsc#1260010 * bsc#1260012 * bsc#1260018 * bsc#1260468 * bsc#1260483 * bsc#1260484 * bsc#1260485 * bsc#1260489 * bsc#1260501 * bsc#1260504 * bsc#1260505 * bsc#1260507 * bsc#1260522 * bsc#1260523 * bsc#1260526 * bsc#1260528 * bsc#1260529 * bsc#1260530 * bsc#1260531 * bsc#1260532 * bsc#1260533 * bsc#1260536 * bsc#1260537 * bsc#1260538 * bsc#1260541 * bsc#1260546 * bsc#1260549 * bsc#1260551 * bsc#1260552 * bsc#1260553 * bsc#1260555 * bsc#1260561 * bsc#1260566 * bsc#1260572 * bsc#1260581 * bsc#1260728 * bsc#1260729 * bsc#1260731 * bsc#1260800 * bsc#1260811 * bsc#1261020 * bsc#1261287 * bsc#1261295 * bsc#1261348 * bsc#1261503 * bsc#1261504 * bsc#1261581 * bsc#1261582 * bsc#1261584 * bsc#1261601 * bsc#1261602 * bsc#1261618 * bsc#1261628 * bsc#1261632 * bsc#1261636 * bsc#1261638 * bsc#1261641 * bsc#1261644 * bsc#1261645 * bsc#1261648 * bsc#1261679 * bsc#1261685 * bsc#1261686 * bsc#1261687 * bsc#1261692 * bsc#1261694 * bsc#1261700 * bsc#1261703 * bsc#1261707 * bsc#1261710 * bsc#1261713 * bsc#1261719 * bsc#1261750 * bsc#1261751 * bsc#1261752 * bsc#1261768 * bsc#1261778 * bsc#1261779 * bsc#1261781 * bsc#1261789 * bsc#1261796 * bsc#1261797 * bsc#1261896 * bsc#1262020 * bsc#1262053 * bsc#1262054 * bsc#1262055 * bsc#1262061 * bsc#1262063 * bsc#1262074 * bsc#1262078 * bsc#1262086 * bsc#1262087 * bsc#1262099 * bsc#1262100 * bsc#1262101 * bsc#1262179 * bsc#1262181 * bsc#1262602 * bsc#1262616 * bsc#1262665 * bsc#1262671 * bsc#1262673 * bsc#1262725 * bsc#1262731 * bsc#1262734 * bsc#1262746 * bsc#1262752 * bsc#1262758 * bsc#1263001 * bsc#1263012 * bsc#1263064 * bsc#1263065 * bsc#1263085 * bsc#1263093 * bsc#1263095 * bsc#1263104 * bsc#1263131 * bsc#1263140 * bsc#1263141 * bsc#1263149 * bsc#1263165 * bsc#1263170 * bsc#1263176 * bsc#1263556 * bsc#1263582 * bsc#1263592 * bsc#1263593 * bsc#1263595 * bsc#1263596 * bsc#1263600 * bsc#1263668 * bsc#1263723 * bsc#1263797 * bsc#1263815 * bsc#1263882 * bsc#1263901 * bsc#1263931 * bsc#1263933 * bsc#1263995 * bsc#1264014 * bsc#1264059 * bsc#1264082 * bsc#1264087 * bsc#1264097 * bsc#1264183 * bsc#1264427 * bsc#1264469 * bsc#1264482 * bsc#1264634 * bsc#1264651 * bsc#1264661 * bsc#1264674 * bsc#1264801 * bsc#1264848 * bsc#1265085 * bsc#1265090 * bsc#1265116 * bsc#1265119 * bsc#1265126 * bsc#1265144 * bsc#1265308 * bsc#1265421 * bsc#1265449 * bsc#1265456 * bsc#1265626 * bsc#1265846 * bsc#1265960 * jsc#PED-7249 Cross-References: * CVE-2023-20585 * CVE-2025-40219 * CVE-2025-71183 * CVE-2025-71238 * CVE-2026-23168 * CVE-2026-23209 * CVE-2026-23236 * CVE-2026-23237 * CVE-2026-23239 * CVE-2026-23240 * CVE-2026-23245 * CVE-2026-23246 * CVE-2026-23253 * CVE-2026-23260 * CVE-2026-23264 * CVE-2026-23266 * CVE-2026-23268 * CVE-2026-23269 * CVE-2026-23271 * CVE-2026-23273 * CVE-2026-23276 * CVE-2026-23279 * CVE-2026-23290 * CVE-2026-23291 * CVE-2026-23298 * CVE-2026-23300 * CVE-2026-23306 * CVE-2026-23307 * CVE-2026-23308 * CVE-2026-23312 * CVE-2026-23313 * CVE-2026-23315 * CVE-2026-23318 * CVE-2026-23321 * CVE-2026-23324 * CVE-2026-23325 * CVE-2026-23336 * CVE-2026-23339 * CVE-2026-23340 * CVE-2026-23346 * CVE-2026-23351 * CVE-2026-23357 * CVE-2026-23362 * CVE-2026-23363 * CVE-2026-23365 * CVE-2026-23367 * CVE-2026-23368 * CVE-2026-23370 * CVE-2026-23372 * CVE-2026-23373 * CVE-2026-23374 * CVE-2026-23378 * CVE-2026-23382 * CVE-2026-23391 * CVE-2026-23392 * CVE-2026-23393 * CVE-2026-23396 * CVE-2026-23397 * CVE-2026-23399 * CVE-2026-23403 * CVE-2026-23404 * CVE-2026-23405 * CVE-2026-23406 * CVE-2026-23407 * CVE-2026-23408 * CVE-2026-23409 * CVE-2026-23410 * CVE-2026-23411 * CVE-2026-23420 * CVE-2026-23426 * CVE-2026-23434 * CVE-2026-23440 * CVE-2026-23441 * CVE-2026-23442 * CVE-2026-23443 * CVE-2026-23446 * CVE-2026-23447 * CVE-2026-23448 * CVE-2026-23449 * CVE-2026-23450 * CVE-2026-23452 * CVE-2026-23455 * CVE-2026-23456 * CVE-2026-23457 * CVE-2026-23458 * CVE-2026-23460 * CVE-2026-23461 * CVE-2026-23462 * CVE-2026-23463 * CVE-2026-23465 * CVE-2026-23468 * CVE-2026-23472 * CVE-2026-23473 * CVE-2026-23474 * CVE-2026-23475 * CVE-2026-31389 * CVE-2026-31393 * CVE-2026-31400 * CVE-2026-31402 * CVE-2026-31403 * CVE-2026-31404 * CVE-2026-31405 * CVE-2026-31407 * CVE-2026-31408 * CVE-2026-31411 * CVE-2026-31412 * CVE-2026-31415 * CVE-2026-31416 * CVE-2026-31417 * CVE-2026-31420 * CVE-2026-31421 * CVE-2026-31422 * CVE-2026-31423 * CVE-2026-31424 * CVE-2026-31425 * CVE-2026-31426 * CVE-2026-31427 * CVE-2026-31428 * CVE-2026-31436 * CVE-2026-31449 * CVE-2026-31470 * CVE-2026-31488 * CVE-2026-31494 * CVE-2026-31496 * CVE-2026-31504 * CVE-2026-31505 * CVE-2026-31507 * CVE-2026-31512 * CVE-2026-31515 * CVE-2026-31519 * CVE-2026-31525 * CVE-2026-31528 * CVE-2026-31533 * CVE-2026-31550 * CVE-2026-31565 * CVE-2026-31570 * CVE-2026-31586 * CVE-2026-31588 * CVE-2026-31602 * CVE-2026-31607 * CVE-2026-31622 * CVE-2026-31649 * CVE-2026-31656 * CVE-2026-31662 * CVE-2026-31668 * CVE-2026-31669 * CVE-2026-31675 * CVE-2026-31679 * CVE-2026-31681 * CVE-2026-31682 * CVE-2026-31684 * CVE-2026-31685 * CVE-2026-31694 * CVE-2026-31700 * CVE-2026-31738 * CVE-2026-31787 * CVE-2026-43009 * CVE-2026-43025 * CVE-2026-43027 * CVE-2026-43037 * CVE-2026-43038 * CVE-2026-43044 * CVE-2026-43050 * CVE-2026-43060 * CVE-2026-43088 * CVE-2026-43110 * CVE-2026-43120 * CVE-2026-43126 * CVE-2026-43190 * CVE-2026-43214 * CVE-2026-43265 * CVE-2026-43329 * CVE-2026-43330 * CVE-2026-43334 * CVE-2026-43365 * CVE-2026-43366 * CVE-2026-43419 * CVE-2026-43437 * CVE-2026-43441 * CVE-2026-43494 * CVE-2026-43503 CVSS scores: * CVE-2023-20585 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2023-20585 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2023-20585 ( NVD ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-40219 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40219 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-71183 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71183 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71238 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-71238 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-71238 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23168 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23168 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23168 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23209 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23209 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23236 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23236 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23236 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2026-23236 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23237 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23237 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23239 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23239 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23240 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23245 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23245 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23245 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23246 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23253 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23253 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23260 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23260 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23260 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23264 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23264 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23266 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23266 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23266 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23268 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23268 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23269 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23269 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23269 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23271 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23271 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23273 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23276 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23276 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23279 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23279 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23279 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23290 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23290 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23290 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23291 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23291 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23298 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23298 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23298 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23300 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23300 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23300 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23306 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23306 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H * CVE-2026-23306 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23307 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23308 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23308 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23312 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23312 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23312 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23313 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23315 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23315 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23318 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23318 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23321 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23321 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23321 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23324 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23324 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23324 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23325 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23325 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23336 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23336 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23339 ( SUSE ): 2.3 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23339 ( SUSE ): 3.1 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23339 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23340 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23340 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23340 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23346 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23346 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23346 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23357 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23357 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23357 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23362 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23363 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23365 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23365 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23365 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23367 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-23367 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-23367 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23368 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23368 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23368 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23370 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23370 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23372 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23372 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23373 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23373 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23374 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23374 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23374 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23378 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23378 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23378 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23378 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23382 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23382 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23382 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23391 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23391 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23392 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23393 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23396 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23396 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23396 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23397 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23397 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23397 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23399 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23399 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23399 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23403 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23403 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23404 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23406 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23406 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23407 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23407 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23407 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23408 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23409 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23409 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23410 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23410 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23411 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23420 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23426 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23426 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23426 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23434 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23434 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23434 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23434 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23440 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23440 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23440 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23440 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23441 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23441 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23442 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23442 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23442 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23443 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23443 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23443 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23446 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23446 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23446 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23447 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23447 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23448 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23448 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23448 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23450 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23452 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23452 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23452 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23455 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23455 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23455 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23456 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23456 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-23456 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23457 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23457 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23457 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23458 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23458 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23458 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23460 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23460 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23460 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23461 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23461 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23461 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23462 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23463 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23463 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2026-23463 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23465 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2026-23465 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2026-23465 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23468 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23472 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23472 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23472 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23473 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23473 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23474 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23474 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23474 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23475 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23475 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23475 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31389 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31389 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31389 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31393 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31393 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31393 ( NVD ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31400 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31400 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31400 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31402 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31402 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-31402 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31403 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31404 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31404 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31404 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31405 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31405 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31407 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31407 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31407 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31408 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31408 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31408 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31411 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31411 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31411 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31412 ( SUSE ): 7.0 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31412 ( SUSE ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31412 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31415 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31415 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31415 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31416 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31416 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-31416 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31417 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31417 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31417 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31420 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31421 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31421 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31421 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31422 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31422 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31422 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31423 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31423 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31423 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31424 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31424 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31424 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31425 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31425 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31426 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31426 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-31426 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31427 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-31427 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2026-31427 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31428 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31428 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31428 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31436 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31436 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31436 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31449 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-31470 ( SUSE ): 6.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31470 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31470 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31488 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31488 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31488 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31494 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-31494 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2026-31494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31496 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31496 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31496 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31504 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31504 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31504 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31505 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31507 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31512 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31512 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-31512 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31515 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31515 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31515 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31519 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31519 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31525 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31525 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31525 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31528 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31528 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31528 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31533 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31550 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31550 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31550 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31565 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31565 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31565 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31570 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:N/SA:N * CVE-2026-31570 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31586 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31588 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-31602 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31602 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31602 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31607 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31607 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2026-31607 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31622 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31622 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31622 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31649 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31656 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31662 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31662 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31662 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31668 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-31668 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2026-31668 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31669 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31675 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31675 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2026-31675 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31679 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31679 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31679 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31681 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31681 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31681 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31682 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31682 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31682 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31684 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31684 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-31684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31685 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31685 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31685 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31694 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31694 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31694 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31700 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31738 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43009 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-43027 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43027 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43038 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43038 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43044 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43044 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43044 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43050 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43060 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43060 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43088 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-43088 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-43110 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43110 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43110 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43120 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43126 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43190 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43190 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43190 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43214 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43214 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43214 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43265 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43265 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43265 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43329 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43329 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43329 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43330 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43330 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43330 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43334 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-43334 ( SUSE ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-43334 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43365 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43365 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43365 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43366 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43366 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43366 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43419 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-43419 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-43437 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43437 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43441 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43441 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43494 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43494 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43503 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43503 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43503 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves 181 vulnerabilities, contains one feature and has 19 fixes can now be installed. ## Description: The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 RT kernel was updated to fix various security issues The following security issues were fixed: * CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1 (bsc#1243603). * CVE-2025-71183: btrfs: always detect conflicting inodes when logging inode refs (bsc#1257631). * CVE-2026-23168: flex_proportions: make fprop_new_period() hardirq safe (bsc#1258826). * CVE-2026-23239: espintcp: Fix race condition in espintcp_close() (bsc#1259485). * CVE-2026-23240: tls: Fix race condition in tls_sw_cancel_work_tx() (bsc#1259484). * CVE-2026-23245: net/sched: act_gate: snapshot parameters with RCU on replace (bsc#1259799). * CVE-2026-23271: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race (bsc#1260018). * CVE-2026-23276: net: move dev_xmit_recursion() helpers to net/core/dev.h (bsc#1260012). * CVE-2026-23300: net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop (bsc#1260538). * CVE-2026-23306: scsi: pm8001: Fix use-after-free in pm8001_queue_command() (bsc#1260501). * CVE-2026-23313: i40e: Fix preempt count leak in napi poll tracepoint (bsc#1260555). * CVE-2026-23321: mptcp: pm: in-kernel: always mark signal+subflow endp as used (bsc#1260505). * CVE-2026-23340: net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs (bsc#1260523). * CVE-2026-23346: mm/ioremap: define generic_ioremap_prot() and generic_iounmap() (bsc#1260529). * CVE-2026-23351: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase (bsc#1260526). * CVE-2026-23368: net: phy: register phy led_triggers during probe to avoid AB-BA deadlock (bsc#1260530). * CVE-2026-23374: blktrace: fix __this_cpu_read/write in preemptible context (bsc#1260811). * CVE-2026-23378: net/sched: act_ife: Fix metalist update behavior (bsc#1260546). * CVE-2026-23391: netfilter: xt_CT: drop pending enqueued packets on template removal (bsc#1260566). * CVE-2026-23392: netfilter: nf_tables: release flowtable after rcu grace period on error (bsc#1260531). * CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260522). * CVE-2026-23397: nfnetlink_osf: validate individual option lengths in fingerprints (bsc#1260728). * CVE-2026-23399: nf_tables: nft_dynset: fix possible stateful expression memleak in error path (bsc#1261020). * CVE-2026-23440: net/mlx5e: Fix race condition during IPSec ESN update (bsc#1261641). * CVE-2026-23441: net/mlx5e: Prevent concurrent access to IPSec ASO context (bsc#1261768). * CVE-2026-23442: ipv6: add NULL checks for idev in SRv6 paths (bsc#1261581). * CVE-2026-23449: net/sched: teql: Fix double-free in teql_master_xmit (bsc#1261779). * CVE-2026-23450: net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock() (bsc#1261584). * CVE-2026-23455: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() (bsc#1261687). * CVE-2026-23456: netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case (bsc#1261703). * CVE-2026-23457: netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp() (bsc#1261686). * CVE-2026-23458: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() (bsc#1261781). * CVE-2026-23461: Bluetooth: L2CAP: Fix use-after-free in l2cap_unregister_user (bsc#1261707). * CVE-2026-23462: Bluetooth: HIDP: Fix possible UAF (bsc#1261710). * CVE-2026-23468: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion (bsc#1261692). * CVE-2026-23472: serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN (bsc#1261636). * CVE-2026-23473: io_uring/poll: fix multishot recv missing EOF on wakeup race (bsc#1261694). * CVE-2026-31400: sunrpc: fix cache_request leak in cache_release (bsc#1261645). * CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (bsc#1261638). * CVE-2026-31403: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd (bsc#1261796). * CVE-2026-31404: xfs: avoid dereferencing log items after push callbacks (bsc#1261628). * CVE-2026-31407: netfilter: conntrack: add missing netlink policy validations (bsc#1261632). * CVE-2026-31411: net: atm: fix crash due to unvalidated vcc pointer in sigd_send() (bsc#1261752). * CVE-2026-31415: ipv6: avoid overflows in ip6_datagram_send_ctl() (bsc#1262099). * CVE-2026-31416: netfilter: nfnetlink_log: account for netlink header size (bsc#1262100). * CVE-2026-31420: bridge: mrp: reject zero test interval to avoid OOM panic (bsc#1262055). * CVE-2026-31421: net/sched: cls_fw: fix NULL pointer dereference on shared blocks (bsc#1262061). * CVE-2026-31422: net/sched: cls_flow: fix NULL pointer dereference on shared blocks (bsc#1262054). * CVE-2026-31423: net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() (bsc#1262063). * CVE-2026-31424: netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP (bsc#1262053). * CVE-2026-31425: rds: ib: reject FRMR registration before IB connection is established (bsc#1262074). * CVE-2026-31427: netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp (bsc#1262086). * CVE-2026-31428: netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD (bsc#1262087). * CVE-2026-31436: dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() (bsc#1262602). * CVE-2026-31449: ext4: validate p_idx bounds in ext4_ext_correct_indexes (bsc#1262616). * CVE-2026-31470: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (bsc#1262665). * CVE-2026-31488: drm/amd/display: Do not skip unrelated mode changes in DSC validation (bsc#1262746). * CVE-2026-31494: net: cadence: macb: Synchronize stats calculations (bsc#1262671). * CVE-2026-31496: netfilter: nf_conntrack_expect: skip expectations in other netns via proc (bsc#1262673). * CVE-2026-31504: net: fix fanout UAF in packet_release() via NETDEV_UP race (bsc#1263085). * CVE-2026-31505: iavf: fix out-of-bounds writes in iavf_get_ethtool_stats() (bsc#1263093). * CVE-2026-31507: net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer (bsc#1263095). * CVE-2026-31512: Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv() (bsc#1262734). * CVE-2026-31515: af_key: validate families in pfkey_send_migrate() (bsc#1262752). * CVE-2026-31519: btrfs: set BTRFS_ROOT_ORPHAN_CLEANUP during subvol create (bsc#1263012). * CVE-2026-31525: bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN (bsc#1262725). * CVE-2026-31528: perf: Make sure to use pmu_ctx->pmu for groups (bsc#1263001). * CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (bsc#1262758). * CVE-2026-31550: pmdomain: bcm: bcm2835-power: Increase ASB control timeout (bsc#1263104). * CVE-2026-31565: RDMA/irdma: Fix deadlock during netdev reset with active connections (bsc#1263064). * CVE-2026-31570: can: gw: fix OOB heap access in cgw_csum_crc8_rel() (bsc#1263065). * CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (bsc#1263176). * CVE-2026-31588: KVM: x86: Use scratch field in MMIO fragment to hold small write values (bsc#1263165). * CVE-2026-31602: ALSA: ctxfi: Limit PTP to a single page (bsc#1263723). * CVE-2026-31607: usbip: validate number_of_packets in usbip_pack_ret_submit() (bsc#1263600). * CVE-2026-31622: NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (bsc#1263797). * CVE-2026-31649: net: stmmac: fix integer underflow in chain mode (bsc#1263582). * CVE-2026-31656: drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (bsc#1263170). * CVE-2026-31662: tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG (bsc#1263131). * CVE-2026-31668: seg6: separate dst_cache for input and output paths in seg6 lwtunnel (bsc#1263140). * CVE-2026-31669: mptcp: fix slab-use-after-free in __inet_lookup_established (bsc#1263141). * CVE-2026-31675: net/sched: sch_netem: fix out-of-bounds access in packet corruption (bsc#1263556). * CVE-2026-31679: openvswitch: validate MPLS set/set_masked payload length (bsc#1263592). * CVE-2026-31681: netfilter: xt_multiport: validate range encoding in checkentry (bsc#1263593). * CVE-2026-31682: bridge: br_nd_send: linearize skb before parsing ND options (bsc#1263595). * CVE-2026-31684: net: sched: act_csum: validate nested VLAN headers (bsc#1263596). * CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263668). * CVE-2026-31694: fuse: reject oversized dirents in page cache (bsc#1263901). * CVE-2026-31700: net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (bsc#1263882). * CVE-2026-31738: vxlan: validate ND option lengths in vxlan_na_create (bsc#1264059). * CVE-2026-31787: xen/privcmd: fix double free via VMA splitting (bsc#1262181). * CVE-2026-43009: bpf: Fix incorrect pruning due to atomic fetch precision tracking (bsc#1264014). * CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new expectations (bsc#1263931). * CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect cleanup (bsc#1263933). * CVE-2026-43037: ip6_tunnel: clear skb2->cb in ip4ip6_err() (bsc#1263995). * CVE-2026-43038: ipv6: icmp: clear skb2->cb in ip6_err_gen_icmpv6_unreach() (bsc#1264097). * CVE-2026-43044: crypto: caam - fix DMA corruption on long hmac keys (bsc#1264087). * CVE-2026-43050: atm: lec: fix use-after-free in sock_def_readable() (bsc#1264082). * CVE-2026-43060: netfilter: nft_ct: drop pending enqueued packets on removal (bsc#1264183). * CVE-2026-43088: net: af_key: zero aligned sockaddr tail in PF_KEY exports (bsc#1264469). * CVE-2026-43110: wifi: brcmfmac: validate bsscfg indices in IF events (bsc#1264482). * CVE-2026-43120: RDMA/irdma: Fix double free related to rereg_user_mr. * CVE-2026-43126: ALSA: mixer: oss: Add card disconnect checkpoints (bsc#1264634). * CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264848). * CVE-2026-43214: KVM: x86: Add SRCU protection for reading PDPTRs in __get_sregs2() (bsc#1264651). * CVE-2026-43265: KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block() (bsc#1264427). * CVE-2026-43329: netfilter: flowtable: strictly check for maximum number of actions (bsc#1265085). * CVE-2026-43330: crypto: caam - fix overflow on long hmac keys (bsc#1264801). * CVE-2026-43334: Bluetooth: SMP: force responder MITM requirements before building the pairing response (bsc#1265090). * CVE-2026-43365: xfs: fix undersized l_iclog_roundoff values (bsc#1265119). * CVE-2026-43366: io_uring/kbuf: check if target buffer list is still legacy on recycle (bsc#1265116). * CVE-2026-43419: ceph: fix memory leaks in ceph_mdsc_build_path() (bsc#1264661). * CVE-2026-43437: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (bsc#1265126). * CVE-2026-43441: net: bonding: Fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1264674). * CVE-2026-43494: net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * CVE-2026-43503: net: skbuff: propagate shared-frag marker through frag- transfer helpers (bsc#1265960). The following non security issues were fixed: * accel/qaic: Add overflow check to remap_pfn_range during mmap (git-fixes). * ACPI: AGDI: fix missing newline in error message (git-fixes). * ACPI: CPPC: Fix related_cpus inconsistency during CPU hotplug (git-fixes). * ACPI: scan: Use acpi_dev_put() in object add error paths (git-fixes). * ACPI: video: force native backlight on HP OMEN 16 (8A44) (stable-fixes). * ALSA: 6fire: Fix input volume change detection (git-fixes). * ALSA: 6fire: fix use-after-free on disconnect (git-fixes). * ALSA: aoa: i2sbus: clear stale prepared state (git-fixes). * ALSA: aoa: i2sbus: fix OF node lifetime handling (git-fixes). * ALSA: aoa: Skip devices with no codecs in i2sbus_resume() (git-fixes). * ALSA: aoa: Use guard() for mutex locks (stable-fixes). * ALSA: asihpi: avoid write overflow check warning (stable-fixes). * ALSA: caiaq: Don't abort when no input device is available (git-fixes). * ALSA: caiaq: Fix control_put() result and cache rollback (git-fixes). * ALSA: caiaq: Fix potentially leftover ep1_in_urb at error path (git-fixes). * ALSA: caiaq: fix usb_dev refcount leak on probe failure (git-fixes). * ALSA: caiaq: Handle probe errors properly (git-fixes). * ALSA: caiaq: take a reference on the USB device in create_card() (git- fixes). * ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names() (git-fixes). * ALSA: core: Fix potential data race at fasync handling (git-fixes). * ALSA: core: Serialize deferred fasync state checks (git-fixes). * ALSA: core: Validate compress device numbers without dynamic minors (git- fixes). * ALSA: ctxfi: Add fallback to default RSR for S/PDIF (git-fixes). * ALSA: ctxfi: Fix missing SPDIFI1 index handling (stable-fixes). * ALSA: ctxfi: Limit PTP to a single page (git-fixes). * ALSA: firewire-tascam: Do not drop unread control events (git-fixes). * ALSA: fireworks: bound device-supplied status before string array lookup (git-fixes). * ALSA: hda/realtek - fixed speaker no sound update (git-fixes). * ALSA: hda/realtek: Add HP ENVY Laptop 13-ba0xxx quirk (stable-fixes). * ALSA: hda/realtek: Add mute LED quirk for HP Pavilion 15-eg0xxx (stable- fixes). * ALSA: hda/realtek: Add quirk for ASUS ROG Flow Z13-KJP GZ302EAC (stable- fixes). * ALSA: hda/realtek: add quirk for Framework F111:000F (stable-fixes). * ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14IAH10 (stable-fixes). * ALSA: hda/realtek: fix code style (ERROR: else should follow close brace '}') (git-fixes). * ALSA: misc: Use guard() for spin locks (stable-fixes). * ALSA: scarlett2: Add missing sentinel initializer field (git-fixes). * ALSA: seq: Notify client and port info changes (stable-fixes). * ALSA: seq_oss: return full count for successful SEQ_FULLSIZE writes (stable- fixes). * ALSA: usb-audio: apply quirk for MOONDROP JU Jiu (stable-fixes). * ALSA: usb-audio: Avoid false E-MU sample-rate notifications (git-fixes). * ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3() (git- fixes). * ALSA: usb-audio: Evaluate packsize caps at the right place (git-fixes). * ALSA: usb-audio: Fix Audio Advantage Micro II SPDIF switch (git-fixes). * ALSA: usb-audio: Fix potential leak of pd at parsing UAC3 streams (git- fixes). * ALSA: usb-audio: Fix quirk flags for NeuralDSP Quad Cortex (stable-fixes). * ALSA: usb-audio: Fix UAC3 cluster descriptor size check (git-fixes). * ALSA: usb-audio: midi2: Restart output URBs on resume (git-fixes). * ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES (git-fixes). * ASoC: amd: yc: Add DMI entry for HP Laptop 15-fc0xxx (stable-fixes). * ASoC: amd: yc: Add DMI quirk for ASUS EXPERTBOOK BM1403CDA (stable-fixes). * ASoC: amd: yc: Add DMI quirk for Thin A15 B7VF (stable-fixes). * ASoC: amd: yc: Add HP OMEN Gaming Laptop 16-ap0xxx product line in quirk table (stable-fixes). * ASoC: codecs: ab8500: Fix casting of private data (git-fixes). * ASoC: cs35l56: Destroy workqueue in probe error path (git-fixes). * ASoC: cs35l56: Don't use devres to unregister component (git-fixes). * ASoC: fsl_easrc: Change the type for iec958 channel status controls (git- fixes). * ASoC: fsl_easrc: Check the variable range in fsl_easrc_iec958_put_bits() (git-fixes). * ASoC: fsl_easrc: fix comment typo (git-fixes). * ASoC: fsl_easrc: Fix value type in fsl_easrc_iec958_get_bits() (git-fixes). * ASoC: fsl_micfil: Add access property for "VAD Detected" (git-fixes). * ASoC: fsl_micfil: Fix event generation in hwvad_put_enable() (git-fixes). * ASoC: fsl_micfil: Fix event generation in hwvad_put_init_mode() (git-fixes). * ASoC: fsl_micfil: Fix event generation in micfil_put_dc_remover_state() (git-fixes). * ASoC: fsl_micfil: Fix event generation in micfil_quality_set() (git-fixes). * ASoC: fsl_xcvr: Fix event generation for cached controls (git-fixes). * ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_arc_mode_put() (git-fixes). * ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_mode_put() (git-fixes). * ASoC: Intel: bytcr_wm5102: Fix MCLK leak on platform_clock_control error (git-fixes). * ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens (git-fixes). * ASoC: qcom: q6apm: move component registration to unmanaged version (git- fixes). * ASoC: qcom: q6apm: remove child devices when apm is removed (git-fixes). * ASoC: qcom: qdsp6: topology: check widget type before accessing data (git- fixes). * ASoC: soc-core: call missing INIT_LIST_HEAD() for card_aux_list (stable- fixes). * ASoC: SOF: compress: return the configured codec from get_params (git- fixes). * ASoC: SOF: Don't allow pointer operations on unconfigured streams (git- fixes). * ASoC: SOF: Intel: hda: Place check before dereference (git-fixes). * ASoC: SOF: topology: reject invalid vendor array size in token parser (stable-fixes). * ASoC: sti: Return errors from regmap_field_alloc() (git-fixes). * ASoC: sti: use managed regmap_field allocations (git-fixes). * ASoC: stm32_sai: fix incorrect BCLK polarity for DSP_A/B, LEFT_J (stable- fixes). * ata: ahci: force 32-bit DMA for JMicron JMB582/JMB585 (stable-fixes). * batman-adv: bla: only purge non-released claims (git-fixes). * batman-adv: bla: prevent use-after-free when deleting claims (git-fixes). * batman-adv: bla: put backbone reference on failed claim hash insert (git- fixes). * batman-adv: fix integer overflow on buff_pos (git-fixes). * batman-adv: hold claim backbone gateways by reference (git-fixes). * batman-adv: reject new tp_meter sessions during teardown (git-fixes). * batman-adv: reject oversized global TT response buffers (git-fixes). * batman-adv: stop caching unowned originator pointers in BAT IV (git-fixes). * Bluetooth: bnep: fix incorrect length parsing in bnep_rx_frame() extension handling (git-fixes). * Bluetooth: fix locking in hci_conn_request_evt() with HCI_PROTO_DEFER (git- fixes). * Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt (git-fixes). * Bluetooth: hci_event: fix potential UAF in SSP passkey handlers (git-fixes). * Bluetooth: hci_ldisc: Clear HCI_UART_PROTO_INIT on error (git-fixes). * Bluetooth: HIDP: serialise l2cap_unregister_user via hidp_session_sem (git- fixes). * Bluetooth: ISO: Fix data-race on dst in iso_sock_connect() (git-fixes). * Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp (git- fixes). * Bluetooth: l2cap: fix MPS check in l2cap_ecred_reconf_req (git-fixes). * Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb() (git- fixes). * Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_state_change_cb() (git- fixes). * Bluetooth: L2CAP: Fix printing wrong information if SDU length exceeds MTU (git-fixes). * Bluetooth: RFCOMM: pull credit byte with skb_pull_data() (git-fixes). * Bluetooth: SCO: check for codecs->num_codecs == 1 before assigning to sco_pi(sk)->codec (git-fixes). * Bluetooth: SCO: fix sleeping under spinlock in sco_conn_ready (git-fixes). * Bluetooth: SCO: hold sk properly in sco_conn_ready (git-fixes). * Bluetooth: virtio_bt: clamp rx length before skb_put (git-fixes). * Bluetooth: virtio_bt: validate rx pkt_type header length (git-fixes). * btrfs: do not skip logging new dentries when logging a new name (git-fixes). * btrfs: reject root items with drop_progress and zero drop_level (git-fixes). * btrfs: replace BUG() with error handling in __btrfs_balance() (git-fixes). * can: mcp251x: add error handling for power enable in open and resume (stable-fixes). * can: raw: fix ro->uniq use-after-free in raw_rcv() (git-fixes). * can: ucan: fix devres lifetime (git-fixes). * cdc-acm: new quirk for EPSON HMD (stable-fixes). * check-for-config-changes: Exclude CC_MS_EXTENSIONS. * check-for-config-changes: Exclude HAVE_CFI_ICALL_NORMALIZE_INTEGERS{,_RUSTC}. * checkpatch: add support for Assisted-by tag (stable-fixes). * comedi: dt2815: add hardware detection to prevent crash (stable-fixes). * crypto: algif_aead - Fix minimum RX size check for decryption (git-fixes). * crypto: arm64/aes - Fix 32-bit aes_mac_update() arg treated as 64-bit (git- fixes). * crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup (git- fixes). * crypto: atmel-ecc - Release client on allocation failure (git-fixes). * crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path (git-fixes). * crypto: atmel-tdes - fix DMA sync direction (git-fixes). * crypto: authencesn - reject short ahash digests during instance creation (git-fixes). * crypto: ccp - copy IV using skcipher ivsize (git-fixes). * crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed (git-fixes). * crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed (git-fixes). * crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed (git-fixes). * crypto: ccree - fix a memory leak in cc_mac_digest() (git-fixes). * crypto: hisilicon - Fix dma_unmap_single() direction (git-fixes). * crypto: jitterentropy - replace long-held spinlock with mutex (git-fixes). * crypto: pcrypt - Fix handling of MAY_BACKLOG requests (git-fixes). * crypto: qat - fix type mismatch in RAS sysfs show functions (git-fixes). * crypto: qat - use swab32 macro (git-fixes). * crypto: sa2ul - Fix AEAD fallback algorithm names (git-fixes). * crypto: simd - reject compat registrations without __ prefixes (git-fixes). * crypto: talitos - fix SEC1 32k ahash request limitation (git-fixes). * crypto: testmgr - Hide ENOENT errors (stable-fixes). * crypto: testmgr - Hide ENOENT errors better (git-fixes). * devres: fix missing node debug info in devm_krealloc() (git-fixes). * dm init: ensure device probing has finished in dm-mod.waitfor= (git-fixes). * dmaengine: dw-axi-dmac: Remove unnecessary return statement from void function (git-fixes). * dmaengine: mxs-dma: Fix missing return value from of_dma_controller_register() (git-fixes). * drm/amd/display: Add NULL check for integrated_info in clk_mgr_construct (git-fixes). * drm/amd/display: Allow DCE link encoder without AUX registers (git-fixes). * drm/amd/display: Avoid NULL dereference in dc_dmub_srv error paths (git- fixes). * drm/amd/display: Disable 10-bit truncation and dithering on DCE 6.x (git- fixes). * drm/amd/display: Read EDID from VBIOS embedded panel info (git-fixes). * drm/amd/pm/ci: Clear EnabledForActivity field for memory levels (git-fixes). * drm/amd/pm/ci: Disable MCLK DPM on problematic CI ASICs (git-fixes). * drm/amd/pm/ci: Fill DW8 fields from SMC (git-fixes). * drm/amd/pm/ci: Fix powertune defaults for Hawaii 0x67B0 (git-fixes). * drm/amd/pm/ci: Use highest MCLK on CI when MCLK DPM is disabled (git-fixes). * drm/amd/pm/smu7: Add SCLK cap for quirky Hawaii board (git-fixes). * drm/amd/pm/smu7: Fix SMU7 voltage dependency on display clock (git-fixes). * drm/amdgpu/gfx6: Support harvested SI chips with disabled TCCs (v2) (git- fixes). * drm/amdgpu/gfx9: drop unnecessary 64-bit fence flag check in KIQ (stable- fixes). * drm/amdgpu/gfx10: look at the right prop for gfx queue priority (git-fixes). * drm/amdgpu/gmc: Fix AMDGPU_GART_PLACEMENT_LOW to not overlap with VRAM (git- fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v2.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v2.5 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v3.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.3 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.5 ring (git-fixes). * drm/amdgpu/pm: add missing revision check for CI (git-fixes). * drm/amdgpu/pm: align Hawaii mclk workaround with radeon (git-fixes). * drm/amdgpu/sdma4: replace BUG_ON with WARN_ON in fence emission (git-fixes). * drm/amdgpu/vce: Prevent partial address patches (stable-fixes). * drm/amdgpu/vcn3: Avoid overflow on msg bound check (git-fixes). * drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg (stable-fixes). * drm/amdgpu/vcn4: Avoid overflow on msg bound check (git-fixes). * drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg (stable-fixes). * drm/amdgpu/vcn4: Prevent OOB reads when parsing IB (stable-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v2.0 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v2.5 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v3.0 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0.3 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0.5 enc ring (git-fixes). * drm/amdgpu: Add bounds checking to ib_{get,set}_value (stable-fixes). * drm/amdgpu: fix AMDGPU_INFO_READ_MMR_REG (git-fixes). * drm/amdgpu: fix zero-size GDS range init on RDNA4 (stable-fixes). * drm/amdgpu: zero-initialize GART table on allocation (stable-fixes). * drm/amdkfd: Add upper bound check for num_of_nodes (stable-fixes). * drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure (stable- fixes). * drm/amdkfd: validate SVM ioctl nattr against buffer size (stable-fixes). * drm/arcpgu: fix device node leak (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Add mode_valid hook to drm_bridge_funcs (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Handle HDCP state in bridge atomic check (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Set the mhdp connector earlier in atomic_enable() (git-fixes). * drm/etnaviv: Fix armed job not being pushed to the DRM scheduler (git- fixes). * drm/fb-helper: Fix clipping when damage area spans a single scanline (git- fixes). * drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() (git-fixes). * drm/gma500/oaktrail_hdmi: fix i2c adapter leak on setup (git-fixes). * drm/gma500/oaktrail_lvds: fix hang on init failure (git-fixes). * drm/gma500/oaktrail_lvds: fix i2c adapter leaks on init (git-fixes). * drm/i915/dp: Fix VSC dynamic range signaling for RGB formats (git-fixes). * drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (git- fixes). * drm/i915/wm: Verify the correct plane DDB entry (git-fixes). * drm/i915: skip __i915_request_skip() for already signaled requests (git- fixes). * drm/komeda: fix integer overflow in AFBC framebuffer size check (git-fixes). * drm/msm/a6xx: Fix dumping A650+ debugbus blocks (git-fixes). * drm/msm/a6xx: Fix HLSQ register dumping (git-fixes). * drm/msm/a6xx: Use barriers while updating HFI Q headers (git-fixes). * drm/msm/dpu: fix mismatch between power and frequency (git-fixes). * drm/msm/dsi: add the missing parameter description (git-fixes). * drm/msm/dsi: fix bits_per_pclk (git-fixes). * drm/msm/dsi: fix hdisplay calculation for CMD mode panel (git-fixes). * drm/msm/dsi: rename MSM8998 DSI version from V2_2_0 to V2_0_0 (git-fixes). * drm/msm/shrinker: Fix can_block() logic (git-fixes). * drm/nouveau: fix u32 overflow in pushbuf reloc bounds check (git-fixes). * drm/panel: sharp-ls043t1le01: make use of prepare_prev_first (git-fixes). * drm/panel: simple: Correct G190EAN01 prepare timing (git-fixes). * drm/panfrost: Fix wait_bo ioctl leaking positive return from dma_resv_wait_timeout() (git-fixes). * drm/radeon: add missing revision check for CI (git-fixes). * drm/sun4i: backend: fix error pointer dereference (git-fixes). * drm/sun4i: Fix resource leaks (git-fixes). * drm/vc4: Fix a memory leak in hang state error path (git-fixes). * drm/vc4: Fix memory leak of BO array in hang state (git-fixes). * drm/vc4: platform_get_irq_byname() returns an int (stable-fixes). * drm/vc4: Protect madv read in vc4_gem_object_mmap() with madv_lock (git- fixes). * drm/vc4: Release runtime PM reference after binding V3D (git-fixes). * drm/vram: remove DRM_VRAM_MM_FILE_OPERATIONS from docs (git-fixes). * dt-bindings: net: Fix Tegra234 MGBE PTP clock (git-fixes). * efi/capsule-loader: fix incorrect sizeof in phys array reallocation (git- fixes). * efi: pstore: Drop efivar lock when efi_pstore_open() returns with an error (git-fixes). * ext4: fix fsync(2) for nojournal mode (git-fixes). * ext4: make recently_deleted() properly work with lazy itable initialization (git-fixes). * ext4: reject mount if bigalloc with s_first_data_block != 0 (git-fixes). * extcon: ptn5150: handle pending IRQ events during system resume (git-fixes). * fbdev: matroxfb: Mark variable with __maybe_unused to avoid W=1 build break (git-fixes). * fbdev: offb: fix PCI device reference leak on probe failure (git-fixes). * fbdev: tdfxfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (stable-fixes). * fbdev: udlfb: add vm_ops to dlfb_ops_mmap to prevent use-after-free (stable- fixes). * fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (git-fixes). * firmware: dmi: Correct an indexing error in dmi.h (git-fixes). * gpio: tegra: fix irq_release_resources calling enable instead of disable (git-fixes). * gtp: disable BH before calling udp_tunnel_xmit_skb() (git-fixes). * HID: alps: fix NULL pointer dereference in alps_raw_event() (git-fixes). * HID: asus: do not abort probe when not necessary (git-fixes). * HID: asus: make asus_resume adhere to linux kernel coding standards (git- fixes). * HID: core: clamp report_size in s32ton() to avoid undefined shift (stable- fixes). * HID: multitouch: Check to ensure report responses match the request (stable- fixes). * HID: playstation: Clamp num_touch_reports (git-fixes). * HID: quirks: add HID_QUIRK_ALWAYS_POLL for 8BitDo Pro 3 (stable-fixes). * HID: roccat: fix use-after-free in roccat_report_event (stable-fixes). * HID: usbhid: fix deadlock in hid_post_reset() (git-fixes). * HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq (stable-fixes). * hv_sock: fix ARM64 support (git-fixes). * hwmon: (ads7871) Fix endianness bug in 16-bit register reads (git-fixes). * hwmon: (corsair-psu) Close HID device on probe errors (git-fixes). * hwmon: (lm63) Add locking to avoid TOCTOU (git-fixes). * hwmon: (ltc2992) Clamp threshold writes to hardware range (git-fixes). * hwmon: (ltc2992) Fix u32 overflow in power read path (git-fixes). * i2c: s3c24xx: check the size of the SMBUS message before using it (stable- fixes). * i2c: smbus: reject oversized block transfers in the common path (git-fixes). * i2c: stm32f7: reinit_completion() per transfer not per msg (git-fixes). * i2c: stub: Reject I2C block transfers with invalid length (git-fixes). * i3c: master: Fix error codes at send_ccc_cmd (git-fixes). * i3c: mipi-i3c-hci: fix IBI payload length calculation for final status (git- fixes). * ibmveth: Disable GSO for packets with small MSS (bsc#1265144). * ice: set max queues in alloc_etherdev_mqs() (git-fixes). * iio: adc: ad7768-1: fix one-shot mode data acquisition (git-fixes). * iio: adc: ti-adc161s626: use DMA-safe memory for spi_read() (git-fixes). * iio: adc: ti-ads7950: use iio_push_to_buffers_with_ts_unaligned() (git- fixes). * Input: i8042 - add TUXEDO InfinityBook Max 16 Gen10 AMD to i8042 quirk table (stable-fixes). * Input: uinput - fix circular locking dependency with ff-core (git-fixes). * Input: uinput - take event lock when submitting FF request "event" (stable- fixes). * Input: xpad - add support for BETOP BTP-KP50B/C controller's wireless mode (stable-fixes). * Input: xpad - add support for Razer Wolverine V3 Pro (stable-fixes). * ipmi: Add limits to event and receive message requests (git-fixes). * ipmi: Check event message buffer response for bad data (git-fixes). * ipmi: ssif_bmc: change log level to dbg in irq callback (git-fixes). * ipmi: ssif_bmc: fix message desynchronization after truncated response (git- fixes). * ipmi: ssif_bmc: fix missing check for copy_to_user() partial failure (git- fixes). * irqchip/irq-pic32-evic: Address warning related to wrong printf() formatter (git-fixes). * kdump, documentation: describe craskernel CMA reservation (jsc#PED-7249). * KVM: Reject wrapped offset in kvm_reset_dirty_gfn() (git-fixes). * KVM: SVM: Mark VMCB_NPT as dirty on nested VMRUN (git-fixes). * KVM: SVM: Mark VMCB_PERM_MAP as dirty on nested VMRUN (git-fixes). * KVM: x86/mmu: Retry fault before acquiring mmu_lock if mapping is changing (bsc#1253122). * KVM: x86/xen: Fix cleanup logic in emulation of Xen schedop poll hypercalls (git-fixes). * KVM: x86: check for nEPT/nNPT in slow flush hypercalls (git-fixes). * KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (git- fixes). * KVM: x86: hyper-v: Validate all GVAs during PV TLB flush (git-fixes). * KVM: x86: Ignore cpuid faulting in SMM (git-fixes). * leds: lgm-sso: Remove duplicate assignments for priv->mmap (git-fixes). * lib/hexdump: print_hex_dump_bytes() calls print_hex_dump_debug() (git- fixes). * media: amphion: Fix race between m2m job_abort and device_run (git-fixes). * media: as102: fix to not free memory after the device is registered in as102_usb_probe() (git-fixes). * media: dib8000: avoid division by 0 in dib8000_set_dds() (git-fixes). * media: em28xx: fix use-after-free in em28xx_v4l2_open() (git-fixes). * media: hackrf: fix to not free memory after the device is registered in hackrf_probe() (git-fixes). * media: i2c: imx219: Check return value of devm_gpiod_get_optional() in imx219_probe() (git-fixes). * media: i2c: imx412: Assert reset GPIO during probe (git-fixes). * media: i2c: ov08d10: fix image vertical start setting (git-fixes). * media: i2c: ov8856: free control handler on error in ov8856_init_controls() (git-fixes). * media: mtk-jpeg: fix use-after-free in release path due to uncancelled work (git-fixes). * media: omap3isp: drop the use count of v4l2 pipeline (git-fixes). * media: pci: zoran: fix potential memory leak in zoran_probe() (git-fixes). * media: rc: streamzap: Error handling in probe (git-fixes). * media: rc: xbox_remote: heed DMA restrictions (git-fixes). * media: saa7164: add ioremap return checks and cleanups (git-fixes). * media: staging: imx: configure src_mux in csi_start (git-fixes). * media: staging: imx: request mbus_config in csi_start (git-fixes). * media: uvcvideo: Enable VB2_DMABUF for metadata stream (git-fixes). * media: videobuf2: Set vma_flags in vb2_dma_sg_mmap (git-fixes). * media: vidtv: fix nfeeds state corruption on start_streaming failure (git- fixes). * media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections (git-fixes). * media: vidtv: fix pass-by-value structs causing MSAN warnings (git-fixes). * memory: tegra30-emc: Fix dll_change check (git-fixes). * memory: tegra124-emc: Fix dll_change check (git-fixes). * mfd: mc13xxx-core: Fix memory leak in mc13xxx_add_subdevice_pdata() (git- fixes). * mkspec: Add signature to source list only when it exists. * mmc: sdhci-of-dwcmshc: Disable clock before DLL configuration (git-fixes). * mmc: vub300: fix NULL-deref on disconnect (git-fixes). * modpost: Amend ppc64 save/restfpr symnames for -Os build (bsc#1215199). * mtd: docg3: Convert to platform remove callback returning void (stable- fixes). * mtd: docg3: fix use-after-free in docg3_release() (git-fixes). * mtd: parsers: ofpart: call of_node_get() for dedicated subpartitions (git- fixes). * mtd: parsers: ofpart: call of_node_put() only in ofpart_fail path (git- fixes). * mtd: physmap_of_gemini: Fix disabled pinctrl state check (git-fixes). * mtd: rawnand: sunxi: fix sunxi_nfc_hw_ecc_read_extra_oob (git-fixes). * mtd: spi-nor: core: correct the op.dummy.nbytes when check read operations (git-fixes). * mtd: spi-nor: sst: Factor out common write operation to `sst_nor_write_data()` (stable-fixes). * mtd: spi-nor: sst: Fix SST write failure (git-fixes). * mtd: spi-nor: sst: Fix write enable before AAI sequence (git-fixes). * mtd: spi-nor: swp: check SR_TB flag when getting tb_mask (git-fixes). * net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * net/sched: cls_fw: fix NULL dereference of "old" filters before change() (git-fixes). * net/sched: fix pedit partial COW leading to page cache corruption (bsc#1265421). * net: gro: don't merge zcopy skbs (git-fixes). * net: mana: Add MAC address to vPort logs and clarify error messages (git- fixes). * net: mana: check xdp_rxq registration before unreg in mana_destroy_rxq() (git-fixes). * net: mana: Don't overwrite port probe error with add_adev result (git- fixes). * net: mana: Fix crash from unvalidated SHM offset read from BAR0 during FLR (bsc#1265846). * net: mana: Fix EQ leak in mana_remove on NULL port (git-fixes). * net: mana: Fix RX skb truesize accounting (bsc#1248754). * net: mana: fix use-after-free in mana_hwc_destroy_channel() by reordering teardown (git-fixes). * net: mana: Guard mana_remove against double invocation (git-fixes). * net: mana: hardening: Validate adapter_mtu from MANA_QUERY_DEV_CONFIG (git- fixes). * net: mana: hardening: Validate doorbell ID from GDMA_REGISTER_DEVICE response (git-fixes). * net: mana: Init gf_stats_work before potential error paths in probe (git- fixes). * net: mana: Init link_change_work before potential error paths in probe (git- fixes). * net: mana: remove double CQ cleanup in mana_create_rxq error path (git- fixes). * net: mana: Set default number of queues to 16 (bsc#1261648). * net: mana: Skip WQ object destruction for uninitialized RXQ (git-fixes). * net: mana: Use at least SZ_4K in doorbell ID range check (git-fixes). * net: mana: Use pci_name() for debugfs directory naming (git-fixes). * net: phy: dp83869: fix setting CLK_O_SEL field (git-fixes). * net: stmmac: Fix PTP ref clock for Tegra234 (git-fixes). * net: usb: asix: ax88772: re-add usbnet_link_change() in phylink callbacks (git-fixes). * net: usb: cdc-phonet: fix skb frags[] overflow in rx_complete() (git-fixes). * net: usb: rtl8150: fix use-after-free in rtl8150_start_xmit() (git-fixes). * net: usb: rtl8150: free skb on usb_submit_urb() failure in xmit (git-fixes). * net: wan: fsl_ucc_hdlc: fix ucc_hdlc_remove (git-fixes). * net: wan: fsl_ucc_hdlc: fix uhdlc_memclean (git-fixes). * net: wan: fsl_ucc_hdlc: free tx_skbuff in uhdlc_memclean (git-fixes). * NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (git- fixes). * nfc: llcp: add missing return after LLCP_CLOSED checks (git-fixes). * nfc: pn533: allocate rx skb before consuming bytes (git-fixes). * nfc: s3fwrn5: allocate rx skb before consuming bytes (git-fixes). * NFC: trf7970a: Ignore antenna noise when checking for RF field (git-fixes). * nvmet-tcp: propagate nvmet_tcp_build_pdu_iovec() errors to its callers (git- fixes). * ocfs2: fix possible deadlock between unlink and dio_end_io_write (bsc#1258718). * ocfs2: split transactions in dio completion to avoid credit exhaustion (bsc#1258718). * PCI/AER: Clear only error bits in PCIe Device Status (git-fixes). * PCI/AER: Stop ruling out unbound devices as error source (git-fixes). * PCI: dwc: Apply ECRC workaround to DesignWare 5.00a as well (git-fixes). * PCI: Enable AtomicOps only if Root Port supports them (git-fixes). * PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown (git-fixes). * PCI: hv: Set default NUMA node to 0 for devices without affinity info (git- fixes). * PCI: mediatek-gen3: Prevent leaking IRQ domains when IRQ not found (git- fixes). * PCI: tegra194: Allow system suspend when the Endpoint link is not up (git- fixes). * PCI: tegra194: Disable direct speed change for Endpoint mode (git-fixes). * PCI: tegra194: Disable LTSSM after transition to Detect on surprise link down (git-fixes). * PCI: tegra194: Disable PERST# IRQ only in Endpoint mode (git-fixes). * PCI: tegra194: Fix polling delay for L2 state (git-fixes). * PCI: tegra194: Increase LTSSM poll time on surprise link down (git-fixes). * PCI: tegra194: Set LTR message request before PCIe link up in Endpoint mode (git-fixes). * PCI: tegra194: Use devm_gpiod_get_optional() to parse "nvidia,refclk-select" (git-fixes). * PCI: tegra194: Use DWC IP core version (git-fixes). * pinctrl: abx500: Fix type of 'argument' variable (git-fixes). * pinctrl: Fix spelling problem (git-fixes). * pinctrl: intel: Fix the revision for new features (1kOhm PD, HW debouncer) (stable-fixes). * pinctrl: pic32: change all cases of bare 'unsigned' to 'unsigned int' (git- fixes). * pinctrl: pic32: use consistent spacing around '+' (git-fixes). * pinctrl: pinctrl-pic32: Fix resource leak (git-fixes). * platform/chrome: chromeos_tbmc: Drop wakeup source on remove (git-fixes). * platform/surface: surfacepro3_button: Drop wakeup source on remove (git- fixes). * platform/x86/amd: pmc: Add Thinkpad L14 Gen3 to quirk_s2idle_bug (stable- fixes). * platform/x86: dell-wmi-sysman: bound enumeration string aggregation (git- fixes). * platform/x86: dell_rbu: avoid uninit value usage in packet_size_write() (git-fixes). * platform/x86: hp-wmi: Ignore backlight and FnLock events (stable-fixes). * platform/x86: panasonic-laptop: Fix OPTD notifier registration and cleanup (git-fixes). * power: supply: axp288_charger: Do not cancel work before initializing it (git-fixes). * power: supply: max17042: avoid overflow when determining health (git-fixes). * powerpc/crash: fix backup region offset update to elfcorehdr (bsc#1259535). * RDMA/mana: Fix error unwind in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Fix mana_destroy_wq_obj() cleanup in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Validate rx_hash_key_len (git-fixes). * RDMA/mana_ib: cleanup the usage of mana_gd_send_request() (git-fixes). * RDMA/mana_ib: Disable RX steering on RSS QP destroy (git-fixes). * RDMA/mana_ib: Support memory windows (git-fixes). * regulator: act8945a: fix OF node reference imbalance (git-fixes). * regulator: bd9571mwv: fix OF node reference imbalance (git-fixes). * regulator: max77650: fix OF node reference imbalance (git-fixes). * regulator: mt6357: fix OF node reference imbalance (git-fixes). * remoteproc: xlnx: Only access buffer information if IPI is buffered (git- fixes). * Revert "ALSA: usb: Increase volume range that triggers a warning" (git- fixes). * rtc: abx80x: Disable alarm feature if no interrupt attached (git-fixes). * rtc: ntxec: fix OF node reference imbalance (git-fixes). * sched/balancing: Switch the 'DEFINE_SPINLOCK(balancing)' spinlock into an 'atomic_t sched_balance_running' flag (bsc#1253754). * sched/fair: Change likelyhood of nohz.nr_cpus (bsc#1234634 bsc#1258961). * sched/fair: Have SD_SERIALIZE affect newidle balancing (bsc#1253754). * sched/fair: Move checking for nohz cpus after time check (bsc#1234634 bsc#1258961). * sched/fair: Remove nohz.nr_cpus and use weight of cpumask instead (bsc#1234634 bsc#1258961). * sched/fair: Skip sched_balance_running cmpxchg when balance is not due (bsc#1253754). * scsi: storvsc: Handle PERSISTENT_RESERVE_IN truncation for Hyper-V vFC (git- fixes). * scsi: target: iscsi: validate CHAP_R length before base64 decode (bsc#1265449). * soc/tegra: cbb: Set ERD on resume for err interrupt (git-fixes). * soc: qcom: aoss: compare against normalized cooling state (git-fixes). * soc: qcom: llcc: fix v1 SB syndrome register offset (git-fixes). * sound: ua101: fix division by zero at probe (git-fixes). * soundwire: bus: demote UNATTACHED state warnings to dev_dbg() (git-fixes). * soundwire: cadence: Clear message complete before signaling waiting thread (git-fixes). * spi: at91-usart: fix controller deregistration (git-fixes). * spi: atmel: fix controller deregistration (git-fixes). * spi: cadence: fix controller deregistration (git-fixes). * spi: fix controller cleanup() documentation (git-fixes). * spi: fix misleading controller deregistration kernel-doc (git-fixes). * spi: fix misleading controller registration kernel-doc (git-fixes). * spi: fsl-qspi: Use reinit_completion() for repeated operations (git-fixes). * spi: hisi-kunpeng: prevent infinite while() loop in hisi_spi_flush_fifo (git-fixes). * spi: imx: fix runtime pm leak on probe deferral (git-fixes). * spi: imx: fix use-after-free on unbind (git-fixes). * spi: microchip-core-qspi: fix controller deregistration (git-fixes). * spi: microchip-core-qspi: Use helper function devm_clk_get_enabled() (stable-fixes). * spi: mpc52xx: fix use-after-free on unbind (git-fixes). * spi: mtk-nor: fix controller deregistration (git-fixes). * spi: mtk-snfi: unregister ECC engine on probe failure and remove() callback (git-fixes). * spi: omap2-mcspi: fix controller deregistration (git-fixes). * spi: orion: fix clock imbalance on registration failure (git-fixes). * spi: orion: fix runtime pm leak on unbind (git-fixes). * spi: rockchip: fix controller deregistration (git-fixes). * spi: rspi: fix controller deregistration (git-fixes). * spi: sh-hspi: fix controller deregistration (git-fixes). * spi: spi-ti-qspi: Convert to platform remove callback returning void (stable-fixes). * spi: sprd: fix controller deregistration (git-fixes). * spi: sun4i: fix controller deregistration (git-fixes). * spi: sun4i: switch to use modern name (stable-fixes). * spi: syncuacer: fix controller deregistration (git-fixes). * spi: synquacer: switch to use modern name (stable-fixes). * spi: uniphier: fix controller deregistration (git-fixes). * spi: uniphier: Simplify clock handling with devm_clk_get_enabled() (stable- fixes). * spi: uniphier: switch to use modern name (stable-fixes). * spi: zynq-qspi: switch to use modern name (stable-fixes). * spi: zynqmp-gqspi: fix controller deregistration (git-fixes). * staging: media: atomisp: Disallow all private IOCTLs (git-fixes). * staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify() (git-fixes). * staging: sm750fb: fix division by zero in ps_to_hz() (git-fixes). * staging: vme_user: added bound check to geoid (stable-fixes). * staging: vme_user: fix root device leak on init failure (git-fixes). * thermal/drivers/spear: Fix error condition for reading st,thermal-flags (git-fixes). * thermal/drivers/sprd: Fix raw temperature clamping in sprd_thm_rawdata_to_temp (git-fixes). * thermal/drivers/sprd: Fix temperature clamping in sprd_thm_temp_to_rawdata (git-fixes). * tpm: avoid -Wunused-but-set-variable (git-fixes). * tpm: tpm_tis: add error logging for data transfer (git-fixes). * tpm: tpm_tis: stop transmit if retries are exhausted (git-fixes). * tty: tty_io: update timestamps on all device nodes (bsc#1262020). * USB: cdc-acm: Add quirks for Yoga Book 9 14IAH10 INGENIC touchscreen (stable-fixes). * usb: chipidea: core: allow ci_irq_handler() handle both ID and VBUS change (git-fixes). * usb: chipidea: otg: not wait vbus drop if use role_switch (git-fixes). * USB: core: add NO_LPM quirk for Razer Kiyo Pro webcam (stable-fixes). * usb: gadget: dummy_hcd: fix premature URB completion when ZLP follows partial transfer (stable-fixes). * usb: gadget: f_ncm: validate minimum block_len in ncm_unwrap_ntb() (git- fixes). * usb: gadget: f_phonet: fix skb frags[] overflow in pn_rx_complete() (stable- fixes). * usb: gadget: f_uac1_legacy: validate control request size (stable-fixes). * usb: gadget: renesas_usb3: validate endpoint index in standard request handlers (git-fixes). * USB: omap_udc: DMA: Don't enable burst 4 mode (git-fixes). * usb: port: add delay after usb_hub_set_port_power() (git-fixes). * usb: quirks: add DELAY_INIT quirk for another Silicon Motion flash drive (stable-fixes). * USB: serial: io_edgeport: add support for Blackbox IC135A (stable-fixes). * USB: serial: option: add MeiG Smart SRM825WN (stable-fixes). * USB: serial: option: add support for Rolling Wireless RW135R-GL (stable- fixes). * USB: serial: option: add Telit Cinterion FN990A MBIM composition (stable- fixes). * USB: serial: option: add Telit Cinterion LE910Cx compositions (stable- fixes). * usb: storage: Expand range of matched versions for VL817 quirks entry (stable-fixes). * usb: ulpi: fix memory leak on ulpi_register() error paths (git-fixes). * usb: usblp: fix heap leak in IEEE 1284 device ID via short response (stable- fixes). * usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl (stable- fixes). * usb: xhci: Make usb_host_endpoint.hcpriv survive endpoint_disable() (git- fixes). * usbip: validate number_of_packets in usbip_pack_ret_submit() (git-fixes). * virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (git- fixes). * virt: tdx-guest: Return error for GetQuote failures (git-fixes). * wifi: ath5k: do not access array OOB (git-fixes). * wifi: ath9k: Fix typo (git-fixes). * wifi: ath11k: Pass the correct value of each TID during a stop AMPDU session (git-fixes). * wifi: ath11k: skip status ring entry processing (stable-fixes). * wifi: ath11k: Use dma_alloc_noncoherent for rx_tid buffer allocation (stable-fixes). * wifi: b43: enforce bounds check on firmware key index in b43_rx() (git- fixes). * wifi: b43legacy: enforce bounds check on firmware key index in RX path (git- fixes). * wifi: brcmfmac: Fix error pointer dereference (git-fixes). * wifi: brcmfmac: validate bsscfg indices in IF events (stable-fixes). * wifi: brcmsmac: Fix dma_free_coherent() size (git-fixes). * wifi: cw1200: Revert "Fix locking in error paths" (git-fixes). * wifi: libertas: notify firmware load wait on disconnect (git-fixes). * wifi: mac80211: check ieee80211_rx_data_set_link return in pubsta MLO path (git-fixes). * wifi: mac80211: drop stray 'static' from fast-RX rx_result (git-fixes). * wifi: mac80211: remove station if connection prep fails (git-fixes). * wifi: mt76: mt792x: describe USB WFSYS reset with a descriptor (stable- fixes). * wifi: mt76: mt792x: fix mt7925u USB WFSYS reset handling (git-fixes). * wifi: mt76: mt7615: fix use_cts_prot support (git-fixes). * wifi: mt76: mt7915: fix use-after-free bugs in mt7915_mac_dump_work() (git- fixes). * wifi: mt76: mt7915: fix use_cts_prot support (git-fixes). * wifi: mt76: mt7921: fix a potential clc buffer length underflow (git-fixes). * wifi: mt76: mt7921: fix ROC abort flow interruption in mt7921_roc_work (git- fixes). * wifi: mt76: mt7921: Reset ampdu_state state in case of failure in mt76_connac2_tx_check_aggr() (git-fixes). * wifi: mt76: mt7925: fix incorrect length field in txpower command (git- fixes). * wifi: mt76: mt7996: fix FCS error flag check in RX descriptor (git-fixes). * wifi: mt76: mt7996: fix struct mt7996_mcu_uni_event (git-fixes). * wifi: mwifiex: Fix memory leak in mwifiex_11n_aggregate_pkt() (git-fixes). * wifi: nl80211: fix NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST usage (git- fixes). * wifi: nl80211: require admin perm on SET_PMK / DEL_PMK (git-fixes). * wifi: rsi: fix kthread lifetime race between self-exit and external-stop (git-fixes). * wifi: rt2x00usb: fix devres lifetime (git-fixes). * wifi: rtlwifi: pci: fix possible use-after-free caused by unfinished irq_prepare_bcn_tasklet (git-fixes). * wifi: rtw88: check for PCI upstream bridge existence (git-fixes). * wifi: rtw88: fix device leak on probe failure (git-fixes). * wifi: rtw89: phy: fix uninitialized variable access in rtw89_phy_cfo_set_crystal_cap() (git-fixes). * wifi: wl1251: validate packet IDs before indexing tx_frames (stable-fixes). * workqueue: Break up enum definitions and give names to the types (bsc#1260522). * workqueue: Clean up enum work_bits and related constants (bsc#1260522). * workqueue: Factor out work_grab_pending() from __cancel_work_sync() (bsc#1260522). * workqueue: Fix UBSAN 'subtraction overflow' error in shift_and_mask() (bsc#1260522). * workqueue: Implement disable/enable for (delayed) work items (bsc#1260522). * workqueue: Introduce work_cancel_flags (bsc#1260522). * workqueue: Make @flags handling consistent across set_work_data() and friends (bsc#1260522). * workqueue: Preserve OFFQ bits in cancel[_sync] paths (bsc#1260522). * workqueue: Rename __cancel_work_timer() to __cancel_timer_sync() (bsc#1260522). * workqueue: Reorganize flush and cancel[_sync] functions (bsc#1260522). * x86/boot/64: Clear most of CR4 in startup_64(), except PAE, MCE and LA57 (git-fixes). * x86/boot/sev: Avoid shared GHCB page for early memory acceptance (git- fixes). * x86/boot: Don't add the EFI stub to targets, again (git-fixes). * x86/boot: Fix page table access in 5-level to 4-level paging transition (git-fixes). * X.509: Fix out-of-bounds access when parsing extensions (git-fixes). * Xarray: do not return sibling entries from xas_find_marked() (bsc#1263815). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-437=1 ## Package List: * SUSE Linux Micro 6.1 (noarch) * kernel-source-rt-6.4.0-47.1 * kernel-devel-rt-6.4.0-47.1 * SUSE Linux Micro 6.1 (aarch64 nosrc x86_64) * kernel-rt-6.4.0-47.1 * SUSE Linux Micro 6.1 (aarch64 x86_64) * kernel-rt-debuginfo-6.4.0-47.1 * kernel-rt-debugsource-6.4.0-47.1 * kernel-rt-devel-6.4.0-47.1 * SUSE Linux Micro 6.1 (x86_64) * kernel-rt-livepatch-6.4.0-47.1 * kernel-rt-devel-debuginfo-6.4.0-47.1 ## References: * https://www.suse.com/security/cve/CVE-2023-20585.html * https://www.suse.com/security/cve/CVE-2025-40219.html * https://www.suse.com/security/cve/CVE-2025-71183.html * https://www.suse.com/security/cve/CVE-2025-71238.html * https://www.suse.com/security/cve/CVE-2026-23168.html * https://www.suse.com/security/cve/CVE-2026-23209.html * https://www.suse.com/security/cve/CVE-2026-23236.html * https://www.suse.com/security/cve/CVE-2026-23237.html * https://www.suse.com/security/cve/CVE-2026-23239.html * https://www.suse.com/security/cve/CVE-2026-23240.html * https://www.suse.com/security/cve/CVE-2026-23245.html * https://www.suse.com/security/cve/CVE-2026-23246.html * https://www.suse.com/security/cve/CVE-2026-23253.html * https://www.suse.com/security/cve/CVE-2026-23260.html * https://www.suse.com/security/cve/CVE-2026-23264.html * https://www.suse.com/security/cve/CVE-2026-23266.html * https://www.suse.com/security/cve/CVE-2026-23268.html * https://www.suse.com/security/cve/CVE-2026-23269.html * https://www.suse.com/security/cve/CVE-2026-23271.html * https://www.suse.com/security/cve/CVE-2026-23273.html * https://www.suse.com/security/cve/CVE-2026-23276.html * https://www.suse.com/security/cve/CVE-2026-23279.html * https://www.suse.com/security/cve/CVE-2026-23290.html * https://www.suse.com/security/cve/CVE-2026-23291.html * https://www.suse.com/security/cve/CVE-2026-23298.html * https://www.suse.com/security/cve/CVE-2026-23300.html * https://www.suse.com/security/cve/CVE-2026-23306.html * https://www.suse.com/security/cve/CVE-2026-23307.html * https://www.suse.com/security/cve/CVE-2026-23308.html * https://www.suse.com/security/cve/CVE-2026-23312.html * https://www.suse.com/security/cve/CVE-2026-23313.html * https://www.suse.com/security/cve/CVE-2026-23315.html * https://www.suse.com/security/cve/CVE-2026-23318.html * https://www.suse.com/security/cve/CVE-2026-23321.html * https://www.suse.com/security/cve/CVE-2026-23324.html * https://www.suse.com/security/cve/CVE-2026-23325.html * https://www.suse.com/security/cve/CVE-2026-23336.html * https://www.suse.com/security/cve/CVE-2026-23339.html * https://www.suse.com/security/cve/CVE-2026-23340.html * https://www.suse.com/security/cve/CVE-2026-23346.html * https://www.suse.com/security/cve/CVE-2026-23351.html * https://www.suse.com/security/cve/CVE-2026-23357.html * https://www.suse.com/security/cve/CVE-2026-23362.html * https://www.suse.com/security/cve/CVE-2026-23363.html * https://www.suse.com/security/cve/CVE-2026-23365.html * https://www.suse.com/security/cve/CVE-2026-23367.html * https://www.suse.com/security/cve/CVE-2026-23368.html * https://www.suse.com/security/cve/CVE-2026-23370.html * https://www.suse.com/security/cve/CVE-2026-23372.html * https://www.suse.com/security/cve/CVE-2026-23373.html * https://www.suse.com/security/cve/CVE-2026-23374.html * https://www.suse.com/security/cve/CVE-2026-23378.html * https://www.suse.com/security/cve/CVE-2026-23382.html * https://www.suse.com/security/cve/CVE-2026-23391.html * https://www.suse.com/security/cve/CVE-2026-23392.html * https://www.suse.com/security/cve/CVE-2026-23393.html * https://www.suse.com/security/cve/CVE-2026-23396.html * https://www.suse.com/security/cve/CVE-2026-23397.html * https://www.suse.com/security/cve/CVE-2026-23399.html * https://www.suse.com/security/cve/CVE-2026-23403.html * https://www.suse.com/security/cve/CVE-2026-23404.html * https://www.suse.com/security/cve/CVE-2026-23405.html * https://www.suse.com/security/cve/CVE-2026-23406.html * https://www.suse.com/security/cve/CVE-2026-23407.html * https://www.suse.com/security/cve/CVE-2026-23408.html * https://www.suse.com/security/cve/CVE-2026-23409.html * https://www.suse.com/security/cve/CVE-2026-23410.html * https://www.suse.com/security/cve/CVE-2026-23411.html * https://www.suse.com/security/cve/CVE-2026-23420.html * https://www.suse.com/security/cve/CVE-2026-23426.html * https://www.suse.com/security/cve/CVE-2026-23434.html * https://www.suse.com/security/cve/CVE-2026-23440.html * https://www.suse.com/security/cve/CVE-2026-23441.html * https://www.suse.com/security/cve/CVE-2026-23442.html * https://www.suse.com/security/cve/CVE-2026-23443.html * https://www.suse.com/security/cve/CVE-2026-23446.html * https://www.suse.com/security/cve/CVE-2026-23447.html * https://www.suse.com/security/cve/CVE-2026-23448.html * https://www.suse.com/security/cve/CVE-2026-23449.html * https://www.suse.com/security/cve/CVE-2026-23450.html * https://www.suse.com/security/cve/CVE-2026-23452.html * https://www.suse.com/security/cve/CVE-2026-23455.html * https://www.suse.com/security/cve/CVE-2026-23456.html * https://www.suse.com/security/cve/CVE-2026-23457.html * https://www.suse.com/security/cve/CVE-2026-23458.html * https://www.suse.com/security/cve/CVE-2026-23460.html * https://www.suse.com/security/cve/CVE-2026-23461.html * https://www.suse.com/security/cve/CVE-2026-23462.html * https://www.suse.com/security/cve/CVE-2026-23463.html * https://www.suse.com/security/cve/CVE-2026-23465.html * https://www.suse.com/security/cve/CVE-2026-23468.html * https://www.suse.com/security/cve/CVE-2026-23472.html * https://www.suse.com/security/cve/CVE-2026-23473.html * https://www.suse.com/security/cve/CVE-2026-23474.html * https://www.suse.com/security/cve/CVE-2026-23475.html * https://www.suse.com/security/cve/CVE-2026-31389.html * https://www.suse.com/security/cve/CVE-2026-31393.html * https://www.suse.com/security/cve/CVE-2026-31400.html * https://www.suse.com/security/cve/CVE-2026-31402.html * https://www.suse.com/security/cve/CVE-2026-31403.html * https://www.suse.com/security/cve/CVE-2026-31404.html * https://www.suse.com/security/cve/CVE-2026-31405.html * https://www.suse.com/security/cve/CVE-2026-31407.html * https://www.suse.com/security/cve/CVE-2026-31408.html * https://www.suse.com/security/cve/CVE-2026-31411.html * https://www.suse.com/security/cve/CVE-2026-31412.html * https://www.suse.com/security/cve/CVE-2026-31415.html * https://www.suse.com/security/cve/CVE-2026-31416.html * https://www.suse.com/security/cve/CVE-2026-31417.html * https://www.suse.com/security/cve/CVE-2026-31420.html * https://www.suse.com/security/cve/CVE-2026-31421.html * https://www.suse.com/security/cve/CVE-2026-31422.html * https://www.suse.com/security/cve/CVE-2026-31423.html * https://www.suse.com/security/cve/CVE-2026-31424.html * https://www.suse.com/security/cve/CVE-2026-31425.html * https://www.suse.com/security/cve/CVE-2026-31426.html * https://www.suse.com/security/cve/CVE-2026-31427.html * https://www.suse.com/security/cve/CVE-2026-31428.html * https://www.suse.com/security/cve/CVE-2026-31436.html * https://www.suse.com/security/cve/CVE-2026-31449.html * https://www.suse.com/security/cve/CVE-2026-31470.html * https://www.suse.com/security/cve/CVE-2026-31488.html * https://www.suse.com/security/cve/CVE-2026-31494.html * https://www.suse.com/security/cve/CVE-2026-31496.html * https://www.suse.com/security/cve/CVE-2026-31504.html * https://www.suse.com/security/cve/CVE-2026-31505.html * https://www.suse.com/security/cve/CVE-2026-31507.html * https://www.suse.com/security/cve/CVE-2026-31512.html * https://www.suse.com/security/cve/CVE-2026-31515.html * https://www.suse.com/security/cve/CVE-2026-31519.html * https://www.suse.com/security/cve/CVE-2026-31525.html * https://www.suse.com/security/cve/CVE-2026-31528.html * https://www.suse.com/security/cve/CVE-2026-31533.html * https://www.suse.com/security/cve/CVE-2026-31550.html * https://www.suse.com/security/cve/CVE-2026-31565.html * https://www.suse.com/security/cve/CVE-2026-31570.html * https://www.suse.com/security/cve/CVE-2026-31586.html * https://www.suse.com/security/cve/CVE-2026-31588.html * https://www.suse.com/security/cve/CVE-2026-31602.html * https://www.suse.com/security/cve/CVE-2026-31607.html * https://www.suse.com/security/cve/CVE-2026-31622.html * https://www.suse.com/security/cve/CVE-2026-31649.html * https://www.suse.com/security/cve/CVE-2026-31656.html * https://www.suse.com/security/cve/CVE-2026-31662.html * https://www.suse.com/security/cve/CVE-2026-31668.html * https://www.suse.com/security/cve/CVE-2026-31669.html * https://www.suse.com/security/cve/CVE-2026-31675.html * https://www.suse.com/security/cve/CVE-2026-31679.html * https://www.suse.com/security/cve/CVE-2026-31681.html * https://www.suse.com/security/cve/CVE-2026-31682.html * https://www.suse.com/security/cve/CVE-2026-31684.html * https://www.suse.com/security/cve/CVE-2026-31685.html * https://www.suse.com/security/cve/CVE-2026-31694.html * https://www.suse.com/security/cve/CVE-2026-31700.html * https://www.suse.com/security/cve/CVE-2026-31738.html * https://www.suse.com/security/cve/CVE-2026-31787.html * https://www.suse.com/security/cve/CVE-2026-43009.html * https://www.suse.com/security/cve/CVE-2026-43025.html * https://www.suse.com/security/cve/CVE-2026-43027.html * https://www.suse.com/security/cve/CVE-2026-43037.html * https://www.suse.com/security/cve/CVE-2026-43038.html * https://www.suse.com/security/cve/CVE-2026-43044.html * https://www.suse.com/security/cve/CVE-2026-43050.html * https://www.suse.com/security/cve/CVE-2026-43060.html * https://www.suse.com/security/cve/CVE-2026-43088.html * https://www.suse.com/security/cve/CVE-2026-43110.html * https://www.suse.com/security/cve/CVE-2026-43120.html * https://www.suse.com/security/cve/CVE-2026-43126.html * https://www.suse.com/security/cve/CVE-2026-43190.html * https://www.suse.com/security/cve/CVE-2026-43214.html * https://www.suse.com/security/cve/CVE-2026-43265.html * https://www.suse.com/security/cve/CVE-2026-43329.html * https://www.suse.com/security/cve/CVE-2026-43330.html * https://www.suse.com/security/cve/CVE-2026-43334.html * https://www.suse.com/security/cve/CVE-2026-43365.html * https://www.suse.com/security/cve/CVE-2026-43366.html * https://www.suse.com/security/cve/CVE-2026-43419.html * https://www.suse.com/security/cve/CVE-2026-43437.html * https://www.suse.com/security/cve/CVE-2026-43441.html * https://www.suse.com/security/cve/CVE-2026-43494.html * https://www.suse.com/security/cve/CVE-2026-43503.html * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1234634 * https://bugzilla.suse.com/show_bug.cgi?id=1243603 * https://bugzilla.suse.com/show_bug.cgi?id=1248754 * https://bugzilla.suse.com/show_bug.cgi?id=1253122 * https://bugzilla.suse.com/show_bug.cgi?id=1253754 * https://bugzilla.suse.com/show_bug.cgi?id=1254518 * https://bugzilla.suse.com/show_bug.cgi?id=1256863 * https://bugzilla.suse.com/show_bug.cgi?id=1257631 * https://bugzilla.suse.com/show_bug.cgi?id=1258518 * https://bugzilla.suse.com/show_bug.cgi?id=1258718 * https://bugzilla.suse.com/show_bug.cgi?id=1258826 * https://bugzilla.suse.com/show_bug.cgi?id=1258849 * https://bugzilla.suse.com/show_bug.cgi?id=1258850 * https://bugzilla.suse.com/show_bug.cgi?id=1258854 * https://bugzilla.suse.com/show_bug.cgi?id=1258855 * https://bugzilla.suse.com/show_bug.cgi?id=1258856 * https://bugzilla.suse.com/show_bug.cgi?id=1258857 * https://bugzilla.suse.com/show_bug.cgi?id=1258961 * https://bugzilla.suse.com/show_bug.cgi?id=1259186 * https://bugzilla.suse.com/show_bug.cgi?id=1259199 * https://bugzilla.suse.com/show_bug.cgi?id=1259222 * https://bugzilla.suse.com/show_bug.cgi?id=1259484 * https://bugzilla.suse.com/show_bug.cgi?id=1259485 * https://bugzilla.suse.com/show_bug.cgi?id=1259535 * https://bugzilla.suse.com/show_bug.cgi?id=1259799 * https://bugzilla.suse.com/show_bug.cgi?id=1259806 * https://bugzilla.suse.com/show_bug.cgi?id=1259857 * https://bugzilla.suse.com/show_bug.cgi?id=1259868 * https://bugzilla.suse.com/show_bug.cgi?id=1259869 * https://bugzilla.suse.com/show_bug.cgi?id=1259873 * https://bugzilla.suse.com/show_bug.cgi?id=1259878 * https://bugzilla.suse.com/show_bug.cgi?id=1260010 * https://bugzilla.suse.com/show_bug.cgi?id=1260012 * https://bugzilla.suse.com/show_bug.cgi?id=1260018 * https://bugzilla.suse.com/show_bug.cgi?id=1260468 * https://bugzilla.suse.com/show_bug.cgi?id=1260483 * https://bugzilla.suse.com/show_bug.cgi?id=1260484 * https://bugzilla.suse.com/show_bug.cgi?id=1260485 * https://bugzilla.suse.com/show_bug.cgi?id=1260489 * https://bugzilla.suse.com/show_bug.cgi?id=1260501 * https://bugzilla.suse.com/show_bug.cgi?id=1260504 * https://bugzilla.suse.com/show_bug.cgi?id=1260505 * https://bugzilla.suse.com/show_bug.cgi?id=1260507 * https://bugzilla.suse.com/show_bug.cgi?id=1260522 * https://bugzilla.suse.com/show_bug.cgi?id=1260523 * https://bugzilla.suse.com/show_bug.cgi?id=1260526 * https://bugzilla.suse.com/show_bug.cgi?id=1260528 * https://bugzilla.suse.com/show_bug.cgi?id=1260529 * https://bugzilla.suse.com/show_bug.cgi?id=1260530 * https://bugzilla.suse.com/show_bug.cgi?id=1260531 * https://bugzilla.suse.com/show_bug.cgi?id=1260532 * https://bugzilla.suse.com/show_bug.cgi?id=1260533 * https://bugzilla.suse.com/show_bug.cgi?id=1260536 * https://bugzilla.suse.com/show_bug.cgi?id=1260537 * https://bugzilla.suse.com/show_bug.cgi?id=1260538 * https://bugzilla.suse.com/show_bug.cgi?id=1260541 * https://bugzilla.suse.com/show_bug.cgi?id=1260546 * https://bugzilla.suse.com/show_bug.cgi?id=1260549 * https://bugzilla.suse.com/show_bug.cgi?id=1260551 * https://bugzilla.suse.com/show_bug.cgi?id=1260552 * https://bugzilla.suse.com/show_bug.cgi?id=1260553 * https://bugzilla.suse.com/show_bug.cgi?id=1260555 * https://bugzilla.suse.com/show_bug.cgi?id=1260561 * https://bugzilla.suse.com/show_bug.cgi?id=1260566 * https://bugzilla.suse.com/show_bug.cgi?id=1260572 * https://bugzilla.suse.com/show_bug.cgi?id=1260581 * https://bugzilla.suse.com/show_bug.cgi?id=1260728 * https://bugzilla.suse.com/show_bug.cgi?id=1260729 * https://bugzilla.suse.com/show_bug.cgi?id=1260731 * https://bugzilla.suse.com/show_bug.cgi?id=1260800 * https://bugzilla.suse.com/show_bug.cgi?id=1260811 * https://bugzilla.suse.com/show_bug.cgi?id=1261020 * https://bugzilla.suse.com/show_bug.cgi?id=1261287 * https://bugzilla.suse.com/show_bug.cgi?id=1261295 * https://bugzilla.suse.com/show_bug.cgi?id=1261348 * https://bugzilla.suse.com/show_bug.cgi?id=1261503 * https://bugzilla.suse.com/show_bug.cgi?id=1261504 * https://bugzilla.suse.com/show_bug.cgi?id=1261581 * https://bugzilla.suse.com/show_bug.cgi?id=1261582 * https://bugzilla.suse.com/show_bug.cgi?id=1261584 * https://bugzilla.suse.com/show_bug.cgi?id=1261601 * https://bugzilla.suse.com/show_bug.cgi?id=1261602 * https://bugzilla.suse.com/show_bug.cgi?id=1261618 * https://bugzilla.suse.com/show_bug.cgi?id=1261628 * https://bugzilla.suse.com/show_bug.cgi?id=1261632 * https://bugzilla.suse.com/show_bug.cgi?id=1261636 * https://bugzilla.suse.com/show_bug.cgi?id=1261638 * https://bugzilla.suse.com/show_bug.cgi?id=1261641 * https://bugzilla.suse.com/show_bug.cgi?id=1261644 * https://bugzilla.suse.com/show_bug.cgi?id=1261645 * https://bugzilla.suse.com/show_bug.cgi?id=1261648 * https://bugzilla.suse.com/show_bug.cgi?id=1261679 * https://bugzilla.suse.com/show_bug.cgi?id=1261685 * https://bugzilla.suse.com/show_bug.cgi?id=1261686 * https://bugzilla.suse.com/show_bug.cgi?id=1261687 * https://bugzilla.suse.com/show_bug.cgi?id=1261692 * https://bugzilla.suse.com/show_bug.cgi?id=1261694 * https://bugzilla.suse.com/show_bug.cgi?id=1261700 * https://bugzilla.suse.com/show_bug.cgi?id=1261703 * https://bugzilla.suse.com/show_bug.cgi?id=1261707 * https://bugzilla.suse.com/show_bug.cgi?id=1261710 * https://bugzilla.suse.com/show_bug.cgi?id=1261713 * https://bugzilla.suse.com/show_bug.cgi?id=1261719 * https://bugzilla.suse.com/show_bug.cgi?id=1261750 * https://bugzilla.suse.com/show_bug.cgi?id=1261751 * https://bugzilla.suse.com/show_bug.cgi?id=1261752 * https://bugzilla.suse.com/show_bug.cgi?id=1261768 * https://bugzilla.suse.com/show_bug.cgi?id=1261778 * https://bugzilla.suse.com/show_bug.cgi?id=1261779 * https://bugzilla.suse.com/show_bug.cgi?id=1261781 * https://bugzilla.suse.com/show_bug.cgi?id=1261789 * https://bugzilla.suse.com/show_bug.cgi?id=1261796 * https://bugzilla.suse.com/show_bug.cgi?id=1261797 * https://bugzilla.suse.com/show_bug.cgi?id=1261896 * https://bugzilla.suse.com/show_bug.cgi?id=1262020 * https://bugzilla.suse.com/show_bug.cgi?id=1262053 * https://bugzilla.suse.com/show_bug.cgi?id=1262054 * https://bugzilla.suse.com/show_bug.cgi?id=1262055 * https://bugzilla.suse.com/show_bug.cgi?id=1262061 * https://bugzilla.suse.com/show_bug.cgi?id=1262063 * https://bugzilla.suse.com/show_bug.cgi?id=1262074 * https://bugzilla.suse.com/show_bug.cgi?id=1262078 * https://bugzilla.suse.com/show_bug.cgi?id=1262086 * https://bugzilla.suse.com/show_bug.cgi?id=1262087 * https://bugzilla.suse.com/show_bug.cgi?id=1262099 * https://bugzilla.suse.com/show_bug.cgi?id=1262100 * https://bugzilla.suse.com/show_bug.cgi?id=1262101 * https://bugzilla.suse.com/show_bug.cgi?id=1262179 * https://bugzilla.suse.com/show_bug.cgi?id=1262181 * https://bugzilla.suse.com/show_bug.cgi?id=1262602 * https://bugzilla.suse.com/show_bug.cgi?id=1262616 * https://bugzilla.suse.com/show_bug.cgi?id=1262665 * https://bugzilla.suse.com/show_bug.cgi?id=1262671 * https://bugzilla.suse.com/show_bug.cgi?id=1262673 * https://bugzilla.suse.com/show_bug.cgi?id=1262725 * https://bugzilla.suse.com/show_bug.cgi?id=1262731 * https://bugzilla.suse.com/show_bug.cgi?id=1262734 * https://bugzilla.suse.com/show_bug.cgi?id=1262746 * https://bugzilla.suse.com/show_bug.cgi?id=1262752 * https://bugzilla.suse.com/show_bug.cgi?id=1262758 * https://bugzilla.suse.com/show_bug.cgi?id=1263001 * https://bugzilla.suse.com/show_bug.cgi?id=1263012 * https://bugzilla.suse.com/show_bug.cgi?id=1263064 * https://bugzilla.suse.com/show_bug.cgi?id=1263065 * https://bugzilla.suse.com/show_bug.cgi?id=1263085 * https://bugzilla.suse.com/show_bug.cgi?id=1263093 * https://bugzilla.suse.com/show_bug.cgi?id=1263095 * https://bugzilla.suse.com/show_bug.cgi?id=1263104 * https://bugzilla.suse.com/show_bug.cgi?id=1263131 * https://bugzilla.suse.com/show_bug.cgi?id=1263140 * https://bugzilla.suse.com/show_bug.cgi?id=1263141 * https://bugzilla.suse.com/show_bug.cgi?id=1263149 * https://bugzilla.suse.com/show_bug.cgi?id=1263165 * https://bugzilla.suse.com/show_bug.cgi?id=1263170 * https://bugzilla.suse.com/show_bug.cgi?id=1263176 * https://bugzilla.suse.com/show_bug.cgi?id=1263556 * https://bugzilla.suse.com/show_bug.cgi?id=1263582 * https://bugzilla.suse.com/show_bug.cgi?id=1263592 * https://bugzilla.suse.com/show_bug.cgi?id=1263593 * https://bugzilla.suse.com/show_bug.cgi?id=1263595 * https://bugzilla.suse.com/show_bug.cgi?id=1263596 * https://bugzilla.suse.com/show_bug.cgi?id=1263600 * https://bugzilla.suse.com/show_bug.cgi?id=1263668 * https://bugzilla.suse.com/show_bug.cgi?id=1263723 * https://bugzilla.suse.com/show_bug.cgi?id=1263797 * https://bugzilla.suse.com/show_bug.cgi?id=1263815 * https://bugzilla.suse.com/show_bug.cgi?id=1263882 * https://bugzilla.suse.com/show_bug.cgi?id=1263901 * https://bugzilla.suse.com/show_bug.cgi?id=1263931 * https://bugzilla.suse.com/show_bug.cgi?id=1263933 * https://bugzilla.suse.com/show_bug.cgi?id=1263995 * https://bugzilla.suse.com/show_bug.cgi?id=1264014 * https://bugzilla.suse.com/show_bug.cgi?id=1264059 * https://bugzilla.suse.com/show_bug.cgi?id=1264082 * https://bugzilla.suse.com/show_bug.cgi?id=1264087 * https://bugzilla.suse.com/show_bug.cgi?id=1264097 * https://bugzilla.suse.com/show_bug.cgi?id=1264183 * https://bugzilla.suse.com/show_bug.cgi?id=1264427 * https://bugzilla.suse.com/show_bug.cgi?id=1264469 * https://bugzilla.suse.com/show_bug.cgi?id=1264482 * https://bugzilla.suse.com/show_bug.cgi?id=1264634 * https://bugzilla.suse.com/show_bug.cgi?id=1264651 * https://bugzilla.suse.com/show_bug.cgi?id=1264661 * https://bugzilla.suse.com/show_bug.cgi?id=1264674 * https://bugzilla.suse.com/show_bug.cgi?id=1264801 * https://bugzilla.suse.com/show_bug.cgi?id=1264848 * https://bugzilla.suse.com/show_bug.cgi?id=1265085 * https://bugzilla.suse.com/show_bug.cgi?id=1265090 * https://bugzilla.suse.com/show_bug.cgi?id=1265116 * https://bugzilla.suse.com/show_bug.cgi?id=1265119 * https://bugzilla.suse.com/show_bug.cgi?id=1265126 * https://bugzilla.suse.com/show_bug.cgi?id=1265144 * https://bugzilla.suse.com/show_bug.cgi?id=1265308 * https://bugzilla.suse.com/show_bug.cgi?id=1265421 * https://bugzilla.suse.com/show_bug.cgi?id=1265449 * https://bugzilla.suse.com/show_bug.cgi?id=1265456 * https://bugzilla.suse.com/show_bug.cgi?id=1265626 * https://bugzilla.suse.com/show_bug.cgi?id=1265846 * https://bugzilla.suse.com/show_bug.cgi?id=1265960 * https://jira.suse.com/browse/PED-7249 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 17:05:55 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 17:05:55 -0000 Subject: SUSE-SU-2026:21875-1: important: Security update for openssh Message-ID: <178041995503.42.3334589622962960280@b0da085613fb> # Security update for openssh Announcement ID: SUSE-SU-2026:21875-1 Release Date: 2026-05-28T15:02:37Z Rating: important References: * bsc#1261427 * bsc#1261430 * bsc#1264568 Cross-References: * CVE-2026-35385 * CVE-2026-35414 CVSS scores: * CVE-2026-35385 ( SUSE ): 7.5 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-35385 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-35385 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-35385 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-35414 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-35414 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-35414 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-35414 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves two vulnerabilities and has one fix can now be installed. ## Description: This update for openssh fixes the following issues * CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid (bsc#1261427). * CVE-2026-35414: mishandling of authorized_keys principals option (bsc#1261430). Changes for openssh: * Fix a potential issue when validating mac (bsc#1264568): ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-552=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * openssh-clients-9.6p1-slfo.1.1_5.1 * openssh-server-9.6p1-slfo.1.1_5.1 * openssh-debugsource-9.6p1-slfo.1.1_5.1 * openssh-common-debuginfo-9.6p1-slfo.1.1_5.1 * openssh-9.6p1-slfo.1.1_5.1 * openssh-common-9.6p1-slfo.1.1_5.1 * openssh-clients-debuginfo-9.6p1-slfo.1.1_5.1 * openssh-server-config-rootlogin-9.6p1-slfo.1.1_5.1 * openssh-server-debuginfo-9.6p1-slfo.1.1_5.1 * openssh-fips-9.6p1-slfo.1.1_5.1 * openssh-debuginfo-9.6p1-slfo.1.1_5.1 ## References: * https://www.suse.com/security/cve/CVE-2026-35385.html * https://www.suse.com/security/cve/CVE-2026-35414.html * https://bugzilla.suse.com/show_bug.cgi?id=1261427 * https://bugzilla.suse.com/show_bug.cgi?id=1261430 * https://bugzilla.suse.com/show_bug.cgi?id=1264568 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 17:06:13 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 17:06:13 -0000 Subject: SUSE-SU-2026:21874-1: important: Security update for unbound Message-ID: <178041997306.42.5433998269293582035@b0da085613fb> # Security update for unbound Announcement ID: SUSE-SU-2026:21874-1 Release Date: 2026-05-28T15:01:59Z Rating: important References: * bsc#1265578 * bsc#1265580 * bsc#1265581 * bsc#1265582 * bsc#1265583 * bsc#1265584 * bsc#1265585 * bsc#1265586 * bsc#1265587 * bsc#1265588 * bsc#1265589 Cross-References: * CVE-2026-32792 * CVE-2026-33278 * CVE-2026-40622 * CVE-2026-41292 * CVE-2026-42534 * CVE-2026-42923 * CVE-2026-42944 * CVE-2026-42959 * CVE-2026-42960 * CVE-2026-44390 * CVE-2026-44608 CVSS scores: * CVE-2026-32792 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32792 ( NVD ): 4.6 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green * CVE-2026-32792 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-33278 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-33278 ( NVD ): 9.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red * CVE-2026-33278 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-40622 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-40622 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-40622 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-41292 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-41292 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red * CVE-2026-41292 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42534 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42534 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-42534 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-42923 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42923 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-42923 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-42944 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-42944 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red * CVE-2026-42944 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42959 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42959 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red * CVE-2026-42959 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42960 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-42960 ( NVD ): 5.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-42960 ( NVD ): 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H * CVE-2026-44390 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-44390 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-44390 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-44608 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-44608 ( NVD ): 4.6 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-44608 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves 11 vulnerabilities can now be installed. ## Description: This update for unbound fixes the following issues * CVE-2026-32792: Packet of death with DNSCrypt (bsc#1265583). * CVE-2026-33278: Possible remote code execution during DNSSEC validation (bsc#1265587). * CVE-2026-40622: "Ghost domain name" variant (bsc#1265581). * CVE-2026-41292: Parsing a long list of incoming EDNS options degrades performance (bsc#1265580). * CVE-2026-42534: Jostle logic bypass degrades resolution performance (bsc#1265585). * CVE-2026-42923: Degradation of service with unbounded NSEC3 hash calculations (bsc#1265589). * CVE-2026-42944: Heap overflow and crash with multiple nsid, cookie, padding EDNS options (bsc#1265578). * CVE-2026-42959: Crash during DNSSEC validation of malicious content (bsc#1265586). * CVE-2026-42960: Possible cache poisoning attack while following delegation (bsc#1265588). * CVE-2026-44390: Unbounded name compression in certain cases causes degradation of service (bsc#1265584). * CVE-2026-44608: Use after free and crash in RPZ code (bsc#1265582). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-551=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * unbound-anchor-debuginfo-1.22.0-slfo.1.1_4.1 * libunbound8-1.22.0-slfo.1.1_4.1 * unbound-anchor-1.22.0-slfo.1.1_4.1 * libunbound8-debuginfo-1.22.0-slfo.1.1_4.1 * unbound-debugsource-1.22.0-slfo.1.1_4.1 ## References: * https://www.suse.com/security/cve/CVE-2026-32792.html * https://www.suse.com/security/cve/CVE-2026-33278.html * https://www.suse.com/security/cve/CVE-2026-40622.html * https://www.suse.com/security/cve/CVE-2026-41292.html * https://www.suse.com/security/cve/CVE-2026-42534.html * https://www.suse.com/security/cve/CVE-2026-42923.html * https://www.suse.com/security/cve/CVE-2026-42944.html * https://www.suse.com/security/cve/CVE-2026-42959.html * https://www.suse.com/security/cve/CVE-2026-42960.html * https://www.suse.com/security/cve/CVE-2026-44390.html * https://www.suse.com/security/cve/CVE-2026-44608.html * https://bugzilla.suse.com/show_bug.cgi?id=1265578 * https://bugzilla.suse.com/show_bug.cgi?id=1265580 * https://bugzilla.suse.com/show_bug.cgi?id=1265581 * https://bugzilla.suse.com/show_bug.cgi?id=1265582 * https://bugzilla.suse.com/show_bug.cgi?id=1265583 * https://bugzilla.suse.com/show_bug.cgi?id=1265584 * https://bugzilla.suse.com/show_bug.cgi?id=1265585 * https://bugzilla.suse.com/show_bug.cgi?id=1265586 * https://bugzilla.suse.com/show_bug.cgi?id=1265587 * https://bugzilla.suse.com/show_bug.cgi?id=1265588 * https://bugzilla.suse.com/show_bug.cgi?id=1265589 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 17:06:16 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 17:06:16 -0000 Subject: SUSE-SU-2026:21873-1: moderate: Security update for python-idna Message-ID: <178041997613.42.13630858488851954707@b0da085613fb> # Security update for python-idna Announcement ID: SUSE-SU-2026:21873-1 Release Date: 2026-05-28T15:00:00Z Rating: moderate References: * bsc#1265413 Cross-References: * CVE-2026-45409 CVSS scores: * CVE-2026-45409 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-45409 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for python-idna fixes the following issue * CVE-2026-45409: specially crafted inputs to idna.encode() can bypass earlier security fix (bsc#1265413). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-553=1 ## Package List: * SUSE Linux Micro 6.1 (noarch) * python311-idna-3.7-slfo.1.1_2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-45409.html * https://bugzilla.suse.com/show_bug.cgi?id=1265413 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 17:06:23 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 17:06:23 -0000 Subject: SUSE-SU-2026:21872-1: important: Security update for cockpit Message-ID: <178041998319.42.3136949659715136731@b0da085613fb> # Security update for cockpit Announcement ID: SUSE-SU-2026:21872-1 Release Date: 2026-05-26T11:48:27Z Rating: important References: * bsc#1265040 Cross-References: * CVE-2026-4802 CVSS scores: * CVE-2026-4802 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-4802 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-4802 ( NVD ): 8.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for cockpit fixes the following issue * CVE-2026-4802: remote command execution via unsanitized user-controlled parameters within crafted links in system logs UI (bsc#1265040). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-548=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * cockpit-debuginfo-322-slfo.1.1_4.1 * cockpit-ws-322-slfo.1.1_4.1 * cockpit-ws-debuginfo-322-slfo.1.1_4.1 * cockpit-debugsource-322-slfo.1.1_4.1 * cockpit-bridge-debuginfo-322-slfo.1.1_4.1 * cockpit-bridge-322-slfo.1.1_4.1 * cockpit-322-slfo.1.1_4.1 * SUSE Linux Micro 6.1 (noarch) * cockpit-networkmanager-322-slfo.1.1_4.1 * cockpit-selinux-322-slfo.1.1_4.1 * cockpit-storaged-322-slfo.1.1_4.1 * cockpit-system-322-slfo.1.1_4.1 ## References: * https://www.suse.com/security/cve/CVE-2026-4802.html * https://bugzilla.suse.com/show_bug.cgi?id=1265040 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 17:06:39 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 17:06:39 -0000 Subject: SUSE-SU-2026:21871-1: important: Security update for cups Message-ID: <178041999941.42.15439765519262564840@b0da085613fb> # Security update for cups Announcement ID: SUSE-SU-2026:21871-1 Release Date: 2026-05-26T11:42:40Z Rating: important References: * bsc#1261568 * bsc#1261569 * bsc#1261570 * bsc#1261571 * bsc#1261572 * bsc#1261742 * bsc#1261743 * bsc#1263116 Cross-References: * CVE-2026-27447 * CVE-2026-34978 * CVE-2026-34979 * CVE-2026-34980 * CVE-2026-34990 * CVE-2026-39314 * CVE-2026-39316 * CVE-2026-41079 CVSS scores: * CVE-2026-27447 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N * CVE-2026-27447 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N * CVE-2026-27447 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N * CVE-2026-34978 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-34978 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-34979 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-34979 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-34980 ( SUSE ): 6.4 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L * CVE-2026-34980 ( NVD ): 6.1 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-34980 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-34990 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-34990 ( NVD ): 5.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-34990 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-39314 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-39314 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39314 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-39314 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39316 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-39316 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39316 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-39316 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-41079 ( SUSE ): 5.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-41079 ( SUSE ): 3.5 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-41079 ( NVD ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-41079 ( NVD ): 5.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L Affected Products: * SUSE Linux Micro 6.1 An update that solves eight vulnerabilities can now be installed. ## Description: This update for cups fixes the following issues * CVE-2026-27447: Authorization bypass via case-insensitive group-member lookup (bsc#1261572). * CVE-2026-34978: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss (bsc#1261571). * CVE-2026-34979: Heap overflow in `get_options()` (bsc#1261570). * CVE-2026-34980: Shared PostScript queue lets anonymous Print-Job requests reach `lp` code execution over the network (bsc#1261569). * CVE-2026-34990: Local print admin token disclosure using temporary printers (bsc#1261568). * CVE-2026-39314: negative `job-password-supported` attribute can lead to a denial of service (bsc#1261743). * CVE-2026-39316: dangling subscription pointer can lead to a denial of service (bsc#1261742). * CVE-2026-41079: crafted SNMP response can lead to stack-based out-of-bounds read and sensitive memory disclosure (bsc#1263116). Changes for cups: * Version upgrade to 2.4.19 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-549=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * cups-debugsource-2.4.19-slfo.1.1_1.1 * cups-config-2.4.19-slfo.1.1_1.1 * libcups2-2.4.19-slfo.1.1_1.1 * libcups2-debuginfo-2.4.19-slfo.1.1_1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-27447.html * https://www.suse.com/security/cve/CVE-2026-34978.html * https://www.suse.com/security/cve/CVE-2026-34979.html * https://www.suse.com/security/cve/CVE-2026-34980.html * https://www.suse.com/security/cve/CVE-2026-34990.html * https://www.suse.com/security/cve/CVE-2026-39314.html * https://www.suse.com/security/cve/CVE-2026-39316.html * https://www.suse.com/security/cve/CVE-2026-41079.html * https://bugzilla.suse.com/show_bug.cgi?id=1261568 * https://bugzilla.suse.com/show_bug.cgi?id=1261569 * https://bugzilla.suse.com/show_bug.cgi?id=1261570 * https://bugzilla.suse.com/show_bug.cgi?id=1261571 * https://bugzilla.suse.com/show_bug.cgi?id=1261572 * https://bugzilla.suse.com/show_bug.cgi?id=1261742 * https://bugzilla.suse.com/show_bug.cgi?id=1261743 * https://bugzilla.suse.com/show_bug.cgi?id=1263116 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 17:06:42 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 17:06:42 -0000 Subject: SUSE-SU-2026:21870-1: important: Security update for google-osconfig-agent Message-ID: <178042000248.42.10176884499186690186@b0da085613fb> # Security update for google-osconfig-agent Announcement ID: SUSE-SU-2026:21870-1 Release Date: 2026-05-26T10:47:06Z Rating: important References: * bsc#1260264 Cross-References: * CVE-2026-33186 CVSS scores: * CVE-2026-33186 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-33186 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33186 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for google-osconfig-agent fixes the following issue * CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header (bsc#1260264). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-547=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20250416.02-slfo.1.1_3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33186.html * https://bugzilla.suse.com/show_bug.cgi?id=1260264 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 17:11:46 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 17:11:46 -0000 Subject: SUSE-SU-2026:21868-1: important: Security update for the Linux Kernel Message-ID: <178042030688.42.14505763164245893252@b0da085613fb> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:21868-1 Release Date: 2026-05-29T16:06:32Z Rating: important References: * bsc#1215199 * bsc#1234634 * bsc#1243603 * bsc#1248754 * bsc#1253122 * bsc#1253754 * bsc#1254518 * bsc#1256863 * bsc#1257631 * bsc#1258518 * bsc#1258718 * bsc#1258826 * bsc#1258849 * bsc#1258850 * bsc#1258854 * bsc#1258855 * bsc#1258856 * bsc#1258857 * bsc#1258961 * bsc#1259186 * bsc#1259199 * bsc#1259222 * bsc#1259484 * bsc#1259485 * bsc#1259535 * bsc#1259799 * bsc#1259806 * bsc#1259857 * bsc#1259868 * bsc#1259869 * bsc#1259873 * bsc#1259878 * bsc#1260010 * bsc#1260012 * bsc#1260018 * bsc#1260468 * bsc#1260483 * bsc#1260484 * bsc#1260485 * bsc#1260489 * bsc#1260501 * bsc#1260504 * bsc#1260505 * bsc#1260507 * bsc#1260522 * bsc#1260523 * bsc#1260526 * bsc#1260528 * bsc#1260529 * bsc#1260530 * bsc#1260531 * bsc#1260532 * bsc#1260533 * bsc#1260536 * bsc#1260537 * bsc#1260538 * bsc#1260541 * bsc#1260546 * bsc#1260549 * bsc#1260551 * bsc#1260552 * bsc#1260553 * bsc#1260555 * bsc#1260561 * bsc#1260566 * bsc#1260572 * bsc#1260581 * bsc#1260728 * bsc#1260729 * bsc#1260731 * bsc#1260800 * bsc#1260811 * bsc#1261020 * bsc#1261287 * bsc#1261295 * bsc#1261348 * bsc#1261503 * bsc#1261504 * bsc#1261581 * bsc#1261582 * bsc#1261584 * bsc#1261601 * bsc#1261602 * bsc#1261618 * bsc#1261628 * bsc#1261632 * bsc#1261636 * bsc#1261638 * bsc#1261641 * bsc#1261644 * bsc#1261645 * bsc#1261648 * bsc#1261679 * bsc#1261685 * bsc#1261686 * bsc#1261687 * bsc#1261692 * bsc#1261694 * bsc#1261700 * bsc#1261703 * bsc#1261707 * bsc#1261710 * bsc#1261713 * bsc#1261719 * bsc#1261750 * bsc#1261751 * bsc#1261752 * bsc#1261768 * bsc#1261778 * bsc#1261779 * bsc#1261781 * bsc#1261789 * bsc#1261796 * bsc#1261797 * bsc#1261896 * bsc#1262020 * bsc#1262053 * bsc#1262054 * bsc#1262055 * bsc#1262061 * bsc#1262063 * bsc#1262074 * bsc#1262078 * bsc#1262086 * bsc#1262087 * bsc#1262099 * bsc#1262100 * bsc#1262101 * bsc#1262179 * bsc#1262181 * bsc#1262602 * bsc#1262616 * bsc#1262665 * bsc#1262671 * bsc#1262673 * bsc#1262725 * bsc#1262731 * bsc#1262734 * bsc#1262746 * bsc#1262752 * bsc#1262758 * bsc#1263001 * bsc#1263012 * bsc#1263064 * bsc#1263065 * bsc#1263085 * bsc#1263093 * bsc#1263095 * bsc#1263104 * bsc#1263131 * bsc#1263140 * bsc#1263141 * bsc#1263149 * bsc#1263165 * bsc#1263170 * bsc#1263176 * bsc#1263556 * bsc#1263582 * bsc#1263592 * bsc#1263593 * bsc#1263595 * bsc#1263596 * bsc#1263600 * bsc#1263668 * bsc#1263723 * bsc#1263797 * bsc#1263815 * bsc#1263882 * bsc#1263901 * bsc#1263931 * bsc#1263933 * bsc#1263995 * bsc#1264014 * bsc#1264059 * bsc#1264082 * bsc#1264087 * bsc#1264097 * bsc#1264183 * bsc#1264427 * bsc#1264469 * bsc#1264482 * bsc#1264634 * bsc#1264651 * bsc#1264661 * bsc#1264674 * bsc#1264801 * bsc#1264848 * bsc#1265085 * bsc#1265090 * bsc#1265116 * bsc#1265119 * bsc#1265126 * bsc#1265144 * bsc#1265308 * bsc#1265421 * bsc#1265449 * bsc#1265456 * bsc#1265626 * bsc#1265846 * bsc#1265960 * jsc#PED-7249 Cross-References: * CVE-2023-20585 * CVE-2025-40219 * CVE-2025-71183 * CVE-2025-71238 * CVE-2026-23168 * CVE-2026-23209 * CVE-2026-23236 * CVE-2026-23237 * CVE-2026-23239 * CVE-2026-23240 * CVE-2026-23245 * CVE-2026-23246 * CVE-2026-23253 * CVE-2026-23260 * CVE-2026-23264 * CVE-2026-23266 * CVE-2026-23268 * CVE-2026-23269 * CVE-2026-23271 * CVE-2026-23273 * CVE-2026-23276 * CVE-2026-23279 * CVE-2026-23290 * CVE-2026-23291 * CVE-2026-23298 * CVE-2026-23300 * CVE-2026-23306 * CVE-2026-23307 * CVE-2026-23308 * CVE-2026-23312 * CVE-2026-23313 * CVE-2026-23315 * CVE-2026-23318 * CVE-2026-23321 * CVE-2026-23324 * CVE-2026-23325 * CVE-2026-23336 * CVE-2026-23339 * CVE-2026-23340 * CVE-2026-23346 * CVE-2026-23351 * CVE-2026-23357 * CVE-2026-23362 * CVE-2026-23363 * CVE-2026-23365 * CVE-2026-23367 * CVE-2026-23368 * CVE-2026-23370 * CVE-2026-23372 * CVE-2026-23373 * CVE-2026-23374 * CVE-2026-23378 * CVE-2026-23382 * CVE-2026-23391 * CVE-2026-23392 * CVE-2026-23393 * CVE-2026-23396 * CVE-2026-23397 * CVE-2026-23399 * CVE-2026-23403 * CVE-2026-23404 * CVE-2026-23405 * CVE-2026-23406 * CVE-2026-23407 * CVE-2026-23408 * CVE-2026-23409 * CVE-2026-23410 * CVE-2026-23411 * CVE-2026-23420 * CVE-2026-23426 * CVE-2026-23434 * CVE-2026-23440 * CVE-2026-23441 * CVE-2026-23442 * CVE-2026-23443 * CVE-2026-23446 * CVE-2026-23447 * CVE-2026-23448 * CVE-2026-23449 * CVE-2026-23450 * CVE-2026-23452 * CVE-2026-23455 * CVE-2026-23456 * CVE-2026-23457 * CVE-2026-23458 * CVE-2026-23460 * CVE-2026-23461 * CVE-2026-23462 * CVE-2026-23463 * CVE-2026-23465 * CVE-2026-23468 * CVE-2026-23472 * CVE-2026-23473 * CVE-2026-23474 * CVE-2026-23475 * CVE-2026-31389 * CVE-2026-31393 * CVE-2026-31400 * CVE-2026-31402 * CVE-2026-31403 * CVE-2026-31404 * CVE-2026-31405 * CVE-2026-31407 * CVE-2026-31408 * CVE-2026-31411 * CVE-2026-31412 * CVE-2026-31415 * CVE-2026-31416 * CVE-2026-31417 * CVE-2026-31420 * CVE-2026-31421 * CVE-2026-31422 * CVE-2026-31423 * CVE-2026-31424 * CVE-2026-31425 * CVE-2026-31426 * CVE-2026-31427 * CVE-2026-31428 * CVE-2026-31436 * CVE-2026-31449 * CVE-2026-31470 * CVE-2026-31488 * CVE-2026-31494 * CVE-2026-31496 * CVE-2026-31504 * CVE-2026-31505 * CVE-2026-31507 * CVE-2026-31512 * CVE-2026-31515 * CVE-2026-31519 * CVE-2026-31525 * CVE-2026-31528 * CVE-2026-31533 * CVE-2026-31550 * CVE-2026-31565 * CVE-2026-31570 * CVE-2026-31586 * CVE-2026-31588 * CVE-2026-31602 * CVE-2026-31607 * CVE-2026-31622 * CVE-2026-31649 * CVE-2026-31656 * CVE-2026-31662 * CVE-2026-31668 * CVE-2026-31669 * CVE-2026-31675 * CVE-2026-31679 * CVE-2026-31681 * CVE-2026-31682 * CVE-2026-31684 * CVE-2026-31685 * CVE-2026-31694 * CVE-2026-31700 * CVE-2026-31738 * CVE-2026-31787 * CVE-2026-43009 * CVE-2026-43025 * CVE-2026-43027 * CVE-2026-43037 * CVE-2026-43038 * CVE-2026-43044 * CVE-2026-43050 * CVE-2026-43060 * CVE-2026-43088 * CVE-2026-43110 * CVE-2026-43120 * CVE-2026-43126 * CVE-2026-43190 * CVE-2026-43214 * CVE-2026-43265 * CVE-2026-43329 * CVE-2026-43330 * CVE-2026-43334 * CVE-2026-43365 * CVE-2026-43366 * CVE-2026-43419 * CVE-2026-43437 * CVE-2026-43441 * CVE-2026-43494 * CVE-2026-43503 CVSS scores: * CVE-2023-20585 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2023-20585 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2023-20585 ( NVD ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-40219 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40219 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-71183 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71183 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71238 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-71238 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-71238 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23168 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23168 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23168 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23209 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23209 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23236 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23236 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23236 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2026-23236 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23237 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23237 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23239 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23239 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23240 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23245 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23245 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23245 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23246 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23253 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23253 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23260 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23260 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23260 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23264 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23264 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23266 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23266 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23266 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23268 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23268 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23269 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23269 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23269 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23271 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23271 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23273 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23276 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23276 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23279 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23279 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23279 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23290 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23290 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23290 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23291 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23291 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23298 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23298 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23298 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23300 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23300 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23300 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23306 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23306 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H * CVE-2026-23306 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23307 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23308 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23308 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23312 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23312 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23312 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23313 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23315 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23315 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23318 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23318 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23321 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23321 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23321 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23324 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23324 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23324 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23325 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23325 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23336 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23336 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23339 ( SUSE ): 2.3 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23339 ( SUSE ): 3.1 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23339 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23340 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23340 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23340 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23346 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23346 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23346 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23357 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23357 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23357 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23362 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23363 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23365 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23365 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23365 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23367 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-23367 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-23367 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23368 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23368 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23368 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23370 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23370 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23372 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23372 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23373 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23373 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23374 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23374 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23374 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23378 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23378 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23378 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23378 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23382 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23382 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23382 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23391 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23391 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23392 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23393 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23396 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23396 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23396 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23397 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23397 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23397 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23399 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23399 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23399 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23403 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23403 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23404 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23406 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23406 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23407 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23407 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23407 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23408 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23409 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23409 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23410 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23410 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23411 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23420 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23426 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23426 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23426 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23434 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23434 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23434 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23434 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23440 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23440 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23440 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23440 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23441 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23441 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23442 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23442 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23442 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23443 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23443 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23443 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23446 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23446 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23446 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23447 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23447 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23448 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23448 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23448 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23450 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23452 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23452 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23452 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23455 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23455 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23455 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23456 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23456 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-23456 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23457 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23457 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23457 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23458 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23458 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23458 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23460 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23460 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23460 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23461 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23461 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23461 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23462 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23463 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23463 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2026-23463 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23465 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2026-23465 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2026-23465 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23468 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23472 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23472 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23472 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23473 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23473 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23474 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23474 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23474 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23475 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23475 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23475 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31389 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31389 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31389 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31393 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31393 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31393 ( NVD ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31400 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31400 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31400 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31402 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31402 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-31402 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31403 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31404 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31404 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31404 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31405 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31405 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31407 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31407 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31407 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31408 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31408 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31408 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31411 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31411 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31411 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31412 ( SUSE ): 7.0 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31412 ( SUSE ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31412 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31415 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31415 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31415 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31416 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31416 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-31416 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31417 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31417 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31417 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31420 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31421 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31421 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31421 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31422 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31422 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31422 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31423 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31423 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31423 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31424 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31424 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31424 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31425 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31425 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31426 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31426 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-31426 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31427 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-31427 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2026-31427 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31428 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31428 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31428 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31436 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31436 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31436 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31449 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-31470 ( SUSE ): 6.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31470 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31470 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31488 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31488 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31488 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31494 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-31494 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2026-31494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31496 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31496 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31496 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31504 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31504 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31504 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31505 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31507 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31512 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31512 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-31512 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31515 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31515 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31515 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31519 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31519 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31525 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31525 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31525 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31528 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31528 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31528 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31533 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31550 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31550 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31550 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31565 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31565 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31565 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31570 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:N/SA:N * CVE-2026-31570 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31586 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31588 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-31602 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31602 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31602 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31607 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31607 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2026-31607 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31622 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31622 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31622 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31649 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31656 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31662 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31662 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31662 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31668 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-31668 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2026-31668 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31669 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31675 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31675 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2026-31675 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31679 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31679 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31679 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31681 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31681 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31681 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31682 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31682 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31682 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31684 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31684 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-31684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31685 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31685 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31685 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31694 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31694 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31694 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31700 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31738 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43009 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-43027 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43027 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43038 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43038 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43044 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43044 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43044 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43050 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43060 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43060 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43088 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-43088 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-43110 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43110 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43110 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43120 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43126 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43190 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43190 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43190 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43214 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43214 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43214 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43265 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43265 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43265 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43329 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43329 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43329 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43330 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43330 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43330 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43334 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-43334 ( SUSE ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-43334 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43365 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43365 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43365 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43366 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43366 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43366 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43419 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-43419 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-43437 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43437 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43441 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43441 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43494 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43494 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43503 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43503 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43503 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 * SUSE Linux Micro Extras 6.0 An update that solves 181 vulnerabilities, contains one feature and has 19 fixes can now be installed. ## Description: The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 RT kernel was updated to fix various security issues The following security issues were fixed: * CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1 (bsc#1243603). * CVE-2025-71183: btrfs: always detect conflicting inodes when logging inode refs (bsc#1257631). * CVE-2026-23168: flex_proportions: make fprop_new_period() hardirq safe (bsc#1258826). * CVE-2026-23239: espintcp: Fix race condition in espintcp_close() (bsc#1259485). * CVE-2026-23240: tls: Fix race condition in tls_sw_cancel_work_tx() (bsc#1259484). * CVE-2026-23245: net/sched: act_gate: snapshot parameters with RCU on replace (bsc#1259799). * CVE-2026-23271: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race (bsc#1260018). * CVE-2026-23276: net: move dev_xmit_recursion() helpers to net/core/dev.h (bsc#1260012). * CVE-2026-23300: net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop (bsc#1260538). * CVE-2026-23306: scsi: pm8001: Fix use-after-free in pm8001_queue_command() (bsc#1260501). * CVE-2026-23313: i40e: Fix preempt count leak in napi poll tracepoint (bsc#1260555). * CVE-2026-23321: mptcp: pm: in-kernel: always mark signal+subflow endp as used (bsc#1260505). * CVE-2026-23340: net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs (bsc#1260523). * CVE-2026-23346: mm/ioremap: define generic_ioremap_prot() and generic_iounmap() (bsc#1260529). * CVE-2026-23351: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase (bsc#1260526). * CVE-2026-23368: net: phy: register phy led_triggers during probe to avoid AB-BA deadlock (bsc#1260530). * CVE-2026-23374: blktrace: fix __this_cpu_read/write in preemptible context (bsc#1260811). * CVE-2026-23378: net/sched: act_ife: Fix metalist update behavior (bsc#1260546). * CVE-2026-23391: netfilter: xt_CT: drop pending enqueued packets on template removal (bsc#1260566). * CVE-2026-23392: netfilter: nf_tables: release flowtable after rcu grace period on error (bsc#1260531). * CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260522). * CVE-2026-23397: nfnetlink_osf: validate individual option lengths in fingerprints (bsc#1260728). * CVE-2026-23399: nf_tables: nft_dynset: fix possible stateful expression memleak in error path (bsc#1261020). * CVE-2026-23440: net/mlx5e: Fix race condition during IPSec ESN update (bsc#1261641). * CVE-2026-23441: net/mlx5e: Prevent concurrent access to IPSec ASO context (bsc#1261768). * CVE-2026-23442: ipv6: add NULL checks for idev in SRv6 paths (bsc#1261581). * CVE-2026-23449: net/sched: teql: Fix double-free in teql_master_xmit (bsc#1261779). * CVE-2026-23450: net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock() (bsc#1261584). * CVE-2026-23455: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() (bsc#1261687). * CVE-2026-23456: netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case (bsc#1261703). * CVE-2026-23457: netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp() (bsc#1261686). * CVE-2026-23458: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() (bsc#1261781). * CVE-2026-23461: Bluetooth: L2CAP: Fix use-after-free in l2cap_unregister_user (bsc#1261707). * CVE-2026-23462: Bluetooth: HIDP: Fix possible UAF (bsc#1261710). * CVE-2026-23468: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion (bsc#1261692). * CVE-2026-23472: serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN (bsc#1261636). * CVE-2026-23473: io_uring/poll: fix multishot recv missing EOF on wakeup race (bsc#1261694). * CVE-2026-31400: sunrpc: fix cache_request leak in cache_release (bsc#1261645). * CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (bsc#1261638). * CVE-2026-31403: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd (bsc#1261796). * CVE-2026-31404: xfs: avoid dereferencing log items after push callbacks (bsc#1261628). * CVE-2026-31407: netfilter: conntrack: add missing netlink policy validations (bsc#1261632). * CVE-2026-31411: net: atm: fix crash due to unvalidated vcc pointer in sigd_send() (bsc#1261752). * CVE-2026-31415: ipv6: avoid overflows in ip6_datagram_send_ctl() (bsc#1262099). * CVE-2026-31416: netfilter: nfnetlink_log: account for netlink header size (bsc#1262100). * CVE-2026-31420: bridge: mrp: reject zero test interval to avoid OOM panic (bsc#1262055). * CVE-2026-31421: net/sched: cls_fw: fix NULL pointer dereference on shared blocks (bsc#1262061). * CVE-2026-31422: net/sched: cls_flow: fix NULL pointer dereference on shared blocks (bsc#1262054). * CVE-2026-31423: net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() (bsc#1262063). * CVE-2026-31424: netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP (bsc#1262053). * CVE-2026-31425: rds: ib: reject FRMR registration before IB connection is established (bsc#1262074). * CVE-2026-31427: netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp (bsc#1262086). * CVE-2026-31428: netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD (bsc#1262087). * CVE-2026-31436: dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() (bsc#1262602). * CVE-2026-31449: ext4: validate p_idx bounds in ext4_ext_correct_indexes (bsc#1262616). * CVE-2026-31470: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (bsc#1262665). * CVE-2026-31488: drm/amd/display: Do not skip unrelated mode changes in DSC validation (bsc#1262746). * CVE-2026-31494: net: cadence: macb: Synchronize stats calculations (bsc#1262671). * CVE-2026-31496: netfilter: nf_conntrack_expect: skip expectations in other netns via proc (bsc#1262673). * CVE-2026-31504: net: fix fanout UAF in packet_release() via NETDEV_UP race (bsc#1263085). * CVE-2026-31505: iavf: fix out-of-bounds writes in iavf_get_ethtool_stats() (bsc#1263093). * CVE-2026-31507: net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer (bsc#1263095). * CVE-2026-31512: Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv() (bsc#1262734). * CVE-2026-31515: af_key: validate families in pfkey_send_migrate() (bsc#1262752). * CVE-2026-31519: btrfs: set BTRFS_ROOT_ORPHAN_CLEANUP during subvol create (bsc#1263012). * CVE-2026-31525: bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN (bsc#1262725). * CVE-2026-31528: perf: Make sure to use pmu_ctx->pmu for groups (bsc#1263001). * CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (bsc#1262758). * CVE-2026-31550: pmdomain: bcm: bcm2835-power: Increase ASB control timeout (bsc#1263104). * CVE-2026-31565: RDMA/irdma: Fix deadlock during netdev reset with active connections (bsc#1263064). * CVE-2026-31570: can: gw: fix OOB heap access in cgw_csum_crc8_rel() (bsc#1263065). * CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (bsc#1263176). * CVE-2026-31588: KVM: x86: Use scratch field in MMIO fragment to hold small write values (bsc#1263165). * CVE-2026-31602: ALSA: ctxfi: Limit PTP to a single page (bsc#1263723). * CVE-2026-31607: usbip: validate number_of_packets in usbip_pack_ret_submit() (bsc#1263600). * CVE-2026-31622: NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (bsc#1263797). * CVE-2026-31649: net: stmmac: fix integer underflow in chain mode (bsc#1263582). * CVE-2026-31656: drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (bsc#1263170). * CVE-2026-31662: tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG (bsc#1263131). * CVE-2026-31668: seg6: separate dst_cache for input and output paths in seg6 lwtunnel (bsc#1263140). * CVE-2026-31669: mptcp: fix slab-use-after-free in __inet_lookup_established (bsc#1263141). * CVE-2026-31675: net/sched: sch_netem: fix out-of-bounds access in packet corruption (bsc#1263556). * CVE-2026-31679: openvswitch: validate MPLS set/set_masked payload length (bsc#1263592). * CVE-2026-31681: netfilter: xt_multiport: validate range encoding in checkentry (bsc#1263593). * CVE-2026-31682: bridge: br_nd_send: linearize skb before parsing ND options (bsc#1263595). * CVE-2026-31684: net: sched: act_csum: validate nested VLAN headers (bsc#1263596). * CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263668). * CVE-2026-31694: fuse: reject oversized dirents in page cache (bsc#1263901). * CVE-2026-31700: net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (bsc#1263882). * CVE-2026-31738: vxlan: validate ND option lengths in vxlan_na_create (bsc#1264059). * CVE-2026-31787: xen/privcmd: fix double free via VMA splitting (bsc#1262181). * CVE-2026-43009: bpf: Fix incorrect pruning due to atomic fetch precision tracking (bsc#1264014). * CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new expectations (bsc#1263931). * CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect cleanup (bsc#1263933). * CVE-2026-43037: ip6_tunnel: clear skb2->cb in ip4ip6_err() (bsc#1263995). * CVE-2026-43038: ipv6: icmp: clear skb2->cb in ip6_err_gen_icmpv6_unreach() (bsc#1264097). * CVE-2026-43044: crypto: caam - fix DMA corruption on long hmac keys (bsc#1264087). * CVE-2026-43050: atm: lec: fix use-after-free in sock_def_readable() (bsc#1264082). * CVE-2026-43060: netfilter: nft_ct: drop pending enqueued packets on removal (bsc#1264183). * CVE-2026-43088: net: af_key: zero aligned sockaddr tail in PF_KEY exports (bsc#1264469). * CVE-2026-43110: wifi: brcmfmac: validate bsscfg indices in IF events (bsc#1264482). * CVE-2026-43120: RDMA/irdma: Fix double free related to rereg_user_mr. * CVE-2026-43126: ALSA: mixer: oss: Add card disconnect checkpoints (bsc#1264634). * CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264848). * CVE-2026-43214: KVM: x86: Add SRCU protection for reading PDPTRs in __get_sregs2() (bsc#1264651). * CVE-2026-43265: KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block() (bsc#1264427). * CVE-2026-43329: netfilter: flowtable: strictly check for maximum number of actions (bsc#1265085). * CVE-2026-43330: crypto: caam - fix overflow on long hmac keys (bsc#1264801). * CVE-2026-43334: Bluetooth: SMP: force responder MITM requirements before building the pairing response (bsc#1265090). * CVE-2026-43365: xfs: fix undersized l_iclog_roundoff values (bsc#1265119). * CVE-2026-43366: io_uring/kbuf: check if target buffer list is still legacy on recycle (bsc#1265116). * CVE-2026-43419: ceph: fix memory leaks in ceph_mdsc_build_path() (bsc#1264661). * CVE-2026-43437: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (bsc#1265126). * CVE-2026-43441: net: bonding: Fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1264674). * CVE-2026-43494: net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * CVE-2026-43503: net: skbuff: propagate shared-frag marker through frag- transfer helpers (bsc#1265960). The following non security issues were fixed: * accel/qaic: Add overflow check to remap_pfn_range during mmap (git-fixes). * ACPI: AGDI: fix missing newline in error message (git-fixes). * ACPI: CPPC: Fix related_cpus inconsistency during CPU hotplug (git-fixes). * ACPI: scan: Use acpi_dev_put() in object add error paths (git-fixes). * ACPI: video: force native backlight on HP OMEN 16 (8A44) (stable-fixes). * ALSA: 6fire: Fix input volume change detection (git-fixes). * ALSA: 6fire: fix use-after-free on disconnect (git-fixes). * ALSA: aoa: i2sbus: clear stale prepared state (git-fixes). * ALSA: aoa: i2sbus: fix OF node lifetime handling (git-fixes). * ALSA: aoa: Skip devices with no codecs in i2sbus_resume() (git-fixes). * ALSA: aoa: Use guard() for mutex locks (stable-fixes). * ALSA: asihpi: avoid write overflow check warning (stable-fixes). * ALSA: caiaq: Don't abort when no input device is available (git-fixes). * ALSA: caiaq: Fix control_put() result and cache rollback (git-fixes). * ALSA: caiaq: Fix potentially leftover ep1_in_urb at error path (git-fixes). * ALSA: caiaq: fix usb_dev refcount leak on probe failure (git-fixes). * ALSA: caiaq: Handle probe errors properly (git-fixes). * ALSA: caiaq: take a reference on the USB device in create_card() (git- fixes). * ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names() (git-fixes). * ALSA: core: Fix potential data race at fasync handling (git-fixes). * ALSA: core: Serialize deferred fasync state checks (git-fixes). * ALSA: core: Validate compress device numbers without dynamic minors (git- fixes). * ALSA: ctxfi: Add fallback to default RSR for S/PDIF (git-fixes). * ALSA: ctxfi: Fix missing SPDIFI1 index handling (stable-fixes). * ALSA: ctxfi: Limit PTP to a single page (git-fixes). * ALSA: firewire-tascam: Do not drop unread control events (git-fixes). * ALSA: fireworks: bound device-supplied status before string array lookup (git-fixes). * ALSA: hda/realtek - fixed speaker no sound update (git-fixes). * ALSA: hda/realtek: Add HP ENVY Laptop 13-ba0xxx quirk (stable-fixes). * ALSA: hda/realtek: Add mute LED quirk for HP Pavilion 15-eg0xxx (stable- fixes). * ALSA: hda/realtek: Add quirk for ASUS ROG Flow Z13-KJP GZ302EAC (stable- fixes). * ALSA: hda/realtek: add quirk for Framework F111:000F (stable-fixes). * ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14IAH10 (stable-fixes). * ALSA: hda/realtek: fix code style (ERROR: else should follow close brace '}') (git-fixes). * ALSA: misc: Use guard() for spin locks (stable-fixes). * ALSA: scarlett2: Add missing sentinel initializer field (git-fixes). * ALSA: seq: Notify client and port info changes (stable-fixes). * ALSA: seq_oss: return full count for successful SEQ_FULLSIZE writes (stable- fixes). * ALSA: usb-audio: apply quirk for MOONDROP JU Jiu (stable-fixes). * ALSA: usb-audio: Avoid false E-MU sample-rate notifications (git-fixes). * ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3() (git- fixes). * ALSA: usb-audio: Evaluate packsize caps at the right place (git-fixes). * ALSA: usb-audio: Fix Audio Advantage Micro II SPDIF switch (git-fixes). * ALSA: usb-audio: Fix potential leak of pd at parsing UAC3 streams (git- fixes). * ALSA: usb-audio: Fix quirk flags for NeuralDSP Quad Cortex (stable-fixes). * ALSA: usb-audio: Fix UAC3 cluster descriptor size check (git-fixes). * ALSA: usb-audio: midi2: Restart output URBs on resume (git-fixes). * ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES (git-fixes). * ASoC: amd: yc: Add DMI entry for HP Laptop 15-fc0xxx (stable-fixes). * ASoC: amd: yc: Add DMI quirk for ASUS EXPERTBOOK BM1403CDA (stable-fixes). * ASoC: amd: yc: Add DMI quirk for Thin A15 B7VF (stable-fixes). * ASoC: amd: yc: Add HP OMEN Gaming Laptop 16-ap0xxx product line in quirk table (stable-fixes). * ASoC: codecs: ab8500: Fix casting of private data (git-fixes). * ASoC: cs35l56: Destroy workqueue in probe error path (git-fixes). * ASoC: cs35l56: Don't use devres to unregister component (git-fixes). * ASoC: fsl_easrc: Change the type for iec958 channel status controls (git- fixes). * ASoC: fsl_easrc: Check the variable range in fsl_easrc_iec958_put_bits() (git-fixes). * ASoC: fsl_easrc: fix comment typo (git-fixes). * ASoC: fsl_easrc: Fix value type in fsl_easrc_iec958_get_bits() (git-fixes). * ASoC: fsl_micfil: Add access property for "VAD Detected" (git-fixes). * ASoC: fsl_micfil: Fix event generation in hwvad_put_enable() (git-fixes). * ASoC: fsl_micfil: Fix event generation in hwvad_put_init_mode() (git-fixes). * ASoC: fsl_micfil: Fix event generation in micfil_put_dc_remover_state() (git-fixes). * ASoC: fsl_micfil: Fix event generation in micfil_quality_set() (git-fixes). * ASoC: fsl_xcvr: Fix event generation for cached controls (git-fixes). * ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_arc_mode_put() (git-fixes). * ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_mode_put() (git-fixes). * ASoC: Intel: bytcr_wm5102: Fix MCLK leak on platform_clock_control error (git-fixes). * ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens (git-fixes). * ASoC: qcom: q6apm: move component registration to unmanaged version (git- fixes). * ASoC: qcom: q6apm: remove child devices when apm is removed (git-fixes). * ASoC: qcom: qdsp6: topology: check widget type before accessing data (git- fixes). * ASoC: soc-core: call missing INIT_LIST_HEAD() for card_aux_list (stable- fixes). * ASoC: SOF: compress: return the configured codec from get_params (git- fixes). * ASoC: SOF: Don't allow pointer operations on unconfigured streams (git- fixes). * ASoC: SOF: Intel: hda: Place check before dereference (git-fixes). * ASoC: SOF: topology: reject invalid vendor array size in token parser (stable-fixes). * ASoC: sti: Return errors from regmap_field_alloc() (git-fixes). * ASoC: sti: use managed regmap_field allocations (git-fixes). * ASoC: stm32_sai: fix incorrect BCLK polarity for DSP_A/B, LEFT_J (stable- fixes). * ata: ahci: force 32-bit DMA for JMicron JMB582/JMB585 (stable-fixes). * batman-adv: bla: only purge non-released claims (git-fixes). * batman-adv: bla: prevent use-after-free when deleting claims (git-fixes). * batman-adv: bla: put backbone reference on failed claim hash insert (git- fixes). * batman-adv: fix integer overflow on buff_pos (git-fixes). * batman-adv: hold claim backbone gateways by reference (git-fixes). * batman-adv: reject new tp_meter sessions during teardown (git-fixes). * batman-adv: reject oversized global TT response buffers (git-fixes). * batman-adv: stop caching unowned originator pointers in BAT IV (git-fixes). * Bluetooth: bnep: fix incorrect length parsing in bnep_rx_frame() extension handling (git-fixes). * Bluetooth: fix locking in hci_conn_request_evt() with HCI_PROTO_DEFER (git- fixes). * Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt (git-fixes). * Bluetooth: hci_event: fix potential UAF in SSP passkey handlers (git-fixes). * Bluetooth: hci_ldisc: Clear HCI_UART_PROTO_INIT on error (git-fixes). * Bluetooth: HIDP: serialise l2cap_unregister_user via hidp_session_sem (git- fixes). * Bluetooth: ISO: Fix data-race on dst in iso_sock_connect() (git-fixes). * Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp (git- fixes). * Bluetooth: l2cap: fix MPS check in l2cap_ecred_reconf_req (git-fixes). * Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb() (git- fixes). * Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_state_change_cb() (git- fixes). * Bluetooth: L2CAP: Fix printing wrong information if SDU length exceeds MTU (git-fixes). * Bluetooth: RFCOMM: pull credit byte with skb_pull_data() (git-fixes). * Bluetooth: SCO: check for codecs->num_codecs == 1 before assigning to sco_pi(sk)->codec (git-fixes). * Bluetooth: SCO: fix sleeping under spinlock in sco_conn_ready (git-fixes). * Bluetooth: SCO: hold sk properly in sco_conn_ready (git-fixes). * Bluetooth: virtio_bt: clamp rx length before skb_put (git-fixes). * Bluetooth: virtio_bt: validate rx pkt_type header length (git-fixes). * btrfs: do not skip logging new dentries when logging a new name (git-fixes). * btrfs: reject root items with drop_progress and zero drop_level (git-fixes). * btrfs: replace BUG() with error handling in __btrfs_balance() (git-fixes). * can: mcp251x: add error handling for power enable in open and resume (stable-fixes). * can: raw: fix ro->uniq use-after-free in raw_rcv() (git-fixes). * can: ucan: fix devres lifetime (git-fixes). * cdc-acm: new quirk for EPSON HMD (stable-fixes). * check-for-config-changes: Exclude CC_MS_EXTENSIONS. * check-for-config-changes: Exclude HAVE_CFI_ICALL_NORMALIZE_INTEGERS{,_RUSTC}. * checkpatch: add support for Assisted-by tag (stable-fixes). * comedi: dt2815: add hardware detection to prevent crash (stable-fixes). * crypto: algif_aead - Fix minimum RX size check for decryption (git-fixes). * crypto: arm64/aes - Fix 32-bit aes_mac_update() arg treated as 64-bit (git- fixes). * crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup (git- fixes). * crypto: atmel-ecc - Release client on allocation failure (git-fixes). * crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path (git-fixes). * crypto: atmel-tdes - fix DMA sync direction (git-fixes). * crypto: authencesn - reject short ahash digests during instance creation (git-fixes). * crypto: ccp - copy IV using skcipher ivsize (git-fixes). * crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed (git-fixes). * crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed (git-fixes). * crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed (git-fixes). * crypto: ccree - fix a memory leak in cc_mac_digest() (git-fixes). * crypto: hisilicon - Fix dma_unmap_single() direction (git-fixes). * crypto: jitterentropy - replace long-held spinlock with mutex (git-fixes). * crypto: pcrypt - Fix handling of MAY_BACKLOG requests (git-fixes). * crypto: qat - fix type mismatch in RAS sysfs show functions (git-fixes). * crypto: qat - use swab32 macro (git-fixes). * crypto: sa2ul - Fix AEAD fallback algorithm names (git-fixes). * crypto: simd - reject compat registrations without __ prefixes (git-fixes). * crypto: talitos - fix SEC1 32k ahash request limitation (git-fixes). * crypto: testmgr - Hide ENOENT errors (stable-fixes). * crypto: testmgr - Hide ENOENT errors better (git-fixes). * devres: fix missing node debug info in devm_krealloc() (git-fixes). * dm init: ensure device probing has finished in dm-mod.waitfor= (git-fixes). * dmaengine: dw-axi-dmac: Remove unnecessary return statement from void function (git-fixes). * dmaengine: mxs-dma: Fix missing return value from of_dma_controller_register() (git-fixes). * drm/amd/display: Add NULL check for integrated_info in clk_mgr_construct (git-fixes). * drm/amd/display: Allow DCE link encoder without AUX registers (git-fixes). * drm/amd/display: Avoid NULL dereference in dc_dmub_srv error paths (git- fixes). * drm/amd/display: Disable 10-bit truncation and dithering on DCE 6.x (git- fixes). * drm/amd/display: Read EDID from VBIOS embedded panel info (git-fixes). * drm/amd/pm/ci: Clear EnabledForActivity field for memory levels (git-fixes). * drm/amd/pm/ci: Disable MCLK DPM on problematic CI ASICs (git-fixes). * drm/amd/pm/ci: Fill DW8 fields from SMC (git-fixes). * drm/amd/pm/ci: Fix powertune defaults for Hawaii 0x67B0 (git-fixes). * drm/amd/pm/ci: Use highest MCLK on CI when MCLK DPM is disabled (git-fixes). * drm/amd/pm/smu7: Add SCLK cap for quirky Hawaii board (git-fixes). * drm/amd/pm/smu7: Fix SMU7 voltage dependency on display clock (git-fixes). * drm/amdgpu/gfx6: Support harvested SI chips with disabled TCCs (v2) (git- fixes). * drm/amdgpu/gfx9: drop unnecessary 64-bit fence flag check in KIQ (stable- fixes). * drm/amdgpu/gfx10: look at the right prop for gfx queue priority (git-fixes). * drm/amdgpu/gmc: Fix AMDGPU_GART_PLACEMENT_LOW to not overlap with VRAM (git- fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v2.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v2.5 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v3.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.3 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.5 ring (git-fixes). * drm/amdgpu/pm: add missing revision check for CI (git-fixes). * drm/amdgpu/pm: align Hawaii mclk workaround with radeon (git-fixes). * drm/amdgpu/sdma4: replace BUG_ON with WARN_ON in fence emission (git-fixes). * drm/amdgpu/vce: Prevent partial address patches (stable-fixes). * drm/amdgpu/vcn3: Avoid overflow on msg bound check (git-fixes). * drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg (stable-fixes). * drm/amdgpu/vcn4: Avoid overflow on msg bound check (git-fixes). * drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg (stable-fixes). * drm/amdgpu/vcn4: Prevent OOB reads when parsing IB (stable-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v2.0 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v2.5 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v3.0 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0.3 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0.5 enc ring (git-fixes). * drm/amdgpu: Add bounds checking to ib_{get,set}_value (stable-fixes). * drm/amdgpu: fix AMDGPU_INFO_READ_MMR_REG (git-fixes). * drm/amdgpu: fix zero-size GDS range init on RDNA4 (stable-fixes). * drm/amdgpu: zero-initialize GART table on allocation (stable-fixes). * drm/amdkfd: Add upper bound check for num_of_nodes (stable-fixes). * drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure (stable- fixes). * drm/amdkfd: validate SVM ioctl nattr against buffer size (stable-fixes). * drm/arcpgu: fix device node leak (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Add mode_valid hook to drm_bridge_funcs (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Handle HDCP state in bridge atomic check (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Set the mhdp connector earlier in atomic_enable() (git-fixes). * drm/etnaviv: Fix armed job not being pushed to the DRM scheduler (git- fixes). * drm/fb-helper: Fix clipping when damage area spans a single scanline (git- fixes). * drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() (git-fixes). * drm/gma500/oaktrail_hdmi: fix i2c adapter leak on setup (git-fixes). * drm/gma500/oaktrail_lvds: fix hang on init failure (git-fixes). * drm/gma500/oaktrail_lvds: fix i2c adapter leaks on init (git-fixes). * drm/i915/dp: Fix VSC dynamic range signaling for RGB formats (git-fixes). * drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (git- fixes). * drm/i915/wm: Verify the correct plane DDB entry (git-fixes). * drm/i915: skip __i915_request_skip() for already signaled requests (git- fixes). * drm/komeda: fix integer overflow in AFBC framebuffer size check (git-fixes). * drm/msm/a6xx: Fix dumping A650+ debugbus blocks (git-fixes). * drm/msm/a6xx: Fix HLSQ register dumping (git-fixes). * drm/msm/a6xx: Use barriers while updating HFI Q headers (git-fixes). * drm/msm/dpu: fix mismatch between power and frequency (git-fixes). * drm/msm/dsi: add the missing parameter description (git-fixes). * drm/msm/dsi: fix bits_per_pclk (git-fixes). * drm/msm/dsi: fix hdisplay calculation for CMD mode panel (git-fixes). * drm/msm/dsi: rename MSM8998 DSI version from V2_2_0 to V2_0_0 (git-fixes). * drm/msm/shrinker: Fix can_block() logic (git-fixes). * drm/nouveau: fix u32 overflow in pushbuf reloc bounds check (git-fixes). * drm/panel: sharp-ls043t1le01: make use of prepare_prev_first (git-fixes). * drm/panel: simple: Correct G190EAN01 prepare timing (git-fixes). * drm/panfrost: Fix wait_bo ioctl leaking positive return from dma_resv_wait_timeout() (git-fixes). * drm/radeon: add missing revision check for CI (git-fixes). * drm/sun4i: backend: fix error pointer dereference (git-fixes). * drm/sun4i: Fix resource leaks (git-fixes). * drm/vc4: Fix a memory leak in hang state error path (git-fixes). * drm/vc4: Fix memory leak of BO array in hang state (git-fixes). * drm/vc4: platform_get_irq_byname() returns an int (stable-fixes). * drm/vc4: Protect madv read in vc4_gem_object_mmap() with madv_lock (git- fixes). * drm/vc4: Release runtime PM reference after binding V3D (git-fixes). * drm/vram: remove DRM_VRAM_MM_FILE_OPERATIONS from docs (git-fixes). * dt-bindings: net: Fix Tegra234 MGBE PTP clock (git-fixes). * efi/capsule-loader: fix incorrect sizeof in phys array reallocation (git- fixes). * efi: pstore: Drop efivar lock when efi_pstore_open() returns with an error (git-fixes). * ext4: fix fsync(2) for nojournal mode (git-fixes). * ext4: make recently_deleted() properly work with lazy itable initialization (git-fixes). * ext4: reject mount if bigalloc with s_first_data_block != 0 (git-fixes). * extcon: ptn5150: handle pending IRQ events during system resume (git-fixes). * fbdev: matroxfb: Mark variable with __maybe_unused to avoid W=1 build break (git-fixes). * fbdev: offb: fix PCI device reference leak on probe failure (git-fixes). * fbdev: tdfxfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (stable-fixes). * fbdev: udlfb: add vm_ops to dlfb_ops_mmap to prevent use-after-free (stable- fixes). * fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (git-fixes). * firmware: dmi: Correct an indexing error in dmi.h (git-fixes). * gpio: tegra: fix irq_release_resources calling enable instead of disable (git-fixes). * gtp: disable BH before calling udp_tunnel_xmit_skb() (git-fixes). * HID: alps: fix NULL pointer dereference in alps_raw_event() (git-fixes). * HID: asus: do not abort probe when not necessary (git-fixes). * HID: asus: make asus_resume adhere to linux kernel coding standards (git- fixes). * HID: core: clamp report_size in s32ton() to avoid undefined shift (stable- fixes). * HID: multitouch: Check to ensure report responses match the request (stable- fixes). * HID: playstation: Clamp num_touch_reports (git-fixes). * HID: quirks: add HID_QUIRK_ALWAYS_POLL for 8BitDo Pro 3 (stable-fixes). * HID: roccat: fix use-after-free in roccat_report_event (stable-fixes). * HID: usbhid: fix deadlock in hid_post_reset() (git-fixes). * HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq (stable-fixes). * hv_sock: fix ARM64 support (git-fixes). * hwmon: (ads7871) Fix endianness bug in 16-bit register reads (git-fixes). * hwmon: (corsair-psu) Close HID device on probe errors (git-fixes). * hwmon: (lm63) Add locking to avoid TOCTOU (git-fixes). * hwmon: (ltc2992) Clamp threshold writes to hardware range (git-fixes). * hwmon: (ltc2992) Fix u32 overflow in power read path (git-fixes). * i2c: s3c24xx: check the size of the SMBUS message before using it (stable- fixes). * i2c: smbus: reject oversized block transfers in the common path (git-fixes). * i2c: stm32f7: reinit_completion() per transfer not per msg (git-fixes). * i2c: stub: Reject I2C block transfers with invalid length (git-fixes). * i3c: master: Fix error codes at send_ccc_cmd (git-fixes). * i3c: mipi-i3c-hci: fix IBI payload length calculation for final status (git- fixes). * ibmveth: Disable GSO for packets with small MSS (bsc#1265144). * ice: set max queues in alloc_etherdev_mqs() (git-fixes). * iio: adc: ad7768-1: fix one-shot mode data acquisition (git-fixes). * iio: adc: ti-adc161s626: use DMA-safe memory for spi_read() (git-fixes). * iio: adc: ti-ads7950: use iio_push_to_buffers_with_ts_unaligned() (git- fixes). * Input: i8042 - add TUXEDO InfinityBook Max 16 Gen10 AMD to i8042 quirk table (stable-fixes). * Input: uinput - fix circular locking dependency with ff-core (git-fixes). * Input: uinput - take event lock when submitting FF request "event" (stable- fixes). * Input: xpad - add support for BETOP BTP-KP50B/C controller's wireless mode (stable-fixes). * Input: xpad - add support for Razer Wolverine V3 Pro (stable-fixes). * ipmi: Add limits to event and receive message requests (git-fixes). * ipmi: Check event message buffer response for bad data (git-fixes). * ipmi: ssif_bmc: change log level to dbg in irq callback (git-fixes). * ipmi: ssif_bmc: fix message desynchronization after truncated response (git- fixes). * ipmi: ssif_bmc: fix missing check for copy_to_user() partial failure (git- fixes). * irqchip/irq-pic32-evic: Address warning related to wrong printf() formatter (git-fixes). * kdump, documentation: describe craskernel CMA reservation (jsc#PED-7249). * KVM: Reject wrapped offset in kvm_reset_dirty_gfn() (git-fixes). * KVM: SVM: Mark VMCB_NPT as dirty on nested VMRUN (git-fixes). * KVM: SVM: Mark VMCB_PERM_MAP as dirty on nested VMRUN (git-fixes). * KVM: x86/mmu: Retry fault before acquiring mmu_lock if mapping is changing (bsc#1253122). * KVM: x86/xen: Fix cleanup logic in emulation of Xen schedop poll hypercalls (git-fixes). * KVM: x86: check for nEPT/nNPT in slow flush hypercalls (git-fixes). * KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (git- fixes). * KVM: x86: hyper-v: Validate all GVAs during PV TLB flush (git-fixes). * KVM: x86: Ignore cpuid faulting in SMM (git-fixes). * leds: lgm-sso: Remove duplicate assignments for priv->mmap (git-fixes). * lib/hexdump: print_hex_dump_bytes() calls print_hex_dump_debug() (git- fixes). * media: amphion: Fix race between m2m job_abort and device_run (git-fixes). * media: as102: fix to not free memory after the device is registered in as102_usb_probe() (git-fixes). * media: dib8000: avoid division by 0 in dib8000_set_dds() (git-fixes). * media: em28xx: fix use-after-free in em28xx_v4l2_open() (git-fixes). * media: hackrf: fix to not free memory after the device is registered in hackrf_probe() (git-fixes). * media: i2c: imx219: Check return value of devm_gpiod_get_optional() in imx219_probe() (git-fixes). * media: i2c: imx412: Assert reset GPIO during probe (git-fixes). * media: i2c: ov08d10: fix image vertical start setting (git-fixes). * media: i2c: ov8856: free control handler on error in ov8856_init_controls() (git-fixes). * media: mtk-jpeg: fix use-after-free in release path due to uncancelled work (git-fixes). * media: omap3isp: drop the use count of v4l2 pipeline (git-fixes). * media: pci: zoran: fix potential memory leak in zoran_probe() (git-fixes). * media: rc: streamzap: Error handling in probe (git-fixes). * media: rc: xbox_remote: heed DMA restrictions (git-fixes). * media: saa7164: add ioremap return checks and cleanups (git-fixes). * media: staging: imx: configure src_mux in csi_start (git-fixes). * media: staging: imx: request mbus_config in csi_start (git-fixes). * media: uvcvideo: Enable VB2_DMABUF for metadata stream (git-fixes). * media: videobuf2: Set vma_flags in vb2_dma_sg_mmap (git-fixes). * media: vidtv: fix nfeeds state corruption on start_streaming failure (git- fixes). * media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections (git-fixes). * media: vidtv: fix pass-by-value structs causing MSAN warnings (git-fixes). * memory: tegra30-emc: Fix dll_change check (git-fixes). * memory: tegra124-emc: Fix dll_change check (git-fixes). * mfd: mc13xxx-core: Fix memory leak in mc13xxx_add_subdevice_pdata() (git- fixes). * mkspec: Add signature to source list only when it exists. * mmc: sdhci-of-dwcmshc: Disable clock before DLL configuration (git-fixes). * mmc: vub300: fix NULL-deref on disconnect (git-fixes). * modpost: Amend ppc64 save/restfpr symnames for -Os build (bsc#1215199). * mtd: docg3: Convert to platform remove callback returning void (stable- fixes). * mtd: docg3: fix use-after-free in docg3_release() (git-fixes). * mtd: parsers: ofpart: call of_node_get() for dedicated subpartitions (git- fixes). * mtd: parsers: ofpart: call of_node_put() only in ofpart_fail path (git- fixes). * mtd: physmap_of_gemini: Fix disabled pinctrl state check (git-fixes). * mtd: rawnand: sunxi: fix sunxi_nfc_hw_ecc_read_extra_oob (git-fixes). * mtd: spi-nor: core: correct the op.dummy.nbytes when check read operations (git-fixes). * mtd: spi-nor: sst: Factor out common write operation to `sst_nor_write_data()` (stable-fixes). * mtd: spi-nor: sst: Fix SST write failure (git-fixes). * mtd: spi-nor: sst: Fix write enable before AAI sequence (git-fixes). * mtd: spi-nor: swp: check SR_TB flag when getting tb_mask (git-fixes). * net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * net/sched: cls_fw: fix NULL dereference of "old" filters before change() (git-fixes). * net/sched: fix pedit partial COW leading to page cache corruption (bsc#1265421). * net: gro: don't merge zcopy skbs (git-fixes). * net: mana: Add MAC address to vPort logs and clarify error messages (git- fixes). * net: mana: check xdp_rxq registration before unreg in mana_destroy_rxq() (git-fixes). * net: mana: Don't overwrite port probe error with add_adev result (git- fixes). * net: mana: Fix crash from unvalidated SHM offset read from BAR0 during FLR (bsc#1265846). * net: mana: Fix EQ leak in mana_remove on NULL port (git-fixes). * net: mana: Fix RX skb truesize accounting (bsc#1248754). * net: mana: fix use-after-free in mana_hwc_destroy_channel() by reordering teardown (git-fixes). * net: mana: Guard mana_remove against double invocation (git-fixes). * net: mana: hardening: Validate adapter_mtu from MANA_QUERY_DEV_CONFIG (git- fixes). * net: mana: hardening: Validate doorbell ID from GDMA_REGISTER_DEVICE response (git-fixes). * net: mana: Init gf_stats_work before potential error paths in probe (git- fixes). * net: mana: Init link_change_work before potential error paths in probe (git- fixes). * net: mana: remove double CQ cleanup in mana_create_rxq error path (git- fixes). * net: mana: Set default number of queues to 16 (bsc#1261648). * net: mana: Skip WQ object destruction for uninitialized RXQ (git-fixes). * net: mana: Use at least SZ_4K in doorbell ID range check (git-fixes). * net: mana: Use pci_name() for debugfs directory naming (git-fixes). * net: phy: dp83869: fix setting CLK_O_SEL field (git-fixes). * net: stmmac: Fix PTP ref clock for Tegra234 (git-fixes). * net: usb: asix: ax88772: re-add usbnet_link_change() in phylink callbacks (git-fixes). * net: usb: cdc-phonet: fix skb frags[] overflow in rx_complete() (git-fixes). * net: usb: rtl8150: fix use-after-free in rtl8150_start_xmit() (git-fixes). * net: usb: rtl8150: free skb on usb_submit_urb() failure in xmit (git-fixes). * net: wan: fsl_ucc_hdlc: fix ucc_hdlc_remove (git-fixes). * net: wan: fsl_ucc_hdlc: fix uhdlc_memclean (git-fixes). * net: wan: fsl_ucc_hdlc: free tx_skbuff in uhdlc_memclean (git-fixes). * NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (git- fixes). * nfc: llcp: add missing return after LLCP_CLOSED checks (git-fixes). * nfc: pn533: allocate rx skb before consuming bytes (git-fixes). * nfc: s3fwrn5: allocate rx skb before consuming bytes (git-fixes). * NFC: trf7970a: Ignore antenna noise when checking for RF field (git-fixes). * nvmet-tcp: propagate nvmet_tcp_build_pdu_iovec() errors to its callers (git- fixes). * ocfs2: fix possible deadlock between unlink and dio_end_io_write (bsc#1258718). * ocfs2: split transactions in dio completion to avoid credit exhaustion (bsc#1258718). * PCI/AER: Clear only error bits in PCIe Device Status (git-fixes). * PCI/AER: Stop ruling out unbound devices as error source (git-fixes). * PCI: dwc: Apply ECRC workaround to DesignWare 5.00a as well (git-fixes). * PCI: Enable AtomicOps only if Root Port supports them (git-fixes). * PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown (git-fixes). * PCI: hv: Set default NUMA node to 0 for devices without affinity info (git- fixes). * PCI: mediatek-gen3: Prevent leaking IRQ domains when IRQ not found (git- fixes). * PCI: tegra194: Allow system suspend when the Endpoint link is not up (git- fixes). * PCI: tegra194: Disable direct speed change for Endpoint mode (git-fixes). * PCI: tegra194: Disable LTSSM after transition to Detect on surprise link down (git-fixes). * PCI: tegra194: Disable PERST# IRQ only in Endpoint mode (git-fixes). * PCI: tegra194: Fix polling delay for L2 state (git-fixes). * PCI: tegra194: Increase LTSSM poll time on surprise link down (git-fixes). * PCI: tegra194: Set LTR message request before PCIe link up in Endpoint mode (git-fixes). * PCI: tegra194: Use devm_gpiod_get_optional() to parse "nvidia,refclk-select" (git-fixes). * PCI: tegra194: Use DWC IP core version (git-fixes). * pinctrl: abx500: Fix type of 'argument' variable (git-fixes). * pinctrl: Fix spelling problem (git-fixes). * pinctrl: intel: Fix the revision for new features (1kOhm PD, HW debouncer) (stable-fixes). * pinctrl: pic32: change all cases of bare 'unsigned' to 'unsigned int' (git- fixes). * pinctrl: pic32: use consistent spacing around '+' (git-fixes). * pinctrl: pinctrl-pic32: Fix resource leak (git-fixes). * platform/chrome: chromeos_tbmc: Drop wakeup source on remove (git-fixes). * platform/surface: surfacepro3_button: Drop wakeup source on remove (git- fixes). * platform/x86/amd: pmc: Add Thinkpad L14 Gen3 to quirk_s2idle_bug (stable- fixes). * platform/x86: dell-wmi-sysman: bound enumeration string aggregation (git- fixes). * platform/x86: dell_rbu: avoid uninit value usage in packet_size_write() (git-fixes). * platform/x86: hp-wmi: Ignore backlight and FnLock events (stable-fixes). * platform/x86: panasonic-laptop: Fix OPTD notifier registration and cleanup (git-fixes). * power: supply: axp288_charger: Do not cancel work before initializing it (git-fixes). * power: supply: max17042: avoid overflow when determining health (git-fixes). * powerpc/crash: fix backup region offset update to elfcorehdr (bsc#1259535). * RDMA/mana: Fix error unwind in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Fix mana_destroy_wq_obj() cleanup in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Validate rx_hash_key_len (git-fixes). * RDMA/mana_ib: cleanup the usage of mana_gd_send_request() (git-fixes). * RDMA/mana_ib: Disable RX steering on RSS QP destroy (git-fixes). * RDMA/mana_ib: Support memory windows (git-fixes). * regulator: act8945a: fix OF node reference imbalance (git-fixes). * regulator: bd9571mwv: fix OF node reference imbalance (git-fixes). * regulator: max77650: fix OF node reference imbalance (git-fixes). * regulator: mt6357: fix OF node reference imbalance (git-fixes). * remoteproc: xlnx: Only access buffer information if IPI is buffered (git- fixes). * Revert "ALSA: usb: Increase volume range that triggers a warning" (git- fixes). * rtc: abx80x: Disable alarm feature if no interrupt attached (git-fixes). * rtc: ntxec: fix OF node reference imbalance (git-fixes). * sched/balancing: Switch the 'DEFINE_SPINLOCK(balancing)' spinlock into an 'atomic_t sched_balance_running' flag (bsc#1253754). * sched/fair: Change likelyhood of nohz.nr_cpus (bsc#1234634 bsc#1258961). * sched/fair: Have SD_SERIALIZE affect newidle balancing (bsc#1253754). * sched/fair: Move checking for nohz cpus after time check (bsc#1234634 bsc#1258961). * sched/fair: Remove nohz.nr_cpus and use weight of cpumask instead (bsc#1234634 bsc#1258961). * sched/fair: Skip sched_balance_running cmpxchg when balance is not due (bsc#1253754). * scsi: storvsc: Handle PERSISTENT_RESERVE_IN truncation for Hyper-V vFC (git- fixes). * scsi: target: iscsi: validate CHAP_R length before base64 decode (bsc#1265449). * soc/tegra: cbb: Set ERD on resume for err interrupt (git-fixes). * soc: qcom: aoss: compare against normalized cooling state (git-fixes). * soc: qcom: llcc: fix v1 SB syndrome register offset (git-fixes). * sound: ua101: fix division by zero at probe (git-fixes). * soundwire: bus: demote UNATTACHED state warnings to dev_dbg() (git-fixes). * soundwire: cadence: Clear message complete before signaling waiting thread (git-fixes). * spi: at91-usart: fix controller deregistration (git-fixes). * spi: atmel: fix controller deregistration (git-fixes). * spi: cadence: fix controller deregistration (git-fixes). * spi: fix controller cleanup() documentation (git-fixes). * spi: fix misleading controller deregistration kernel-doc (git-fixes). * spi: fix misleading controller registration kernel-doc (git-fixes). * spi: fsl-qspi: Use reinit_completion() for repeated operations (git-fixes). * spi: hisi-kunpeng: prevent infinite while() loop in hisi_spi_flush_fifo (git-fixes). * spi: imx: fix runtime pm leak on probe deferral (git-fixes). * spi: imx: fix use-after-free on unbind (git-fixes). * spi: microchip-core-qspi: fix controller deregistration (git-fixes). * spi: microchip-core-qspi: Use helper function devm_clk_get_enabled() (stable-fixes). * spi: mpc52xx: fix use-after-free on unbind (git-fixes). * spi: mtk-nor: fix controller deregistration (git-fixes). * spi: mtk-snfi: unregister ECC engine on probe failure and remove() callback (git-fixes). * spi: omap2-mcspi: fix controller deregistration (git-fixes). * spi: orion: fix clock imbalance on registration failure (git-fixes). * spi: orion: fix runtime pm leak on unbind (git-fixes). * spi: rockchip: fix controller deregistration (git-fixes). * spi: rspi: fix controller deregistration (git-fixes). * spi: sh-hspi: fix controller deregistration (git-fixes). * spi: spi-ti-qspi: Convert to platform remove callback returning void (stable-fixes). * spi: sprd: fix controller deregistration (git-fixes). * spi: sun4i: fix controller deregistration (git-fixes). * spi: sun4i: switch to use modern name (stable-fixes). * spi: syncuacer: fix controller deregistration (git-fixes). * spi: synquacer: switch to use modern name (stable-fixes). * spi: uniphier: fix controller deregistration (git-fixes). * spi: uniphier: Simplify clock handling with devm_clk_get_enabled() (stable- fixes). * spi: uniphier: switch to use modern name (stable-fixes). * spi: zynq-qspi: switch to use modern name (stable-fixes). * spi: zynqmp-gqspi: fix controller deregistration (git-fixes). * staging: media: atomisp: Disallow all private IOCTLs (git-fixes). * staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify() (git-fixes). * staging: sm750fb: fix division by zero in ps_to_hz() (git-fixes). * staging: vme_user: added bound check to geoid (stable-fixes). * staging: vme_user: fix root device leak on init failure (git-fixes). * thermal/drivers/spear: Fix error condition for reading st,thermal-flags (git-fixes). * thermal/drivers/sprd: Fix raw temperature clamping in sprd_thm_rawdata_to_temp (git-fixes). * thermal/drivers/sprd: Fix temperature clamping in sprd_thm_temp_to_rawdata (git-fixes). * tpm: avoid -Wunused-but-set-variable (git-fixes). * tpm: tpm_tis: add error logging for data transfer (git-fixes). * tpm: tpm_tis: stop transmit if retries are exhausted (git-fixes). * tty: tty_io: update timestamps on all device nodes (bsc#1262020). * USB: cdc-acm: Add quirks for Yoga Book 9 14IAH10 INGENIC touchscreen (stable-fixes). * usb: chipidea: core: allow ci_irq_handler() handle both ID and VBUS change (git-fixes). * usb: chipidea: otg: not wait vbus drop if use role_switch (git-fixes). * USB: core: add NO_LPM quirk for Razer Kiyo Pro webcam (stable-fixes). * usb: gadget: dummy_hcd: fix premature URB completion when ZLP follows partial transfer (stable-fixes). * usb: gadget: f_ncm: validate minimum block_len in ncm_unwrap_ntb() (git- fixes). * usb: gadget: f_phonet: fix skb frags[] overflow in pn_rx_complete() (stable- fixes). * usb: gadget: f_uac1_legacy: validate control request size (stable-fixes). * usb: gadget: renesas_usb3: validate endpoint index in standard request handlers (git-fixes). * USB: omap_udc: DMA: Don't enable burst 4 mode (git-fixes). * usb: port: add delay after usb_hub_set_port_power() (git-fixes). * usb: quirks: add DELAY_INIT quirk for another Silicon Motion flash drive (stable-fixes). * USB: serial: io_edgeport: add support for Blackbox IC135A (stable-fixes). * USB: serial: option: add MeiG Smart SRM825WN (stable-fixes). * USB: serial: option: add support for Rolling Wireless RW135R-GL (stable- fixes). * USB: serial: option: add Telit Cinterion FN990A MBIM composition (stable- fixes). * USB: serial: option: add Telit Cinterion LE910Cx compositions (stable- fixes). * usb: storage: Expand range of matched versions for VL817 quirks entry (stable-fixes). * usb: ulpi: fix memory leak on ulpi_register() error paths (git-fixes). * usb: usblp: fix heap leak in IEEE 1284 device ID via short response (stable- fixes). * usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl (stable- fixes). * usb: xhci: Make usb_host_endpoint.hcpriv survive endpoint_disable() (git- fixes). * usbip: validate number_of_packets in usbip_pack_ret_submit() (git-fixes). * virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (git- fixes). * virt: tdx-guest: Return error for GetQuote failures (git-fixes). * wifi: ath5k: do not access array OOB (git-fixes). * wifi: ath9k: Fix typo (git-fixes). * wifi: ath11k: Pass the correct value of each TID during a stop AMPDU session (git-fixes). * wifi: ath11k: skip status ring entry processing (stable-fixes). * wifi: ath11k: Use dma_alloc_noncoherent for rx_tid buffer allocation (stable-fixes). * wifi: b43: enforce bounds check on firmware key index in b43_rx() (git- fixes). * wifi: b43legacy: enforce bounds check on firmware key index in RX path (git- fixes). * wifi: brcmfmac: Fix error pointer dereference (git-fixes). * wifi: brcmfmac: validate bsscfg indices in IF events (stable-fixes). * wifi: brcmsmac: Fix dma_free_coherent() size (git-fixes). * wifi: cw1200: Revert "Fix locking in error paths" (git-fixes). * wifi: libertas: notify firmware load wait on disconnect (git-fixes). * wifi: mac80211: check ieee80211_rx_data_set_link return in pubsta MLO path (git-fixes). * wifi: mac80211: drop stray 'static' from fast-RX rx_result (git-fixes). * wifi: mac80211: remove station if connection prep fails (git-fixes). * wifi: mt76: mt792x: describe USB WFSYS reset with a descriptor (stable- fixes). * wifi: mt76: mt792x: fix mt7925u USB WFSYS reset handling (git-fixes). * wifi: mt76: mt7615: fix use_cts_prot support (git-fixes). * wifi: mt76: mt7915: fix use-after-free bugs in mt7915_mac_dump_work() (git- fixes). * wifi: mt76: mt7915: fix use_cts_prot support (git-fixes). * wifi: mt76: mt7921: fix a potential clc buffer length underflow (git-fixes). * wifi: mt76: mt7921: fix ROC abort flow interruption in mt7921_roc_work (git- fixes). * wifi: mt76: mt7921: Reset ampdu_state state in case of failure in mt76_connac2_tx_check_aggr() (git-fixes). * wifi: mt76: mt7925: fix incorrect length field in txpower command (git- fixes). * wifi: mt76: mt7996: fix FCS error flag check in RX descriptor (git-fixes). * wifi: mt76: mt7996: fix struct mt7996_mcu_uni_event (git-fixes). * wifi: mwifiex: Fix memory leak in mwifiex_11n_aggregate_pkt() (git-fixes). * wifi: nl80211: fix NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST usage (git- fixes). * wifi: nl80211: require admin perm on SET_PMK / DEL_PMK (git-fixes). * wifi: rsi: fix kthread lifetime race between self-exit and external-stop (git-fixes). * wifi: rt2x00usb: fix devres lifetime (git-fixes). * wifi: rtlwifi: pci: fix possible use-after-free caused by unfinished irq_prepare_bcn_tasklet (git-fixes). * wifi: rtw88: check for PCI upstream bridge existence (git-fixes). * wifi: rtw88: fix device leak on probe failure (git-fixes). * wifi: rtw89: phy: fix uninitialized variable access in rtw89_phy_cfo_set_crystal_cap() (git-fixes). * wifi: wl1251: validate packet IDs before indexing tx_frames (stable-fixes). * workqueue: Break up enum definitions and give names to the types (bsc#1260522). * workqueue: Clean up enum work_bits and related constants (bsc#1260522). * workqueue: Factor out work_grab_pending() from __cancel_work_sync() (bsc#1260522). * workqueue: Fix UBSAN 'subtraction overflow' error in shift_and_mask() (bsc#1260522). * workqueue: Implement disable/enable for (delayed) work items (bsc#1260522). * workqueue: Introduce work_cancel_flags (bsc#1260522). * workqueue: Make @flags handling consistent across set_work_data() and friends (bsc#1260522). * workqueue: Preserve OFFQ bits in cancel[_sync] paths (bsc#1260522). * workqueue: Rename __cancel_work_timer() to __cancel_timer_sync() (bsc#1260522). * workqueue: Reorganize flush and cancel[_sync] functions (bsc#1260522). * x86/boot/64: Clear most of CR4 in startup_64(), except PAE, MCE and LA57 (git-fixes). * x86/boot/sev: Avoid shared GHCB page for early memory acceptance (git- fixes). * x86/boot: Don't add the EFI stub to targets, again (git-fixes). * x86/boot: Fix page table access in 5-level to 4-level paging transition (git-fixes). * X.509: Fix out-of-bounds access when parsing extensions (git-fixes). * Xarray: do not return sibling entries from xas_find_marked() (bsc#1263815). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro Extras 6.0 zypper in -t patch SUSE-SLE-Micro-Extras-6.0-kernel-437=1 ## Package List: * SUSE Linux Micro Extras 6.0 (nosrc) * kernel-rt-6.4.0-47.1 * SUSE Linux Micro Extras 6.0 (x86_64) * kernel-rt-debugsource-6.4.0-47.1 * kernel-rt-devel-6.4.0-47.1 * kernel-rt-devel-debuginfo-6.4.0-47.1 ## References: * https://www.suse.com/security/cve/CVE-2023-20585.html * https://www.suse.com/security/cve/CVE-2025-40219.html * https://www.suse.com/security/cve/CVE-2025-71183.html * https://www.suse.com/security/cve/CVE-2025-71238.html * https://www.suse.com/security/cve/CVE-2026-23168.html * https://www.suse.com/security/cve/CVE-2026-23209.html * https://www.suse.com/security/cve/CVE-2026-23236.html * https://www.suse.com/security/cve/CVE-2026-23237.html * https://www.suse.com/security/cve/CVE-2026-23239.html * https://www.suse.com/security/cve/CVE-2026-23240.html * https://www.suse.com/security/cve/CVE-2026-23245.html * https://www.suse.com/security/cve/CVE-2026-23246.html * https://www.suse.com/security/cve/CVE-2026-23253.html * https://www.suse.com/security/cve/CVE-2026-23260.html * https://www.suse.com/security/cve/CVE-2026-23264.html * https://www.suse.com/security/cve/CVE-2026-23266.html * https://www.suse.com/security/cve/CVE-2026-23268.html * https://www.suse.com/security/cve/CVE-2026-23269.html * https://www.suse.com/security/cve/CVE-2026-23271.html * https://www.suse.com/security/cve/CVE-2026-23273.html * https://www.suse.com/security/cve/CVE-2026-23276.html * https://www.suse.com/security/cve/CVE-2026-23279.html * https://www.suse.com/security/cve/CVE-2026-23290.html * https://www.suse.com/security/cve/CVE-2026-23291.html * https://www.suse.com/security/cve/CVE-2026-23298.html * https://www.suse.com/security/cve/CVE-2026-23300.html * https://www.suse.com/security/cve/CVE-2026-23306.html * https://www.suse.com/security/cve/CVE-2026-23307.html * https://www.suse.com/security/cve/CVE-2026-23308.html * https://www.suse.com/security/cve/CVE-2026-23312.html * https://www.suse.com/security/cve/CVE-2026-23313.html * https://www.suse.com/security/cve/CVE-2026-23315.html * https://www.suse.com/security/cve/CVE-2026-23318.html * https://www.suse.com/security/cve/CVE-2026-23321.html * https://www.suse.com/security/cve/CVE-2026-23324.html * https://www.suse.com/security/cve/CVE-2026-23325.html * https://www.suse.com/security/cve/CVE-2026-23336.html * https://www.suse.com/security/cve/CVE-2026-23339.html * https://www.suse.com/security/cve/CVE-2026-23340.html * https://www.suse.com/security/cve/CVE-2026-23346.html * https://www.suse.com/security/cve/CVE-2026-23351.html * https://www.suse.com/security/cve/CVE-2026-23357.html * https://www.suse.com/security/cve/CVE-2026-23362.html * https://www.suse.com/security/cve/CVE-2026-23363.html * https://www.suse.com/security/cve/CVE-2026-23365.html * https://www.suse.com/security/cve/CVE-2026-23367.html * https://www.suse.com/security/cve/CVE-2026-23368.html * https://www.suse.com/security/cve/CVE-2026-23370.html * https://www.suse.com/security/cve/CVE-2026-23372.html * https://www.suse.com/security/cve/CVE-2026-23373.html * https://www.suse.com/security/cve/CVE-2026-23374.html * https://www.suse.com/security/cve/CVE-2026-23378.html * https://www.suse.com/security/cve/CVE-2026-23382.html * https://www.suse.com/security/cve/CVE-2026-23391.html * https://www.suse.com/security/cve/CVE-2026-23392.html * https://www.suse.com/security/cve/CVE-2026-23393.html * https://www.suse.com/security/cve/CVE-2026-23396.html * https://www.suse.com/security/cve/CVE-2026-23397.html * https://www.suse.com/security/cve/CVE-2026-23399.html * https://www.suse.com/security/cve/CVE-2026-23403.html * https://www.suse.com/security/cve/CVE-2026-23404.html * https://www.suse.com/security/cve/CVE-2026-23405.html * https://www.suse.com/security/cve/CVE-2026-23406.html * https://www.suse.com/security/cve/CVE-2026-23407.html * https://www.suse.com/security/cve/CVE-2026-23408.html * https://www.suse.com/security/cve/CVE-2026-23409.html * https://www.suse.com/security/cve/CVE-2026-23410.html * https://www.suse.com/security/cve/CVE-2026-23411.html * https://www.suse.com/security/cve/CVE-2026-23420.html * https://www.suse.com/security/cve/CVE-2026-23426.html * https://www.suse.com/security/cve/CVE-2026-23434.html * https://www.suse.com/security/cve/CVE-2026-23440.html * https://www.suse.com/security/cve/CVE-2026-23441.html * https://www.suse.com/security/cve/CVE-2026-23442.html * https://www.suse.com/security/cve/CVE-2026-23443.html * https://www.suse.com/security/cve/CVE-2026-23446.html * https://www.suse.com/security/cve/CVE-2026-23447.html * https://www.suse.com/security/cve/CVE-2026-23448.html * https://www.suse.com/security/cve/CVE-2026-23449.html * https://www.suse.com/security/cve/CVE-2026-23450.html * https://www.suse.com/security/cve/CVE-2026-23452.html * https://www.suse.com/security/cve/CVE-2026-23455.html * https://www.suse.com/security/cve/CVE-2026-23456.html * https://www.suse.com/security/cve/CVE-2026-23457.html * https://www.suse.com/security/cve/CVE-2026-23458.html * https://www.suse.com/security/cve/CVE-2026-23460.html * https://www.suse.com/security/cve/CVE-2026-23461.html * https://www.suse.com/security/cve/CVE-2026-23462.html * https://www.suse.com/security/cve/CVE-2026-23463.html * https://www.suse.com/security/cve/CVE-2026-23465.html * https://www.suse.com/security/cve/CVE-2026-23468.html * https://www.suse.com/security/cve/CVE-2026-23472.html * https://www.suse.com/security/cve/CVE-2026-23473.html * https://www.suse.com/security/cve/CVE-2026-23474.html * https://www.suse.com/security/cve/CVE-2026-23475.html * https://www.suse.com/security/cve/CVE-2026-31389.html * https://www.suse.com/security/cve/CVE-2026-31393.html * https://www.suse.com/security/cve/CVE-2026-31400.html * https://www.suse.com/security/cve/CVE-2026-31402.html * https://www.suse.com/security/cve/CVE-2026-31403.html * https://www.suse.com/security/cve/CVE-2026-31404.html * https://www.suse.com/security/cve/CVE-2026-31405.html * https://www.suse.com/security/cve/CVE-2026-31407.html * https://www.suse.com/security/cve/CVE-2026-31408.html * https://www.suse.com/security/cve/CVE-2026-31411.html * https://www.suse.com/security/cve/CVE-2026-31412.html * https://www.suse.com/security/cve/CVE-2026-31415.html * https://www.suse.com/security/cve/CVE-2026-31416.html * https://www.suse.com/security/cve/CVE-2026-31417.html * https://www.suse.com/security/cve/CVE-2026-31420.html * https://www.suse.com/security/cve/CVE-2026-31421.html * https://www.suse.com/security/cve/CVE-2026-31422.html * https://www.suse.com/security/cve/CVE-2026-31423.html * https://www.suse.com/security/cve/CVE-2026-31424.html * https://www.suse.com/security/cve/CVE-2026-31425.html * https://www.suse.com/security/cve/CVE-2026-31426.html * https://www.suse.com/security/cve/CVE-2026-31427.html * https://www.suse.com/security/cve/CVE-2026-31428.html * https://www.suse.com/security/cve/CVE-2026-31436.html * https://www.suse.com/security/cve/CVE-2026-31449.html * https://www.suse.com/security/cve/CVE-2026-31470.html * https://www.suse.com/security/cve/CVE-2026-31488.html * https://www.suse.com/security/cve/CVE-2026-31494.html * https://www.suse.com/security/cve/CVE-2026-31496.html * https://www.suse.com/security/cve/CVE-2026-31504.html * https://www.suse.com/security/cve/CVE-2026-31505.html * https://www.suse.com/security/cve/CVE-2026-31507.html * https://www.suse.com/security/cve/CVE-2026-31512.html * https://www.suse.com/security/cve/CVE-2026-31515.html * https://www.suse.com/security/cve/CVE-2026-31519.html * https://www.suse.com/security/cve/CVE-2026-31525.html * https://www.suse.com/security/cve/CVE-2026-31528.html * https://www.suse.com/security/cve/CVE-2026-31533.html * https://www.suse.com/security/cve/CVE-2026-31550.html * https://www.suse.com/security/cve/CVE-2026-31565.html * https://www.suse.com/security/cve/CVE-2026-31570.html * https://www.suse.com/security/cve/CVE-2026-31586.html * https://www.suse.com/security/cve/CVE-2026-31588.html * https://www.suse.com/security/cve/CVE-2026-31602.html * https://www.suse.com/security/cve/CVE-2026-31607.html * https://www.suse.com/security/cve/CVE-2026-31622.html * https://www.suse.com/security/cve/CVE-2026-31649.html * https://www.suse.com/security/cve/CVE-2026-31656.html * https://www.suse.com/security/cve/CVE-2026-31662.html * https://www.suse.com/security/cve/CVE-2026-31668.html * https://www.suse.com/security/cve/CVE-2026-31669.html * https://www.suse.com/security/cve/CVE-2026-31675.html * https://www.suse.com/security/cve/CVE-2026-31679.html * https://www.suse.com/security/cve/CVE-2026-31681.html * https://www.suse.com/security/cve/CVE-2026-31682.html * https://www.suse.com/security/cve/CVE-2026-31684.html * https://www.suse.com/security/cve/CVE-2026-31685.html * https://www.suse.com/security/cve/CVE-2026-31694.html * https://www.suse.com/security/cve/CVE-2026-31700.html * https://www.suse.com/security/cve/CVE-2026-31738.html * https://www.suse.com/security/cve/CVE-2026-31787.html * https://www.suse.com/security/cve/CVE-2026-43009.html * https://www.suse.com/security/cve/CVE-2026-43025.html * https://www.suse.com/security/cve/CVE-2026-43027.html * https://www.suse.com/security/cve/CVE-2026-43037.html * https://www.suse.com/security/cve/CVE-2026-43038.html * https://www.suse.com/security/cve/CVE-2026-43044.html * https://www.suse.com/security/cve/CVE-2026-43050.html * https://www.suse.com/security/cve/CVE-2026-43060.html * https://www.suse.com/security/cve/CVE-2026-43088.html * https://www.suse.com/security/cve/CVE-2026-43110.html * https://www.suse.com/security/cve/CVE-2026-43120.html * https://www.suse.com/security/cve/CVE-2026-43126.html * https://www.suse.com/security/cve/CVE-2026-43190.html * https://www.suse.com/security/cve/CVE-2026-43214.html * https://www.suse.com/security/cve/CVE-2026-43265.html * https://www.suse.com/security/cve/CVE-2026-43329.html * https://www.suse.com/security/cve/CVE-2026-43330.html * https://www.suse.com/security/cve/CVE-2026-43334.html * https://www.suse.com/security/cve/CVE-2026-43365.html * https://www.suse.com/security/cve/CVE-2026-43366.html * https://www.suse.com/security/cve/CVE-2026-43419.html * https://www.suse.com/security/cve/CVE-2026-43437.html * https://www.suse.com/security/cve/CVE-2026-43441.html * https://www.suse.com/security/cve/CVE-2026-43494.html * https://www.suse.com/security/cve/CVE-2026-43503.html * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1234634 * https://bugzilla.suse.com/show_bug.cgi?id=1243603 * https://bugzilla.suse.com/show_bug.cgi?id=1248754 * https://bugzilla.suse.com/show_bug.cgi?id=1253122 * https://bugzilla.suse.com/show_bug.cgi?id=1253754 * https://bugzilla.suse.com/show_bug.cgi?id=1254518 * https://bugzilla.suse.com/show_bug.cgi?id=1256863 * https://bugzilla.suse.com/show_bug.cgi?id=1257631 * https://bugzilla.suse.com/show_bug.cgi?id=1258518 * https://bugzilla.suse.com/show_bug.cgi?id=1258718 * https://bugzilla.suse.com/show_bug.cgi?id=1258826 * https://bugzilla.suse.com/show_bug.cgi?id=1258849 * https://bugzilla.suse.com/show_bug.cgi?id=1258850 * https://bugzilla.suse.com/show_bug.cgi?id=1258854 * https://bugzilla.suse.com/show_bug.cgi?id=1258855 * https://bugzilla.suse.com/show_bug.cgi?id=1258856 * https://bugzilla.suse.com/show_bug.cgi?id=1258857 * https://bugzilla.suse.com/show_bug.cgi?id=1258961 * https://bugzilla.suse.com/show_bug.cgi?id=1259186 * https://bugzilla.suse.com/show_bug.cgi?id=1259199 * https://bugzilla.suse.com/show_bug.cgi?id=1259222 * https://bugzilla.suse.com/show_bug.cgi?id=1259484 * https://bugzilla.suse.com/show_bug.cgi?id=1259485 * https://bugzilla.suse.com/show_bug.cgi?id=1259535 * https://bugzilla.suse.com/show_bug.cgi?id=1259799 * https://bugzilla.suse.com/show_bug.cgi?id=1259806 * https://bugzilla.suse.com/show_bug.cgi?id=1259857 * https://bugzilla.suse.com/show_bug.cgi?id=1259868 * https://bugzilla.suse.com/show_bug.cgi?id=1259869 * https://bugzilla.suse.com/show_bug.cgi?id=1259873 * https://bugzilla.suse.com/show_bug.cgi?id=1259878 * https://bugzilla.suse.com/show_bug.cgi?id=1260010 * https://bugzilla.suse.com/show_bug.cgi?id=1260012 * https://bugzilla.suse.com/show_bug.cgi?id=1260018 * https://bugzilla.suse.com/show_bug.cgi?id=1260468 * https://bugzilla.suse.com/show_bug.cgi?id=1260483 * https://bugzilla.suse.com/show_bug.cgi?id=1260484 * https://bugzilla.suse.com/show_bug.cgi?id=1260485 * https://bugzilla.suse.com/show_bug.cgi?id=1260489 * https://bugzilla.suse.com/show_bug.cgi?id=1260501 * https://bugzilla.suse.com/show_bug.cgi?id=1260504 * https://bugzilla.suse.com/show_bug.cgi?id=1260505 * https://bugzilla.suse.com/show_bug.cgi?id=1260507 * https://bugzilla.suse.com/show_bug.cgi?id=1260522 * https://bugzilla.suse.com/show_bug.cgi?id=1260523 * https://bugzilla.suse.com/show_bug.cgi?id=1260526 * https://bugzilla.suse.com/show_bug.cgi?id=1260528 * https://bugzilla.suse.com/show_bug.cgi?id=1260529 * https://bugzilla.suse.com/show_bug.cgi?id=1260530 * https://bugzilla.suse.com/show_bug.cgi?id=1260531 * https://bugzilla.suse.com/show_bug.cgi?id=1260532 * https://bugzilla.suse.com/show_bug.cgi?id=1260533 * https://bugzilla.suse.com/show_bug.cgi?id=1260536 * https://bugzilla.suse.com/show_bug.cgi?id=1260537 * https://bugzilla.suse.com/show_bug.cgi?id=1260538 * https://bugzilla.suse.com/show_bug.cgi?id=1260541 * https://bugzilla.suse.com/show_bug.cgi?id=1260546 * https://bugzilla.suse.com/show_bug.cgi?id=1260549 * https://bugzilla.suse.com/show_bug.cgi?id=1260551 * https://bugzilla.suse.com/show_bug.cgi?id=1260552 * https://bugzilla.suse.com/show_bug.cgi?id=1260553 * https://bugzilla.suse.com/show_bug.cgi?id=1260555 * https://bugzilla.suse.com/show_bug.cgi?id=1260561 * https://bugzilla.suse.com/show_bug.cgi?id=1260566 * https://bugzilla.suse.com/show_bug.cgi?id=1260572 * https://bugzilla.suse.com/show_bug.cgi?id=1260581 * https://bugzilla.suse.com/show_bug.cgi?id=1260728 * https://bugzilla.suse.com/show_bug.cgi?id=1260729 * https://bugzilla.suse.com/show_bug.cgi?id=1260731 * https://bugzilla.suse.com/show_bug.cgi?id=1260800 * https://bugzilla.suse.com/show_bug.cgi?id=1260811 * https://bugzilla.suse.com/show_bug.cgi?id=1261020 * https://bugzilla.suse.com/show_bug.cgi?id=1261287 * https://bugzilla.suse.com/show_bug.cgi?id=1261295 * https://bugzilla.suse.com/show_bug.cgi?id=1261348 * https://bugzilla.suse.com/show_bug.cgi?id=1261503 * https://bugzilla.suse.com/show_bug.cgi?id=1261504 * https://bugzilla.suse.com/show_bug.cgi?id=1261581 * https://bugzilla.suse.com/show_bug.cgi?id=1261582 * https://bugzilla.suse.com/show_bug.cgi?id=1261584 * https://bugzilla.suse.com/show_bug.cgi?id=1261601 * https://bugzilla.suse.com/show_bug.cgi?id=1261602 * https://bugzilla.suse.com/show_bug.cgi?id=1261618 * https://bugzilla.suse.com/show_bug.cgi?id=1261628 * https://bugzilla.suse.com/show_bug.cgi?id=1261632 * https://bugzilla.suse.com/show_bug.cgi?id=1261636 * https://bugzilla.suse.com/show_bug.cgi?id=1261638 * https://bugzilla.suse.com/show_bug.cgi?id=1261641 * https://bugzilla.suse.com/show_bug.cgi?id=1261644 * https://bugzilla.suse.com/show_bug.cgi?id=1261645 * https://bugzilla.suse.com/show_bug.cgi?id=1261648 * https://bugzilla.suse.com/show_bug.cgi?id=1261679 * https://bugzilla.suse.com/show_bug.cgi?id=1261685 * https://bugzilla.suse.com/show_bug.cgi?id=1261686 * https://bugzilla.suse.com/show_bug.cgi?id=1261687 * https://bugzilla.suse.com/show_bug.cgi?id=1261692 * https://bugzilla.suse.com/show_bug.cgi?id=1261694 * https://bugzilla.suse.com/show_bug.cgi?id=1261700 * https://bugzilla.suse.com/show_bug.cgi?id=1261703 * https://bugzilla.suse.com/show_bug.cgi?id=1261707 * https://bugzilla.suse.com/show_bug.cgi?id=1261710 * https://bugzilla.suse.com/show_bug.cgi?id=1261713 * https://bugzilla.suse.com/show_bug.cgi?id=1261719 * https://bugzilla.suse.com/show_bug.cgi?id=1261750 * https://bugzilla.suse.com/show_bug.cgi?id=1261751 * https://bugzilla.suse.com/show_bug.cgi?id=1261752 * https://bugzilla.suse.com/show_bug.cgi?id=1261768 * https://bugzilla.suse.com/show_bug.cgi?id=1261778 * https://bugzilla.suse.com/show_bug.cgi?id=1261779 * https://bugzilla.suse.com/show_bug.cgi?id=1261781 * https://bugzilla.suse.com/show_bug.cgi?id=1261789 * https://bugzilla.suse.com/show_bug.cgi?id=1261796 * https://bugzilla.suse.com/show_bug.cgi?id=1261797 * https://bugzilla.suse.com/show_bug.cgi?id=1261896 * https://bugzilla.suse.com/show_bug.cgi?id=1262020 * https://bugzilla.suse.com/show_bug.cgi?id=1262053 * https://bugzilla.suse.com/show_bug.cgi?id=1262054 * https://bugzilla.suse.com/show_bug.cgi?id=1262055 * https://bugzilla.suse.com/show_bug.cgi?id=1262061 * https://bugzilla.suse.com/show_bug.cgi?id=1262063 * https://bugzilla.suse.com/show_bug.cgi?id=1262074 * https://bugzilla.suse.com/show_bug.cgi?id=1262078 * https://bugzilla.suse.com/show_bug.cgi?id=1262086 * https://bugzilla.suse.com/show_bug.cgi?id=1262087 * https://bugzilla.suse.com/show_bug.cgi?id=1262099 * https://bugzilla.suse.com/show_bug.cgi?id=1262100 * https://bugzilla.suse.com/show_bug.cgi?id=1262101 * https://bugzilla.suse.com/show_bug.cgi?id=1262179 * https://bugzilla.suse.com/show_bug.cgi?id=1262181 * https://bugzilla.suse.com/show_bug.cgi?id=1262602 * https://bugzilla.suse.com/show_bug.cgi?id=1262616 * https://bugzilla.suse.com/show_bug.cgi?id=1262665 * https://bugzilla.suse.com/show_bug.cgi?id=1262671 * https://bugzilla.suse.com/show_bug.cgi?id=1262673 * https://bugzilla.suse.com/show_bug.cgi?id=1262725 * https://bugzilla.suse.com/show_bug.cgi?id=1262731 * https://bugzilla.suse.com/show_bug.cgi?id=1262734 * https://bugzilla.suse.com/show_bug.cgi?id=1262746 * https://bugzilla.suse.com/show_bug.cgi?id=1262752 * https://bugzilla.suse.com/show_bug.cgi?id=1262758 * https://bugzilla.suse.com/show_bug.cgi?id=1263001 * https://bugzilla.suse.com/show_bug.cgi?id=1263012 * https://bugzilla.suse.com/show_bug.cgi?id=1263064 * https://bugzilla.suse.com/show_bug.cgi?id=1263065 * https://bugzilla.suse.com/show_bug.cgi?id=1263085 * https://bugzilla.suse.com/show_bug.cgi?id=1263093 * https://bugzilla.suse.com/show_bug.cgi?id=1263095 * https://bugzilla.suse.com/show_bug.cgi?id=1263104 * https://bugzilla.suse.com/show_bug.cgi?id=1263131 * https://bugzilla.suse.com/show_bug.cgi?id=1263140 * https://bugzilla.suse.com/show_bug.cgi?id=1263141 * https://bugzilla.suse.com/show_bug.cgi?id=1263149 * https://bugzilla.suse.com/show_bug.cgi?id=1263165 * https://bugzilla.suse.com/show_bug.cgi?id=1263170 * https://bugzilla.suse.com/show_bug.cgi?id=1263176 * https://bugzilla.suse.com/show_bug.cgi?id=1263556 * https://bugzilla.suse.com/show_bug.cgi?id=1263582 * https://bugzilla.suse.com/show_bug.cgi?id=1263592 * https://bugzilla.suse.com/show_bug.cgi?id=1263593 * https://bugzilla.suse.com/show_bug.cgi?id=1263595 * https://bugzilla.suse.com/show_bug.cgi?id=1263596 * https://bugzilla.suse.com/show_bug.cgi?id=1263600 * https://bugzilla.suse.com/show_bug.cgi?id=1263668 * https://bugzilla.suse.com/show_bug.cgi?id=1263723 * https://bugzilla.suse.com/show_bug.cgi?id=1263797 * https://bugzilla.suse.com/show_bug.cgi?id=1263815 * https://bugzilla.suse.com/show_bug.cgi?id=1263882 * https://bugzilla.suse.com/show_bug.cgi?id=1263901 * https://bugzilla.suse.com/show_bug.cgi?id=1263931 * https://bugzilla.suse.com/show_bug.cgi?id=1263933 * https://bugzilla.suse.com/show_bug.cgi?id=1263995 * https://bugzilla.suse.com/show_bug.cgi?id=1264014 * https://bugzilla.suse.com/show_bug.cgi?id=1264059 * https://bugzilla.suse.com/show_bug.cgi?id=1264082 * https://bugzilla.suse.com/show_bug.cgi?id=1264087 * https://bugzilla.suse.com/show_bug.cgi?id=1264097 * https://bugzilla.suse.com/show_bug.cgi?id=1264183 * https://bugzilla.suse.com/show_bug.cgi?id=1264427 * https://bugzilla.suse.com/show_bug.cgi?id=1264469 * https://bugzilla.suse.com/show_bug.cgi?id=1264482 * https://bugzilla.suse.com/show_bug.cgi?id=1264634 * https://bugzilla.suse.com/show_bug.cgi?id=1264651 * https://bugzilla.suse.com/show_bug.cgi?id=1264661 * https://bugzilla.suse.com/show_bug.cgi?id=1264674 * https://bugzilla.suse.com/show_bug.cgi?id=1264801 * https://bugzilla.suse.com/show_bug.cgi?id=1264848 * https://bugzilla.suse.com/show_bug.cgi?id=1265085 * https://bugzilla.suse.com/show_bug.cgi?id=1265090 * https://bugzilla.suse.com/show_bug.cgi?id=1265116 * https://bugzilla.suse.com/show_bug.cgi?id=1265119 * https://bugzilla.suse.com/show_bug.cgi?id=1265126 * https://bugzilla.suse.com/show_bug.cgi?id=1265144 * https://bugzilla.suse.com/show_bug.cgi?id=1265308 * https://bugzilla.suse.com/show_bug.cgi?id=1265421 * https://bugzilla.suse.com/show_bug.cgi?id=1265449 * https://bugzilla.suse.com/show_bug.cgi?id=1265456 * https://bugzilla.suse.com/show_bug.cgi?id=1265626 * https://bugzilla.suse.com/show_bug.cgi?id=1265846 * https://bugzilla.suse.com/show_bug.cgi?id=1265960 * https://jira.suse.com/browse/PED-7249 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 17:12:21 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 17:12:21 -0000 Subject: SUSE-SU-2026:21867-1: important: Security update for gnutls Message-ID: <178042034132.42.16015320582667646127@b0da085613fb> # Security update for gnutls Announcement ID: SUSE-SU-2026:21867-1 Release Date: 2026-05-22T09:55:27Z Rating: important References: * bsc#1262395 * bsc#1263704 * bsc#1263705 * bsc#1263707 * bsc#1263708 * bsc#1263709 * bsc#1263710 * bsc#1263711 * bsc#1263712 * bsc#1263713 * bsc#1263714 * bsc#1263715 * bsc#1263716 * bsc#1264706 * bsc#1264707 * bsc#1264708 * bsc#1265349 * bsc#1265360 Cross-References: * CVE-2026-33845 * CVE-2026-33846 * CVE-2026-3833 * CVE-2026-42009 * CVE-2026-42010 * CVE-2026-42011 * CVE-2026-42012 * CVE-2026-42013 * CVE-2026-42014 * CVE-2026-42015 * CVE-2026-42307 * CVE-2026-43961 * CVE-2026-44656 * CVE-2026-45130 * CVE-2026-46483 * CVE-2026-5260 * CVE-2026-5419 CVSS scores: * CVE-2026-33845 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-33845 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-33845 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33845 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-33846 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-33846 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33846 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3833 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-3833 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-3833 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-3833 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-42009 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-42009 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42009 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42010 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-42010 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N * CVE-2026-42010 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N * CVE-2026-42010 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-42011 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-42011 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-42011 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-42012 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N * CVE-2026-42013 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-42013 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N * CVE-2026-42013 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N * CVE-2026-42014 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-42014 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-42015 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-42015 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H * CVE-2026-42015 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-42307 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-43961 ( SUSE ): 5.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43961 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2026-44656 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-44656 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-44656 ( NVD ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-44656 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-45130 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2026-45130 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2026-45130 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-46483 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46483 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-46483 ( NVD ): 3.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-46483 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-5260 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-5260 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-5260 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-5419 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-5419 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-5419 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 * SUSE Linux Micro 6.1 * SUSE Linux Micro Extras 6.0 An update that solves 17 vulnerabilities and has one fix can now be installed. ## Security update for gnutls ### Description: This update for gnutls fixes the following issues * CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive (bsc#1263707). * CVE-2026-5260: lib/pkcs11_privkey: guard against overreading on short ciphertexts (bsc#1263715). * CVE-2026-5419: gnutls_cipher_decrypt3: make PKCS#7 unpadding branch free (bsc#1263716). * CVE-2026-33845: buffers: switch from end_offset over to frag_length (bsc#1263704). * CVE-2026-33846: buffers: add more checks to DTLS reassembly (bsc#1263705). * CVE-2026-42009: lib/buffers: ensure packets have differing sequence numbers (bsc#1263708). * CVE-2026-42010: lib/auth/rsa_psk: fix binary PSK identity lookup (bsc#1263709). * CVE-2026-42011: x509/name_constraints: fix intersecting empty constraints (bsc#1263710). * CVE-2026-42012: x509/hostname-verify: make URI/SRV SAN preclude CN fallback (bsc#1263711). * CVE-2026-42013: x509: prevent fallback on oversized SAN (bsc#1263712). * CVE-2026-42014: pkcs11_write: fix UAF and leak in gnutls_pkcs11_token_set_pin (bsc#1263713). * CVE-2026-42015: x509/pkcs12_bag: fix off-by-one in bag element bounds chec (bsc#1263714). ## Security update for vim ### Description: This update for vim fixes the following issues * CVE-2026-42307: Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim (bsc#1264706). * CVE-2026-43961: Vimscript Code Injection in netrw NetrwMarkFile() via crafted filename (bsc#1265349). * CVE-2026-44656: Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's: find command-line completion (bsc#1264707). * CVE-2026-45130: Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 encoding active (bsc#1264708). * CVE-2026-46483: command injection via `tar#Vimuntar()` in `runtime/autoload/tar.vim` when decompressing `.tgz` archives on Unix-like systems (bsc#1265360). Changes for vim: * Update to v9.2.0530. * Fix for incorrectly detecting scientific parameter files as bitbake recipies. (bsc#1262395) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro Extras 6.0 zypper in -t patch SUSE-SLE-Micro-Extras-6.0-736=1 * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-544=1 ## Package List: * SUSE Linux Micro Extras 6.0 (aarch64 s390x x86_64) * vim-debugsource-9.2.0530-1.1 * vim-debuginfo-9.2.0530-1.1 * vim-9.2.0530-1.1 * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * gnutls-debuginfo-3.8.3-slfo.1.1_7.1 * gnutls-debugsource-3.8.3-slfo.1.1_7.1 * libgnutls30-3.8.3-slfo.1.1_7.1 * gnutls-3.8.3-slfo.1.1_7.1 * libgnutls30-debuginfo-3.8.3-slfo.1.1_7.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33845.html * https://www.suse.com/security/cve/CVE-2026-33846.html * https://www.suse.com/security/cve/CVE-2026-3833.html * https://www.suse.com/security/cve/CVE-2026-42009.html * https://www.suse.com/security/cve/CVE-2026-42010.html * https://www.suse.com/security/cve/CVE-2026-42011.html * https://www.suse.com/security/cve/CVE-2026-42012.html * https://www.suse.com/security/cve/CVE-2026-42013.html * https://www.suse.com/security/cve/CVE-2026-42014.html * https://www.suse.com/security/cve/CVE-2026-42015.html * https://www.suse.com/security/cve/CVE-2026-42307.html * https://www.suse.com/security/cve/CVE-2026-43961.html * https://www.suse.com/security/cve/CVE-2026-44656.html * https://www.suse.com/security/cve/CVE-2026-45130.html * https://www.suse.com/security/cve/CVE-2026-46483.html * https://www.suse.com/security/cve/CVE-2026-5260.html * https://www.suse.com/security/cve/CVE-2026-5419.html * https://bugzilla.suse.com/show_bug.cgi?id=1262395 * https://bugzilla.suse.com/show_bug.cgi?id=1263704 * https://bugzilla.suse.com/show_bug.cgi?id=1263705 * https://bugzilla.suse.com/show_bug.cgi?id=1263707 * https://bugzilla.suse.com/show_bug.cgi?id=1263708 * https://bugzilla.suse.com/show_bug.cgi?id=1263709 * https://bugzilla.suse.com/show_bug.cgi?id=1263710 * https://bugzilla.suse.com/show_bug.cgi?id=1263711 * https://bugzilla.suse.com/show_bug.cgi?id=1263712 * https://bugzilla.suse.com/show_bug.cgi?id=1263713 * https://bugzilla.suse.com/show_bug.cgi?id=1263714 * https://bugzilla.suse.com/show_bug.cgi?id=1263715 * https://bugzilla.suse.com/show_bug.cgi?id=1263716 * https://bugzilla.suse.com/show_bug.cgi?id=1264706 * https://bugzilla.suse.com/show_bug.cgi?id=1264707 * https://bugzilla.suse.com/show_bug.cgi?id=1264708 * https://bugzilla.suse.com/show_bug.cgi?id=1265349 * https://bugzilla.suse.com/show_bug.cgi?id=1265360 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 17:17:11 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 17:17:11 -0000 Subject: SUSE-SU-2026:21866-1: important: Security update for the Linux Kernel Message-ID: <178042063126.42.14326750579132228296@b0da085613fb> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:21866-1 Release Date: 2026-05-29T17:53:27Z Rating: important References: * bsc#1215199 * bsc#1234634 * bsc#1243603 * bsc#1248754 * bsc#1253122 * bsc#1253754 * bsc#1254518 * bsc#1256863 * bsc#1257631 * bsc#1258518 * bsc#1258718 * bsc#1258826 * bsc#1258849 * bsc#1258850 * bsc#1258854 * bsc#1258855 * bsc#1258856 * bsc#1258857 * bsc#1258961 * bsc#1259186 * bsc#1259199 * bsc#1259222 * bsc#1259484 * bsc#1259485 * bsc#1259535 * bsc#1259799 * bsc#1259806 * bsc#1259857 * bsc#1259868 * bsc#1259869 * bsc#1259873 * bsc#1259878 * bsc#1260010 * bsc#1260012 * bsc#1260018 * bsc#1260468 * bsc#1260483 * bsc#1260484 * bsc#1260485 * bsc#1260489 * bsc#1260501 * bsc#1260504 * bsc#1260505 * bsc#1260507 * bsc#1260522 * bsc#1260523 * bsc#1260526 * bsc#1260528 * bsc#1260529 * bsc#1260530 * bsc#1260531 * bsc#1260532 * bsc#1260533 * bsc#1260536 * bsc#1260537 * bsc#1260538 * bsc#1260541 * bsc#1260546 * bsc#1260549 * bsc#1260551 * bsc#1260552 * bsc#1260553 * bsc#1260555 * bsc#1260561 * bsc#1260566 * bsc#1260572 * bsc#1260581 * bsc#1260728 * bsc#1260729 * bsc#1260731 * bsc#1260800 * bsc#1260811 * bsc#1261020 * bsc#1261287 * bsc#1261295 * bsc#1261348 * bsc#1261503 * bsc#1261504 * bsc#1261581 * bsc#1261582 * bsc#1261584 * bsc#1261601 * bsc#1261602 * bsc#1261618 * bsc#1261628 * bsc#1261632 * bsc#1261636 * bsc#1261638 * bsc#1261641 * bsc#1261644 * bsc#1261645 * bsc#1261648 * bsc#1261679 * bsc#1261685 * bsc#1261686 * bsc#1261687 * bsc#1261692 * bsc#1261694 * bsc#1261700 * bsc#1261703 * bsc#1261707 * bsc#1261710 * bsc#1261713 * bsc#1261719 * bsc#1261750 * bsc#1261751 * bsc#1261752 * bsc#1261768 * bsc#1261778 * bsc#1261779 * bsc#1261781 * bsc#1261789 * bsc#1261796 * bsc#1261797 * bsc#1261896 * bsc#1262020 * bsc#1262053 * bsc#1262054 * bsc#1262055 * bsc#1262061 * bsc#1262063 * bsc#1262074 * bsc#1262078 * bsc#1262086 * bsc#1262087 * bsc#1262099 * bsc#1262100 * bsc#1262101 * bsc#1262179 * bsc#1262181 * bsc#1262602 * bsc#1262616 * bsc#1262665 * bsc#1262671 * bsc#1262673 * bsc#1262725 * bsc#1262731 * bsc#1262734 * bsc#1262746 * bsc#1262752 * bsc#1262758 * bsc#1263001 * bsc#1263012 * bsc#1263064 * bsc#1263065 * bsc#1263085 * bsc#1263093 * bsc#1263095 * bsc#1263104 * bsc#1263131 * bsc#1263140 * bsc#1263141 * bsc#1263149 * bsc#1263165 * bsc#1263170 * bsc#1263176 * bsc#1263556 * bsc#1263582 * bsc#1263592 * bsc#1263593 * bsc#1263595 * bsc#1263596 * bsc#1263600 * bsc#1263668 * bsc#1263723 * bsc#1263797 * bsc#1263815 * bsc#1263882 * bsc#1263901 * bsc#1263931 * bsc#1263933 * bsc#1263995 * bsc#1264014 * bsc#1264059 * bsc#1264082 * bsc#1264087 * bsc#1264097 * bsc#1264183 * bsc#1264427 * bsc#1264469 * bsc#1264482 * bsc#1264634 * bsc#1264651 * bsc#1264661 * bsc#1264674 * bsc#1264801 * bsc#1264848 * bsc#1265085 * bsc#1265090 * bsc#1265116 * bsc#1265119 * bsc#1265126 * bsc#1265144 * bsc#1265308 * bsc#1265421 * bsc#1265449 * bsc#1265456 * bsc#1265626 * bsc#1265846 * bsc#1265960 * jsc#PED-7249 Cross-References: * CVE-2023-2058 * CVE-2025-40219 * CVE-2025-71183 * CVE-2025-71238 * CVE-2026-23168 * CVE-2026-23209 * CVE-2026-23236 * CVE-2026-23237 * CVE-2026-23239 * CVE-2026-23240 * CVE-2026-23245 * CVE-2026-23246 * CVE-2026-23253 * CVE-2026-23260 * CVE-2026-23264 * CVE-2026-23266 * CVE-2026-23268 * CVE-2026-23269 * CVE-2026-23271 * CVE-2026-23273 * CVE-2026-23276 * CVE-2026-23279 * CVE-2026-23290 * CVE-2026-23291 * CVE-2026-23298 * CVE-2026-23300 * CVE-2026-23306 * CVE-2026-23307 * CVE-2026-23308 * CVE-2026-23312 * CVE-2026-23313 * CVE-2026-23315 * CVE-2026-23318 * CVE-2026-23321 * CVE-2026-23324 * CVE-2026-23325 * CVE-2026-23336 * CVE-2026-23339 * CVE-2026-23340 * CVE-2026-23346 * CVE-2026-23351 * CVE-2026-23357 * CVE-2026-23362 * CVE-2026-23363 * CVE-2026-23365 * CVE-2026-23367 * CVE-2026-23368 * CVE-2026-23370 * CVE-2026-23372 * CVE-2026-23373 * CVE-2026-23374 * CVE-2026-23378 * CVE-2026-23382 * CVE-2026-23391 * CVE-2026-23392 * CVE-2026-23393 * CVE-2026-23396 * CVE-2026-23397 * CVE-2026-23399 * CVE-2026-23403 * CVE-2026-23404 * CVE-2026-23405 * CVE-2026-23406 * CVE-2026-23407 * CVE-2026-23408 * CVE-2026-23409 * CVE-2026-23410 * CVE-2026-23411 * CVE-2026-23420 * CVE-2026-23426 * CVE-2026-23434 * CVE-2026-23440 * CVE-2026-23441 * CVE-2026-23442 * CVE-2026-23443 * CVE-2026-23446 * CVE-2026-23447 * CVE-2026-23448 * CVE-2026-23449 * CVE-2026-23450 * CVE-2026-23452 * CVE-2026-23455 * CVE-2026-23456 * CVE-2026-23457 * CVE-2026-23458 * CVE-2026-23460 * CVE-2026-23461 * CVE-2026-23462 * CVE-2026-23463 * CVE-2026-23465 * CVE-2026-23468 * CVE-2026-23472 * CVE-2026-23473 * CVE-2026-23474 * CVE-2026-23475 * CVE-2026-31389 * CVE-2026-31393 * CVE-2026-31400 * CVE-2026-31402 * CVE-2026-31403 * CVE-2026-31404 * CVE-2026-31405 * CVE-2026-31407 * CVE-2026-31408 * CVE-2026-31411 * CVE-2026-31412 * CVE-2026-31415 * CVE-2026-31416 * CVE-2026-31417 * CVE-2026-31420 * CVE-2026-31421 * CVE-2026-31422 * CVE-2026-31423 * CVE-2026-31424 * CVE-2026-31425 * CVE-2026-31426 * CVE-2026-31427 * CVE-2026-31428 * CVE-2026-31436 * CVE-2026-31449 * CVE-2026-31470 * CVE-2026-31488 * CVE-2026-31494 * CVE-2026-31496 * CVE-2026-31504 * CVE-2026-31505 * CVE-2026-31507 * CVE-2026-31512 * CVE-2026-31515 * CVE-2026-31519 * CVE-2026-31525 * CVE-2026-31528 * CVE-2026-31533 * CVE-2026-31550 * CVE-2026-31565 * CVE-2026-31570 * CVE-2026-31586 * CVE-2026-31588 * CVE-2026-31602 * CVE-2026-31607 * CVE-2026-31622 * CVE-2026-31649 * CVE-2026-31656 * CVE-2026-31662 * CVE-2026-31668 * CVE-2026-31669 * CVE-2026-31675 * CVE-2026-31679 * CVE-2026-31681 * CVE-2026-31682 * CVE-2026-31684 * CVE-2026-31685 * CVE-2026-31694 * CVE-2026-31700 * CVE-2026-31738 * CVE-2026-31787 * CVE-2026-43009 * CVE-2026-43025 * CVE-2026-43027 * CVE-2026-43037 * CVE-2026-43038 * CVE-2026-43044 * CVE-2026-43050 * CVE-2026-43060 * CVE-2026-43088 * CVE-2026-43110 * CVE-2026-43120 * CVE-2026-43126 * CVE-2026-43190 * CVE-2026-43214 * CVE-2026-43265 * CVE-2026-43329 * CVE-2026-43330 * CVE-2026-43334 * CVE-2026-43365 * CVE-2026-43366 * CVE-2026-43419 * CVE-2026-43437 * CVE-2026-43441 * CVE-2026-43494 * CVE-2026-43503 CVSS scores: * CVE-2023-2058 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2023-2058 ( NVD ): 2.4 CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N * CVE-2025-40219 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40219 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-71183 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71183 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71238 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-71238 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-71238 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23168 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23168 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23168 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23209 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23209 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23236 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23236 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23236 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23236 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2026-23237 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23237 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23239 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23239 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23240 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23245 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23245 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23245 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23246 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23253 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23253 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23260 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23260 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23260 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23264 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23264 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23266 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23266 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23266 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23268 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23268 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23269 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23269 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23269 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23271 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23271 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23273 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23276 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23276 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23279 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23279 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23279 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23290 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23290 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23290 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23291 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23291 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23298 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23298 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23298 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23300 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23300 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23300 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23306 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23306 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H * CVE-2026-23306 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23307 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23308 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23308 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23312 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23312 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23312 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23313 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23315 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23315 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23318 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23318 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23321 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23321 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23321 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23324 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23324 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23324 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23325 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23325 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23336 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23336 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23339 ( SUSE ): 2.3 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23339 ( SUSE ): 3.1 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23339 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23340 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23340 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23340 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23346 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23346 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23346 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23357 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23357 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23357 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23362 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23363 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23365 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23365 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23365 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23367 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-23367 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-23367 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23368 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23368 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23368 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23370 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23370 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23372 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23372 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23373 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23373 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23374 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23374 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23374 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23378 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23378 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23378 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23378 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23382 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23382 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23382 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23391 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23391 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23392 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23393 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23396 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23396 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23396 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23397 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23397 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23397 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23399 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23399 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23399 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23403 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23403 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23404 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23406 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23406 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23407 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23407 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23407 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23408 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23409 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23409 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23410 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23410 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23411 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23420 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23426 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23426 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23426 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23434 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23434 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23434 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23434 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23440 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23440 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23440 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23440 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23441 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23441 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23442 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23442 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23442 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23443 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23443 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23443 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23446 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23446 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23446 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23447 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23447 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23448 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23448 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23448 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23450 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23452 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23452 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23452 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23455 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23455 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23455 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23456 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23456 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-23456 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23457 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23457 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23457 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23458 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23458 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23458 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23460 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23460 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23460 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23461 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23461 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23461 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23462 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23463 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23463 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2026-23463 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23465 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2026-23465 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2026-23465 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23468 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23472 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23472 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23472 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23473 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23473 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23474 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23474 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23474 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23475 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23475 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23475 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31389 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31389 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31389 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31393 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31393 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31393 ( NVD ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31400 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31400 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31400 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31402 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31402 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-31402 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31403 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31404 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31404 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31404 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31405 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31405 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31407 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31407 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31407 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31408 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31408 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31408 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31411 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31411 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31411 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31412 ( SUSE ): 7.0 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31412 ( SUSE ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31412 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31415 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31415 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31415 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31416 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31416 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-31416 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31417 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31417 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31417 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31420 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31421 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31421 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31421 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31422 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31422 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31422 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31423 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31423 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31423 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31424 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31424 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31424 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31425 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31425 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31426 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31426 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-31426 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31427 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-31427 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2026-31427 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31428 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31428 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31428 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31436 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31436 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31436 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31449 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-31470 ( SUSE ): 6.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31470 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31470 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31488 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31488 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31488 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31494 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-31494 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2026-31494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31496 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31496 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31496 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31504 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31504 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31504 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31505 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31507 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31512 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31512 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-31512 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31515 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31515 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31515 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31519 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31519 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31525 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31525 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31525 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31528 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31528 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31528 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31533 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31550 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31550 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31550 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31565 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31565 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31565 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31570 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:N/SA:N * CVE-2026-31570 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31586 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31588 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-31602 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31602 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31602 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31607 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31607 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2026-31607 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31622 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31622 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31622 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31649 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31656 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31662 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31662 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31662 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31668 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-31668 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2026-31668 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31669 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31675 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31675 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2026-31675 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31679 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31679 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31679 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31681 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31681 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31681 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31682 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31682 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31682 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31684 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31684 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-31684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31685 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31685 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31685 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31694 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31694 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31694 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31700 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31738 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43009 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-43027 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43027 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43038 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43038 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43044 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43044 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43044 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43050 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43060 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43060 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43088 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-43088 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-43110 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43110 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43110 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43120 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43126 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43190 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43190 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43190 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43214 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43214 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43214 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43265 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43265 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43265 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43329 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43329 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43329 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43330 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43330 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43330 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43334 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-43334 ( SUSE ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-43334 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43365 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43365 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43365 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43366 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43366 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43366 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43419 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-43419 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-43437 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43437 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43441 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43441 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43494 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43494 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43503 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43503 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43503 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 * SUSE Linux Micro Extras 6.0 An update that solves 181 vulnerabilities, contains one feature and has 19 fixes can now be installed. ## Description: The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2023-2058: x86/CPU: Fix FPDSS on Zen1 (bsc#1243603). * CVE-2025-71183: btrfs: always detect conflicting inodes when logging inode refs (bsc#1257631). * CVE-2026-23168: flex_proportions: make fprop_new_period() hardirq safe (bsc#1258826). * CVE-2026-23239: espintcp: Fix race condition in espintcp_close() (bsc#1259485). * CVE-2026-23240: tls: Fix race condition in tls_sw_cancel_work_tx() (bsc#1259484). * CVE-2026-23245: net/sched: act_gate: snapshot parameters with RCU on replace (bsc#1259799). * CVE-2026-23271: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race (bsc#1260018). * CVE-2026-23276: net: move dev_xmit_recursion() helpers to net/core/dev.h (bsc#1260012). * CVE-2026-23300: net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop (bsc#1260538). * CVE-2026-23306: scsi: pm8001: Fix use-after-free in pm8001_queue_command() (bsc#1260501). * CVE-2026-23313: i40e: Fix preempt count leak in napi poll tracepoint (bsc#1260555). * CVE-2026-23321: mptcp: pm: in-kernel: always mark signal+subflow endp as used (bsc#1260505). * CVE-2026-23340: net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs (bsc#1260523). * CVE-2026-23346: mm/ioremap: define generic_ioremap_prot() and generic_iounmap() (bsc#1260529). * CVE-2026-23351: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase (bsc#1260526). * CVE-2026-23368: net: phy: register phy led_triggers during probe to avoid AB-BA deadlock (bsc#1260530). * CVE-2026-23374: blktrace: fix __this_cpu_read/write in preemptible context (bsc#1260811). * CVE-2026-23378: net/sched: act_ife: Fix metalist update behavior (bsc#1260546). * CVE-2026-23391: netfilter: xt_CT: drop pending enqueued packets on template removal (bsc#1260566). * CVE-2026-23392: netfilter: nf_tables: release flowtable after rcu grace period on error (bsc#1260531). * CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260522). * CVE-2026-23397: nfnetlink_osf: validate individual option lengths in fingerprints (bsc#1260728). * CVE-2026-23399: nf_tables: nft_dynset: fix possible stateful expression memleak in error path (bsc#1261020). * CVE-2026-23440: net/mlx5e: Fix race condition during IPSec ESN update (bsc#1261641). * CVE-2026-23441: net/mlx5e: Prevent concurrent access to IPSec ASO context (bsc#1261768). * CVE-2026-23442: ipv6: add NULL checks for idev in SRv6 paths (bsc#1261581). * CVE-2026-23449: net/sched: teql: Fix double-free in teql_master_xmit (bsc#1261779). * CVE-2026-23450: net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock() (bsc#1261584). * CVE-2026-23455: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() (bsc#1261687). * CVE-2026-23456: netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case (bsc#1261703). * CVE-2026-23457: netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp() (bsc#1261686). * CVE-2026-23458: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() (bsc#1261781). * CVE-2026-23461: Bluetooth: L2CAP: Fix use-after-free in l2cap_unregister_user (bsc#1261707). * CVE-2026-23462: Bluetooth: HIDP: Fix possible UAF (bsc#1261710). * CVE-2026-23468: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion (bsc#1261692). * CVE-2026-23472: serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN (bsc#1261636). * CVE-2026-23473: io_uring/poll: fix multishot recv missing EOF on wakeup race (bsc#1261694). * CVE-2026-31400: sunrpc: fix cache_request leak in cache_release (bsc#1261645). * CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (bsc#1261638). * CVE-2026-31403: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd (bsc#1261796). * CVE-2026-31404: xfs: avoid dereferencing log items after push callbacks (bsc#1261628). * CVE-2026-31407: netfilter: conntrack: add missing netlink policy validations (bsc#1261632). * CVE-2026-31411: net: atm: fix crash due to unvalidated vcc pointer in sigd_send() (bsc#1261752). * CVE-2026-31415: ipv6: avoid overflows in ip6_datagram_send_ctl() (bsc#1262099). * CVE-2026-31416: netfilter: nfnetlink_log: account for netlink header size (bsc#1262100). * CVE-2026-31420: bridge: mrp: reject zero test interval to avoid OOM panic (bsc#1262055). * CVE-2026-31421: net/sched: cls_fw: fix NULL pointer dereference on shared blocks (bsc#1262061). * CVE-2026-31422: net/sched: cls_flow: fix NULL pointer dereference on shared blocks (bsc#1262054). * CVE-2026-31423: net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() (bsc#1262063). * CVE-2026-31424: netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP (bsc#1262053). * CVE-2026-31425: rds: ib: reject FRMR registration before IB connection is established (bsc#1262074). * CVE-2026-31427: netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp (bsc#1262086). * CVE-2026-31428: netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD (bsc#1262087). * CVE-2026-31436: dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() (bsc#1262602). * CVE-2026-31449: ext4: validate p_idx bounds in ext4_ext_correct_indexes (bsc#1262616). * CVE-2026-31470: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (bsc#1262665). * CVE-2026-31488: drm/amd/display: Do not skip unrelated mode changes in DSC validation (bsc#1262746). * CVE-2026-31494: net: cadence: macb: Synchronize stats calculations (bsc#1262671). * CVE-2026-31496: netfilter: nf_conntrack_expect: skip expectations in other netns via proc (bsc#1262673). * CVE-2026-31504: net: fix fanout UAF in packet_release() via NETDEV_UP race (bsc#1263085). * CVE-2026-31505: iavf: fix out-of-bounds writes in iavf_get_ethtool_stats() (bsc#1263093). * CVE-2026-31507: net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer (bsc#1263095). * CVE-2026-31512: Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv() (bsc#1262734). * CVE-2026-31515: af_key: validate families in pfkey_send_migrate() (bsc#1262752). * CVE-2026-31519: btrfs: set BTRFS_ROOT_ORPHAN_CLEANUP during subvol create (bsc#1263012). * CVE-2026-31525: bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN (bsc#1262725). * CVE-2026-31528: perf: Make sure to use pmu_ctx->pmu for groups (bsc#1263001). * CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (bsc#1262758). * CVE-2026-31550: pmdomain: bcm: bcm2835-power: Increase ASB control timeout (bsc#1263104). * CVE-2026-31565: RDMA/irdma: Fix deadlock during netdev reset with active connections (bsc#1263064). * CVE-2026-31570: can: gw: fix OOB heap access in cgw_csum_crc8_rel() (bsc#1263065). * CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (bsc#1263176). * CVE-2026-31588: KVM: x86: Use scratch field in MMIO fragment to hold small write values (bsc#1263165). * CVE-2026-31602: ALSA: ctxfi: Limit PTP to a single page (bsc#1263723). * CVE-2026-31607: usbip: validate number_of_packets in usbip_pack_ret_submit() (bsc#1263600). * CVE-2026-31622: NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (bsc#1263797). * CVE-2026-31649: net: stmmac: fix integer underflow in chain mode (bsc#1263582). * CVE-2026-31656: drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (bsc#1263170). * CVE-2026-31662: tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG (bsc#1263131). * CVE-2026-31668: seg6: separate dst_cache for input and output paths in seg6 lwtunnel (bsc#1263140). * CVE-2026-31669: mptcp: fix slab-use-after-free in __inet_lookup_established (bsc#1263141). * CVE-2026-31675: net/sched: sch_netem: fix out-of-bounds access in packet corruption (bsc#1263556). * CVE-2026-31679: openvswitch: validate MPLS set/set_masked payload length (bsc#1263592). * CVE-2026-31681: netfilter: xt_multiport: validate range encoding in checkentry (bsc#1263593). * CVE-2026-31682: bridge: br_nd_send: linearize skb before parsing ND options (bsc#1263595). * CVE-2026-31684: net: sched: act_csum: validate nested VLAN headers (bsc#1263596). * CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263668). * CVE-2026-31694: fuse: reject oversized dirents in page cache (bsc#1263901). * CVE-2026-31700: net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (bsc#1263882). * CVE-2026-31738: vxlan: validate ND option lengths in vxlan_na_create (bsc#1264059). * CVE-2026-31787: xen/privcmd: fix double free via VMA splitting (bsc#1262181). * CVE-2026-43009: bpf: Fix incorrect pruning due to atomic fetch precision tracking (bsc#1264014). * CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new expectations (bsc#1263931). * CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect cleanup (bsc#1263933). * CVE-2026-43037: ip6_tunnel: clear skb2->cb in ip4ip6_err() (bsc#1263995). * CVE-2026-43038: ipv6: icmp: clear skb2->cb in ip6_err_gen_icmpv6_unreach() (bsc#1264097). * CVE-2026-43044: crypto: caam - fix DMA corruption on long hmac keys (bsc#1264087). * CVE-2026-43050: atm: lec: fix use-after-free in sock_def_readable() (bsc#1264082). * CVE-2026-43060: netfilter: nft_ct: drop pending enqueued packets on removal (bsc#1264183). * CVE-2026-43088: net: af_key: zero aligned sockaddr tail in PF_KEY exports (bsc#1264469). * CVE-2026-43110: wifi: brcmfmac: validate bsscfg indices in IF events (bsc#1264482). * CVE-2026-43120: RDMA/irdma: Fix double free related to rereg_user_mr. * CVE-2026-43126: ALSA: mixer: oss: Add card disconnect checkpoints (bsc#1264634). * CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264848). * CVE-2026-43214: KVM: x86: Add SRCU protection for reading PDPTRs in __get_sregs2() (bsc#1264651). * CVE-2026-43265: KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block() (bsc#1264427). * CVE-2026-43329: netfilter: flowtable: strictly check for maximum number of actions (bsc#1265085). * CVE-2026-43330: crypto: caam - fix overflow on long hmac keys (bsc#1264801). * CVE-2026-43334: Bluetooth: SMP: force responder MITM requirements before building the pairing response (bsc#1265090). * CVE-2026-43365: xfs: fix undersized l_iclog_roundoff values (bsc#1265119). * CVE-2026-43366: io_uring/kbuf: check if target buffer list is still legacy on recycle (bsc#1265116). * CVE-2026-43419: ceph: fix memory leaks in ceph_mdsc_build_path() (bsc#1264661). * CVE-2026-43437: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (bsc#1265126). * CVE-2026-43441: net: bonding: Fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1264674). * CVE-2026-43494: net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * CVE-2026-43503: net: skbuff: propagate shared-frag marker through frag- transfer helpers (bsc#1265960). The following non security issues were fixed: * accel/qaic: Add overflow check to remap_pfn_range during mmap (git-fixes). * ACPI: AGDI: fix missing newline in error message (git-fixes). * ACPI: CPPC: Fix related_cpus inconsistency during CPU hotplug (git-fixes). * ACPI: scan: Use acpi_dev_put() in object add error paths (git-fixes). * ACPI: video: force native backlight on HP OMEN 16 (8A44) (stable-fixes). * ALSA: 6fire: Fix input volume change detection (git-fixes). * ALSA: 6fire: fix use-after-free on disconnect (git-fixes). * ALSA: aoa: i2sbus: clear stale prepared state (git-fixes). * ALSA: aoa: i2sbus: fix OF node lifetime handling (git-fixes). * ALSA: aoa: Skip devices with no codecs in i2sbus_resume() (git-fixes). * ALSA: aoa: Use guard() for mutex locks (stable-fixes). * ALSA: asihpi: avoid write overflow check warning (stable-fixes). * ALSA: caiaq: Don't abort when no input device is available (git-fixes). * ALSA: caiaq: Fix control_put() result and cache rollback (git-fixes). * ALSA: caiaq: Fix potentially leftover ep1_in_urb at error path (git-fixes). * ALSA: caiaq: fix usb_dev refcount leak on probe failure (git-fixes). * ALSA: caiaq: Handle probe errors properly (git-fixes). * ALSA: caiaq: take a reference on the USB device in create_card() (git- fixes). * ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names() (git-fixes). * ALSA: core: Fix potential data race at fasync handling (git-fixes). * ALSA: core: Serialize deferred fasync state checks (git-fixes). * ALSA: core: Validate compress device numbers without dynamic minors (git- fixes). * ALSA: ctxfi: Add fallback to default RSR for S/PDIF (git-fixes). * ALSA: ctxfi: Fix missing SPDIFI1 index handling (stable-fixes). * ALSA: ctxfi: Limit PTP to a single page (git-fixes). * ALSA: firewire-tascam: Do not drop unread control events (git-fixes). * ALSA: fireworks: bound device-supplied status before string array lookup (git-fixes). * ALSA: hda/realtek - fixed speaker no sound update (git-fixes). * ALSA: hda/realtek: Add HP ENVY Laptop 13-ba0xxx quirk (stable-fixes). * ALSA: hda/realtek: Add mute LED quirk for HP Pavilion 15-eg0xxx (stable- fixes). * ALSA: hda/realtek: Add quirk for ASUS ROG Flow Z13-KJP GZ302EAC (stable- fixes). * ALSA: hda/realtek: add quirk for Framework F111:000F (stable-fixes). * ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14IAH10 (stable-fixes). * ALSA: hda/realtek: fix code style (ERROR: else should follow close brace '}') (git-fixes). * ALSA: misc: Use guard() for spin locks (stable-fixes). * ALSA: scarlett2: Add missing sentinel initializer field (git-fixes). * ALSA: seq: Notify client and port info changes (stable-fixes). * ALSA: seq_oss: return full count for successful SEQ_FULLSIZE writes (stable- fixes). * ALSA: usb-audio: apply quirk for MOONDROP JU Jiu (stable-fixes). * ALSA: usb-audio: Avoid false E-MU sample-rate notifications (git-fixes). * ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3() (git- fixes). * ALSA: usb-audio: Evaluate packsize caps at the right place (git-fixes). * ALSA: usb-audio: Fix Audio Advantage Micro II SPDIF switch (git-fixes). * ALSA: usb-audio: Fix potential leak of pd at parsing UAC3 streams (git- fixes). * ALSA: usb-audio: Fix quirk flags for NeuralDSP Quad Cortex (stable-fixes). * ALSA: usb-audio: Fix UAC3 cluster descriptor size check (git-fixes). * ALSA: usb-audio: midi2: Restart output URBs on resume (git-fixes). * ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES (git-fixes). * ASoC: amd: yc: Add DMI entry for HP Laptop 15-fc0xxx (stable-fixes). * ASoC: amd: yc: Add DMI quirk for ASUS EXPERTBOOK BM1403CDA (stable-fixes). * ASoC: amd: yc: Add DMI quirk for Thin A15 B7VF (stable-fixes). * ASoC: amd: yc: Add HP OMEN Gaming Laptop 16-ap0xxx product line in quirk table (stable-fixes). * ASoC: codecs: ab8500: Fix casting of private data (git-fixes). * ASoC: cs35l56: Destroy workqueue in probe error path (git-fixes). * ASoC: cs35l56: Don't use devres to unregister component (git-fixes). * ASoC: fsl_easrc: Change the type for iec958 channel status controls (git- fixes). * ASoC: fsl_easrc: Check the variable range in fsl_easrc_iec958_put_bits() (git-fixes). * ASoC: fsl_easrc: fix comment typo (git-fixes). * ASoC: fsl_easrc: Fix value type in fsl_easrc_iec958_get_bits() (git-fixes). * ASoC: fsl_micfil: Add access property for "VAD Detected" (git-fixes). * ASoC: fsl_micfil: Fix event generation in hwvad_put_enable() (git-fixes). * ASoC: fsl_micfil: Fix event generation in hwvad_put_init_mode() (git-fixes). * ASoC: fsl_micfil: Fix event generation in micfil_put_dc_remover_state() (git-fixes). * ASoC: fsl_micfil: Fix event generation in micfil_quality_set() (git-fixes). * ASoC: fsl_xcvr: Fix event generation for cached controls (git-fixes). * ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_arc_mode_put() (git-fixes). * ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_mode_put() (git-fixes). * ASoC: Intel: bytcr_wm5102: Fix MCLK leak on platform_clock_control error (git-fixes). * ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens (git-fixes). * ASoC: qcom: q6apm: move component registration to unmanaged version (git- fixes). * ASoC: qcom: q6apm: remove child devices when apm is removed (git-fixes). * ASoC: qcom: qdsp6: topology: check widget type before accessing data (git- fixes). * ASoC: soc-core: call missing INIT_LIST_HEAD() for card_aux_list (stable- fixes). * ASoC: SOF: compress: return the configured codec from get_params (git- fixes). * ASoC: SOF: Don't allow pointer operations on unconfigured streams (git- fixes). * ASoC: SOF: Intel: hda: Place check before dereference (git-fixes). * ASoC: SOF: topology: reject invalid vendor array size in token parser (stable-fixes). * ASoC: sti: Return errors from regmap_field_alloc() (git-fixes). * ASoC: sti: use managed regmap_field allocations (git-fixes). * ASoC: stm32_sai: fix incorrect BCLK polarity for DSP_A/B, LEFT_J (stable- fixes). * ata: ahci: force 32-bit DMA for JMicron JMB582/JMB585 (stable-fixes). * batman-adv: bla: only purge non-released claims (git-fixes). * batman-adv: bla: prevent use-after-free when deleting claims (git-fixes). * batman-adv: bla: put backbone reference on failed claim hash insert (git- fixes). * batman-adv: fix integer overflow on buff_pos (git-fixes). * batman-adv: hold claim backbone gateways by reference (git-fixes). * batman-adv: reject new tp_meter sessions during teardown (git-fixes). * batman-adv: reject oversized global TT response buffers (git-fixes). * batman-adv: stop caching unowned originator pointers in BAT IV (git-fixes). * Bluetooth: bnep: fix incorrect length parsing in bnep_rx_frame() extension handling (git-fixes). * Bluetooth: fix locking in hci_conn_request_evt() with HCI_PROTO_DEFER (git- fixes). * Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt (git-fixes). * Bluetooth: hci_event: fix potential UAF in SSP passkey handlers (git-fixes). * Bluetooth: hci_ldisc: Clear HCI_UART_PROTO_INIT on error (git-fixes). * Bluetooth: HIDP: serialise l2cap_unregister_user via hidp_session_sem (git- fixes). * Bluetooth: ISO: Fix data-race on dst in iso_sock_connect() (git-fixes). * Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp (git- fixes). * Bluetooth: l2cap: fix MPS check in l2cap_ecred_reconf_req (git-fixes). * Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb() (git- fixes). * Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_state_change_cb() (git- fixes). * Bluetooth: L2CAP: Fix printing wrong information if SDU length exceeds MTU (git-fixes). * Bluetooth: RFCOMM: pull credit byte with skb_pull_data() (git-fixes). * Bluetooth: SCO: check for codecs->num_codecs == 1 before assigning to sco_pi(sk)->codec (git-fixes). * Bluetooth: SCO: fix sleeping under spinlock in sco_conn_ready (git-fixes). * Bluetooth: SCO: hold sk properly in sco_conn_ready (git-fixes). * Bluetooth: virtio_bt: clamp rx length before skb_put (git-fixes). * Bluetooth: virtio_bt: validate rx pkt_type header length (git-fixes). * btrfs: do not skip logging new dentries when logging a new name (git-fixes). * btrfs: reject root items with drop_progress and zero drop_level (git-fixes). * btrfs: replace BUG() with error handling in __btrfs_balance() (git-fixes). * can: mcp251x: add error handling for power enable in open and resume (stable-fixes). * can: raw: fix ro->uniq use-after-free in raw_rcv() (git-fixes). * can: ucan: fix devres lifetime (git-fixes). * cdc-acm: new quirk for EPSON HMD (stable-fixes). * check-for-config-changes: Exclude CC_MS_EXTENSIONS. * check-for-config-changes: Exclude HAVE_CFI_ICALL_NORMALIZE_INTEGERS{,_RUSTC}. * checkpatch: add support for Assisted-by tag (stable-fixes). * comedi: dt2815: add hardware detection to prevent crash (stable-fixes). * crypto: algif_aead - Fix minimum RX size check for decryption (git-fixes). * crypto: arm64/aes - Fix 32-bit aes_mac_update() arg treated as 64-bit (git- fixes). * crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup (git- fixes). * crypto: atmel-ecc - Release client on allocation failure (git-fixes). * crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path (git-fixes). * crypto: atmel-tdes - fix DMA sync direction (git-fixes). * crypto: authencesn - reject short ahash digests during instance creation (git-fixes). * crypto: ccp - copy IV using skcipher ivsize (git-fixes). * crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed (git-fixes). * crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed (git-fixes). * crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed (git-fixes). * crypto: ccree - fix a memory leak in cc_mac_digest() (git-fixes). * crypto: hisilicon - Fix dma_unmap_single() direction (git-fixes). * crypto: jitterentropy - replace long-held spinlock with mutex (git-fixes). * crypto: pcrypt - Fix handling of MAY_BACKLOG requests (git-fixes). * crypto: qat - fix type mismatch in RAS sysfs show functions (git-fixes). * crypto: qat - use swab32 macro (git-fixes). * crypto: sa2ul - Fix AEAD fallback algorithm names (git-fixes). * crypto: simd - reject compat registrations without __ prefixes (git-fixes). * crypto: talitos - fix SEC1 32k ahash request limitation (git-fixes). * crypto: testmgr - Hide ENOENT errors (stable-fixes). * crypto: testmgr - Hide ENOENT errors better (git-fixes). * devres: fix missing node debug info in devm_krealloc() (git-fixes). * dm init: ensure device probing has finished in dm-mod.waitfor= (git-fixes). * dmaengine: dw-axi-dmac: Remove unnecessary return statement from void function (git-fixes). * dmaengine: mxs-dma: Fix missing return value from of_dma_controller_register() (git-fixes). * drm/amd/display: Add NULL check for integrated_info in clk_mgr_construct (git-fixes). * drm/amd/display: Allow DCE link encoder without AUX registers (git-fixes). * drm/amd/display: Avoid NULL dereference in dc_dmub_srv error paths (git- fixes). * drm/amd/display: Disable 10-bit truncation and dithering on DCE 6.x (git- fixes). * drm/amd/display: Read EDID from VBIOS embedded panel info (git-fixes). * drm/amd/pm/ci: Clear EnabledForActivity field for memory levels (git-fixes). * drm/amd/pm/ci: Disable MCLK DPM on problematic CI ASICs (git-fixes). * drm/amd/pm/ci: Fill DW8 fields from SMC (git-fixes). * drm/amd/pm/ci: Fix powertune defaults for Hawaii 0x67B0 (git-fixes). * drm/amd/pm/ci: Use highest MCLK on CI when MCLK DPM is disabled (git-fixes). * drm/amd/pm/smu7: Add SCLK cap for quirky Hawaii board (git-fixes). * drm/amd/pm/smu7: Fix SMU7 voltage dependency on display clock (git-fixes). * drm/amdgpu/gfx6: Support harvested SI chips with disabled TCCs (v2) (git- fixes). * drm/amdgpu/gfx9: drop unnecessary 64-bit fence flag check in KIQ (stable- fixes). * drm/amdgpu/gfx10: look at the right prop for gfx queue priority (git-fixes). * drm/amdgpu/gmc: Fix AMDGPU_GART_PLACEMENT_LOW to not overlap with VRAM (git- fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v2.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v2.5 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v3.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.3 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.5 ring (git-fixes). * drm/amdgpu/pm: add missing revision check for CI (git-fixes). * drm/amdgpu/pm: align Hawaii mclk workaround with radeon (git-fixes). * drm/amdgpu/sdma4: replace BUG_ON with WARN_ON in fence emission (git-fixes). * drm/amdgpu/vce: Prevent partial address patches (stable-fixes). * drm/amdgpu/vcn3: Avoid overflow on msg bound check (git-fixes). * drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg (stable-fixes). * drm/amdgpu/vcn4: Avoid overflow on msg bound check (git-fixes). * drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg (stable-fixes). * drm/amdgpu/vcn4: Prevent OOB reads when parsing IB (stable-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v2.0 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v2.5 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v3.0 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0.3 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0.5 enc ring (git-fixes). * drm/amdgpu: Add bounds checking to ib_{get,set}_value (stable-fixes). * drm/amdgpu: fix AMDGPU_INFO_READ_MMR_REG (git-fixes). * drm/amdgpu: fix zero-size GDS range init on RDNA4 (stable-fixes). * drm/amdgpu: zero-initialize GART table on allocation (stable-fixes). * drm/amdkfd: Add upper bound check for num_of_nodes (stable-fixes). * drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure (stable- fixes). * drm/amdkfd: validate SVM ioctl nattr against buffer size (stable-fixes). * drm/arcpgu: fix device node leak (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Add mode_valid hook to drm_bridge_funcs (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Handle HDCP state in bridge atomic check (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Set the mhdp connector earlier in atomic_enable() (git-fixes). * drm/etnaviv: Fix armed job not being pushed to the DRM scheduler (git- fixes). * drm/fb-helper: Fix clipping when damage area spans a single scanline (git- fixes). * drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() (git-fixes). * drm/gma500/oaktrail_hdmi: fix i2c adapter leak on setup (git-fixes). * drm/gma500/oaktrail_lvds: fix hang on init failure (git-fixes). * drm/gma500/oaktrail_lvds: fix i2c adapter leaks on init (git-fixes). * drm/i915/dp: Fix VSC dynamic range signaling for RGB formats (git-fixes). * drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (git- fixes). * drm/i915/wm: Verify the correct plane DDB entry (git-fixes). * drm/i915: skip __i915_request_skip() for already signaled requests (git- fixes). * drm/komeda: fix integer overflow in AFBC framebuffer size check (git-fixes). * drm/msm/a6xx: Fix dumping A650+ debugbus blocks (git-fixes). * drm/msm/a6xx: Fix HLSQ register dumping (git-fixes). * drm/msm/a6xx: Use barriers while updating HFI Q headers (git-fixes). * drm/msm/dpu: fix mismatch between power and frequency (git-fixes). * drm/msm/dsi: add the missing parameter description (git-fixes). * drm/msm/dsi: fix bits_per_pclk (git-fixes). * drm/msm/dsi: fix hdisplay calculation for CMD mode panel (git-fixes). * drm/msm/dsi: rename MSM8998 DSI version from V2_2_0 to V2_0_0 (git-fixes). * drm/msm/shrinker: Fix can_block() logic (git-fixes). * drm/nouveau: fix u32 overflow in pushbuf reloc bounds check (git-fixes). * drm/panel: sharp-ls043t1le01: make use of prepare_prev_first (git-fixes). * drm/panel: simple: Correct G190EAN01 prepare timing (git-fixes). * drm/panfrost: Fix wait_bo ioctl leaking positive return from dma_resv_wait_timeout() (git-fixes). * drm/radeon: add missing revision check for CI (git-fixes). * drm/sun4i: backend: fix error pointer dereference (git-fixes). * drm/sun4i: Fix resource leaks (git-fixes). * drm/vc4: Fix a memory leak in hang state error path (git-fixes). * drm/vc4: Fix memory leak of BO array in hang state (git-fixes). * drm/vc4: platform_get_irq_byname() returns an int (stable-fixes). * drm/vc4: Protect madv read in vc4_gem_object_mmap() with madv_lock (git- fixes). * drm/vc4: Release runtime PM reference after binding V3D (git-fixes). * drm/vram: remove DRM_VRAM_MM_FILE_OPERATIONS from docs (git-fixes). * dt-bindings: net: Fix Tegra234 MGBE PTP clock (git-fixes). * efi/capsule-loader: fix incorrect sizeof in phys array reallocation (git- fixes). * efi: pstore: Drop efivar lock when efi_pstore_open() returns with an error (git-fixes). * ext4: fix fsync(2) for nojournal mode (git-fixes). * ext4: make recently_deleted() properly work with lazy itable initialization (git-fixes). * ext4: reject mount if bigalloc with s_first_data_block != 0 (git-fixes). * extcon: ptn5150: handle pending IRQ events during system resume (git-fixes). * fbdev: matroxfb: Mark variable with __maybe_unused to avoid W=1 build break (git-fixes). * fbdev: offb: fix PCI device reference leak on probe failure (git-fixes). * fbdev: tdfxfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (stable-fixes). * fbdev: udlfb: add vm_ops to dlfb_ops_mmap to prevent use-after-free (stable- fixes). * fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (git-fixes). * firmware: dmi: Correct an indexing error in dmi.h (git-fixes). * gpio: tegra: fix irq_release_resources calling enable instead of disable (git-fixes). * gtp: disable BH before calling udp_tunnel_xmit_skb() (git-fixes). * HID: alps: fix NULL pointer dereference in alps_raw_event() (git-fixes). * HID: asus: do not abort probe when not necessary (git-fixes). * HID: asus: make asus_resume adhere to linux kernel coding standards (git- fixes). * HID: core: clamp report_size in s32ton() to avoid undefined shift (stable- fixes). * HID: multitouch: Check to ensure report responses match the request (stable- fixes). * HID: playstation: Clamp num_touch_reports (git-fixes). * HID: quirks: add HID_QUIRK_ALWAYS_POLL for 8BitDo Pro 3 (stable-fixes). * HID: roccat: fix use-after-free in roccat_report_event (stable-fixes). * HID: usbhid: fix deadlock in hid_post_reset() (git-fixes). * HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq (stable-fixes). * hv_sock: fix ARM64 support (git-fixes). * hwmon: (ads7871) Fix endianness bug in 16-bit register reads (git-fixes). * hwmon: (corsair-psu) Close HID device on probe errors (git-fixes). * hwmon: (lm63) Add locking to avoid TOCTOU (git-fixes). * hwmon: (ltc2992) Clamp threshold writes to hardware range (git-fixes). * hwmon: (ltc2992) Fix u32 overflow in power read path (git-fixes). * i2c: s3c24xx: check the size of the SMBUS message before using it (stable- fixes). * i2c: smbus: reject oversized block transfers in the common path (git-fixes). * i2c: stm32f7: reinit_completion() per transfer not per msg (git-fixes). * i2c: stub: Reject I2C block transfers with invalid length (git-fixes). * i3c: master: Fix error codes at send_ccc_cmd (git-fixes). * i3c: mipi-i3c-hci: fix IBI payload length calculation for final status (git- fixes). * ibmveth: Disable GSO for packets with small MSS (bsc#1265144). * ice: set max queues in alloc_etherdev_mqs() (git-fixes). * iio: adc: ad7768-1: fix one-shot mode data acquisition (git-fixes). * iio: adc: ti-adc161s626: use DMA-safe memory for spi_read() (git-fixes). * iio: adc: ti-ads7950: use iio_push_to_buffers_with_ts_unaligned() (git- fixes). * Input: i8042 - add TUXEDO InfinityBook Max 16 Gen10 AMD to i8042 quirk table (stable-fixes). * Input: uinput - fix circular locking dependency with ff-core (git-fixes). * Input: uinput - take event lock when submitting FF request "event" (stable- fixes). * Input: xpad - add support for BETOP BTP-KP50B/C controller's wireless mode (stable-fixes). * Input: xpad - add support for Razer Wolverine V3 Pro (stable-fixes). * ipmi: Add limits to event and receive message requests (git-fixes). * ipmi: Check event message buffer response for bad data (git-fixes). * ipmi: ssif_bmc: change log level to dbg in irq callback (git-fixes). * ipmi: ssif_bmc: fix message desynchronization after truncated response (git- fixes). * ipmi: ssif_bmc: fix missing check for copy_to_user() partial failure (git- fixes). * irqchip/irq-pic32-evic: Address warning related to wrong printf() formatter (git-fixes). * kdump, documentation: describe craskernel CMA reservation (jsc#PED-7249). * KVM: Reject wrapped offset in kvm_reset_dirty_gfn() (git-fixes). * KVM: SVM: Mark VMCB_NPT as dirty on nested VMRUN (git-fixes). * KVM: SVM: Mark VMCB_PERM_MAP as dirty on nested VMRUN (git-fixes). * KVM: x86/mmu: Retry fault before acquiring mmu_lock if mapping is changing (bsc#1253122). * KVM: x86/xen: Fix cleanup logic in emulation of Xen schedop poll hypercalls (git-fixes). * KVM: x86: check for nEPT/nNPT in slow flush hypercalls (git-fixes). * KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (git- fixes). * KVM: x86: hyper-v: Validate all GVAs during PV TLB flush (git-fixes). * KVM: x86: Ignore cpuid faulting in SMM (git-fixes). * leds: lgm-sso: Remove duplicate assignments for priv->mmap (git-fixes). * lib/hexdump: print_hex_dump_bytes() calls print_hex_dump_debug() (git- fixes). * media: amphion: Fix race between m2m job_abort and device_run (git-fixes). * media: as102: fix to not free memory after the device is registered in as102_usb_probe() (git-fixes). * media: dib8000: avoid division by 0 in dib8000_set_dds() (git-fixes). * media: em28xx: fix use-after-free in em28xx_v4l2_open() (git-fixes). * media: hackrf: fix to not free memory after the device is registered in hackrf_probe() (git-fixes). * media: i2c: imx219: Check return value of devm_gpiod_get_optional() in imx219_probe() (git-fixes). * media: i2c: imx412: Assert reset GPIO during probe (git-fixes). * media: i2c: ov08d10: fix image vertical start setting (git-fixes). * media: i2c: ov8856: free control handler on error in ov8856_init_controls() (git-fixes). * media: mtk-jpeg: fix use-after-free in release path due to uncancelled work (git-fixes). * media: omap3isp: drop the use count of v4l2 pipeline (git-fixes). * media: pci: zoran: fix potential memory leak in zoran_probe() (git-fixes). * media: rc: streamzap: Error handling in probe (git-fixes). * media: rc: xbox_remote: heed DMA restrictions (git-fixes). * media: saa7164: add ioremap return checks and cleanups (git-fixes). * media: staging: imx: configure src_mux in csi_start (git-fixes). * media: staging: imx: request mbus_config in csi_start (git-fixes). * media: uvcvideo: Enable VB2_DMABUF for metadata stream (git-fixes). * media: videobuf2: Set vma_flags in vb2_dma_sg_mmap (git-fixes). * media: vidtv: fix nfeeds state corruption on start_streaming failure (git- fixes). * media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections (git-fixes). * media: vidtv: fix pass-by-value structs causing MSAN warnings (git-fixes). * memory: tegra30-emc: Fix dll_change check (git-fixes). * memory: tegra124-emc: Fix dll_change check (git-fixes). * mfd: mc13xxx-core: Fix memory leak in mc13xxx_add_subdevice_pdata() (git- fixes). * mkspec: Add signature to source list only when it exists. * mmc: sdhci-of-dwcmshc: Disable clock before DLL configuration (git-fixes). * mmc: vub300: fix NULL-deref on disconnect (git-fixes). * modpost: Amend ppc64 save/restfpr symnames for -Os build (bsc#1215199). * mtd: docg3: Convert to platform remove callback returning void (stable- fixes). * mtd: docg3: fix use-after-free in docg3_release() (git-fixes). * mtd: parsers: ofpart: call of_node_get() for dedicated subpartitions (git- fixes). * mtd: parsers: ofpart: call of_node_put() only in ofpart_fail path (git- fixes). * mtd: physmap_of_gemini: Fix disabled pinctrl state check (git-fixes). * mtd: rawnand: sunxi: fix sunxi_nfc_hw_ecc_read_extra_oob (git-fixes). * mtd: spi-nor: core: correct the op.dummy.nbytes when check read operations (git-fixes). * mtd: spi-nor: sst: Factor out common write operation to `sst_nor_write_data()` (stable-fixes). * mtd: spi-nor: sst: Fix SST write failure (git-fixes). * mtd: spi-nor: sst: Fix write enable before AAI sequence (git-fixes). * mtd: spi-nor: swp: check SR_TB flag when getting tb_mask (git-fixes). * net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * net/sched: cls_fw: fix NULL dereference of "old" filters before change() (git-fixes). * net/sched: fix pedit partial COW leading to page cache corruption (bsc#1265421). * net: gro: don't merge zcopy skbs (git-fixes). * net: mana: Add MAC address to vPort logs and clarify error messages (git- fixes). * net: mana: check xdp_rxq registration before unreg in mana_destroy_rxq() (git-fixes). * net: mana: Don't overwrite port probe error with add_adev result (git- fixes). * net: mana: Fix crash from unvalidated SHM offset read from BAR0 during FLR (bsc#1265846). * net: mana: Fix EQ leak in mana_remove on NULL port (git-fixes). * net: mana: Fix RX skb truesize accounting (bsc#1248754). * net: mana: fix use-after-free in mana_hwc_destroy_channel() by reordering teardown (git-fixes). * net: mana: Guard mana_remove against double invocation (git-fixes). * net: mana: hardening: Validate adapter_mtu from MANA_QUERY_DEV_CONFIG (git- fixes). * net: mana: hardening: Validate doorbell ID from GDMA_REGISTER_DEVICE response (git-fixes). * net: mana: Init gf_stats_work before potential error paths in probe (git- fixes). * net: mana: Init link_change_work before potential error paths in probe (git- fixes). * net: mana: remove double CQ cleanup in mana_create_rxq error path (git- fixes). * net: mana: Set default number of queues to 16 (bsc#1261648). * net: mana: Skip WQ object destruction for uninitialized RXQ (git-fixes). * net: mana: Use at least SZ_4K in doorbell ID range check (git-fixes). * net: mana: Use pci_name() for debugfs directory naming (git-fixes). * net: phy: dp83869: fix setting CLK_O_SEL field (git-fixes). * net: stmmac: Fix PTP ref clock for Tegra234 (git-fixes). * net: usb: asix: ax88772: re-add usbnet_link_change() in phylink callbacks (git-fixes). * net: usb: cdc-phonet: fix skb frags[] overflow in rx_complete() (git-fixes). * net: usb: rtl8150: fix use-after-free in rtl8150_start_xmit() (git-fixes). * net: usb: rtl8150: free skb on usb_submit_urb() failure in xmit (git-fixes). * net: wan: fsl_ucc_hdlc: fix ucc_hdlc_remove (git-fixes). * net: wan: fsl_ucc_hdlc: fix uhdlc_memclean (git-fixes). * net: wan: fsl_ucc_hdlc: free tx_skbuff in uhdlc_memclean (git-fixes). * NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (git- fixes). * nfc: llcp: add missing return after LLCP_CLOSED checks (git-fixes). * nfc: pn533: allocate rx skb before consuming bytes (git-fixes). * nfc: s3fwrn5: allocate rx skb before consuming bytes (git-fixes). * NFC: trf7970a: Ignore antenna noise when checking for RF field (git-fixes). * nvmet-tcp: propagate nvmet_tcp_build_pdu_iovec() errors to its callers (git- fixes). * ocfs2: fix possible deadlock between unlink and dio_end_io_write (bsc#1258718). * ocfs2: split transactions in dio completion to avoid credit exhaustion (bsc#1258718). * PCI/AER: Clear only error bits in PCIe Device Status (git-fixes). * PCI/AER: Stop ruling out unbound devices as error source (git-fixes). * PCI: dwc: Apply ECRC workaround to DesignWare 5.00a as well (git-fixes). * PCI: Enable AtomicOps only if Root Port supports them (git-fixes). * PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown (git-fixes). * PCI: hv: Set default NUMA node to 0 for devices without affinity info (git- fixes). * PCI: mediatek-gen3: Prevent leaking IRQ domains when IRQ not found (git- fixes). * PCI: tegra194: Allow system suspend when the Endpoint link is not up (git- fixes). * PCI: tegra194: Disable direct speed change for Endpoint mode (git-fixes). * PCI: tegra194: Disable LTSSM after transition to Detect on surprise link down (git-fixes). * PCI: tegra194: Disable PERST# IRQ only in Endpoint mode (git-fixes). * PCI: tegra194: Fix polling delay for L2 state (git-fixes). * PCI: tegra194: Increase LTSSM poll time on surprise link down (git-fixes). * PCI: tegra194: Set LTR message request before PCIe link up in Endpoint mode (git-fixes). * PCI: tegra194: Use devm_gpiod_get_optional() to parse "nvidia,refclk-select" (git-fixes). * PCI: tegra194: Use DWC IP core version (git-fixes). * pinctrl: abx500: Fix type of 'argument' variable (git-fixes). * pinctrl: Fix spelling problem (git-fixes). * pinctrl: intel: Fix the revision for new features (1kOhm PD, HW debouncer) (stable-fixes). * pinctrl: pic32: change all cases of bare 'unsigned' to 'unsigned int' (git- fixes). * pinctrl: pic32: use consistent spacing around '+' (git-fixes). * pinctrl: pinctrl-pic32: Fix resource leak (git-fixes). * platform/chrome: chromeos_tbmc: Drop wakeup source on remove (git-fixes). * platform/surface: surfacepro3_button: Drop wakeup source on remove (git- fixes). * platform/x86/amd: pmc: Add Thinkpad L14 Gen3 to quirk_s2idle_bug (stable- fixes). * platform/x86: dell-wmi-sysman: bound enumeration string aggregation (git- fixes). * platform/x86: dell_rbu: avoid uninit value usage in packet_size_write() (git-fixes). * platform/x86: hp-wmi: Ignore backlight and FnLock events (stable-fixes). * platform/x86: panasonic-laptop: Fix OPTD notifier registration and cleanup (git-fixes). * power: supply: axp288_charger: Do not cancel work before initializing it (git-fixes). * power: supply: max17042: avoid overflow when determining health (git-fixes). * powerpc/crash: fix backup region offset update to elfcorehdr (bsc#1259535). * RDMA/mana: Fix error unwind in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Fix mana_destroy_wq_obj() cleanup in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Validate rx_hash_key_len (git-fixes). * RDMA/mana_ib: cleanup the usage of mana_gd_send_request() (git-fixes). * RDMA/mana_ib: Disable RX steering on RSS QP destroy (git-fixes). * RDMA/mana_ib: Support memory windows (git-fixes). * regulator: act8945a: fix OF node reference imbalance (git-fixes). * regulator: bd9571mwv: fix OF node reference imbalance (git-fixes). * regulator: max77650: fix OF node reference imbalance (git-fixes). * regulator: mt6357: fix OF node reference imbalance (git-fixes). * remoteproc: xlnx: Only access buffer information if IPI is buffered (git- fixes). * Revert "ALSA: usb: Increase volume range that triggers a warning" (git- fixes). * rtc: abx80x: Disable alarm feature if no interrupt attached (git-fixes). * rtc: ntxec: fix OF node reference imbalance (git-fixes). * sched/balancing: Switch the 'DEFINE_SPINLOCK(balancing)' spinlock into an 'atomic_t sched_balance_running' flag (bsc#1253754). * sched/fair: Change likelyhood of nohz.nr_cpus (bsc#1234634 bsc#1258961). * sched/fair: Have SD_SERIALIZE affect newidle balancing (bsc#1253754). * sched/fair: Move checking for nohz cpus after time check (bsc#1234634 bsc#1258961). * sched/fair: Remove nohz.nr_cpus and use weight of cpumask instead (bsc#1234634 bsc#1258961). * sched/fair: Skip sched_balance_running cmpxchg when balance is not due (bsc#1253754). * scsi: storvsc: Handle PERSISTENT_RESERVE_IN truncation for Hyper-V vFC (git- fixes). * scsi: target: iscsi: validate CHAP_R length before base64 decode (bsc#1265449). * soc/tegra: cbb: Set ERD on resume for err interrupt (git-fixes). * soc: qcom: aoss: compare against normalized cooling state (git-fixes). * soc: qcom: llcc: fix v1 SB syndrome register offset (git-fixes). * sound: ua101: fix division by zero at probe (git-fixes). * soundwire: bus: demote UNATTACHED state warnings to dev_dbg() (git-fixes). * soundwire: cadence: Clear message complete before signaling waiting thread (git-fixes). * spi: at91-usart: fix controller deregistration (git-fixes). * spi: atmel: fix controller deregistration (git-fixes). * spi: cadence: fix controller deregistration (git-fixes). * spi: fix controller cleanup() documentation (git-fixes). * spi: fix misleading controller deregistration kernel-doc (git-fixes). * spi: fix misleading controller registration kernel-doc (git-fixes). * spi: fsl-qspi: Use reinit_completion() for repeated operations (git-fixes). * spi: hisi-kunpeng: prevent infinite while() loop in hisi_spi_flush_fifo (git-fixes). * spi: imx: fix runtime pm leak on probe deferral (git-fixes). * spi: imx: fix use-after-free on unbind (git-fixes). * spi: microchip-core-qspi: fix controller deregistration (git-fixes). * spi: microchip-core-qspi: Use helper function devm_clk_get_enabled() (stable-fixes). * spi: mpc52xx: fix use-after-free on unbind (git-fixes). * spi: mtk-nor: fix controller deregistration (git-fixes). * spi: mtk-snfi: unregister ECC engine on probe failure and remove() callback (git-fixes). * spi: omap2-mcspi: fix controller deregistration (git-fixes). * spi: orion: fix clock imbalance on registration failure (git-fixes). * spi: orion: fix runtime pm leak on unbind (git-fixes). * spi: rockchip: fix controller deregistration (git-fixes). * spi: rspi: fix controller deregistration (git-fixes). * spi: sh-hspi: fix controller deregistration (git-fixes). * spi: spi-ti-qspi: Convert to platform remove callback returning void (stable-fixes). * spi: sprd: fix controller deregistration (git-fixes). * spi: sun4i: fix controller deregistration (git-fixes). * spi: sun4i: switch to use modern name (stable-fixes). * spi: syncuacer: fix controller deregistration (git-fixes). * spi: synquacer: switch to use modern name (stable-fixes). * spi: uniphier: fix controller deregistration (git-fixes). * spi: uniphier: Simplify clock handling with devm_clk_get_enabled() (stable- fixes). * spi: uniphier: switch to use modern name (stable-fixes). * spi: zynq-qspi: switch to use modern name (stable-fixes). * spi: zynqmp-gqspi: fix controller deregistration (git-fixes). * staging: media: atomisp: Disallow all private IOCTLs (git-fixes). * staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify() (git-fixes). * staging: sm750fb: fix division by zero in ps_to_hz() (git-fixes). * staging: vme_user: added bound check to geoid (stable-fixes). * staging: vme_user: fix root device leak on init failure (git-fixes). * thermal/drivers/spear: Fix error condition for reading st,thermal-flags (git-fixes). * thermal/drivers/sprd: Fix raw temperature clamping in sprd_thm_rawdata_to_temp (git-fixes). * thermal/drivers/sprd: Fix temperature clamping in sprd_thm_temp_to_rawdata (git-fixes). * tpm: avoid -Wunused-but-set-variable (git-fixes). * tpm: tpm_tis: add error logging for data transfer (git-fixes). * tpm: tpm_tis: stop transmit if retries are exhausted (git-fixes). * tty: tty_io: update timestamps on all device nodes (bsc#1262020). * USB: cdc-acm: Add quirks for Yoga Book 9 14IAH10 INGENIC touchscreen (stable-fixes). * usb: chipidea: core: allow ci_irq_handler() handle both ID and VBUS change (git-fixes). * usb: chipidea: otg: not wait vbus drop if use role_switch (git-fixes). * USB: core: add NO_LPM quirk for Razer Kiyo Pro webcam (stable-fixes). * usb: gadget: dummy_hcd: fix premature URB completion when ZLP follows partial transfer (stable-fixes). * usb: gadget: f_ncm: validate minimum block_len in ncm_unwrap_ntb() (git- fixes). * usb: gadget: f_phonet: fix skb frags[] overflow in pn_rx_complete() (stable- fixes). * usb: gadget: f_uac1_legacy: validate control request size (stable-fixes). * usb: gadget: renesas_usb3: validate endpoint index in standard request handlers (git-fixes). * USB: omap_udc: DMA: Don't enable burst 4 mode (git-fixes). * usb: port: add delay after usb_hub_set_port_power() (git-fixes). * usb: quirks: add DELAY_INIT quirk for another Silicon Motion flash drive (stable-fixes). * USB: serial: io_edgeport: add support for Blackbox IC135A (stable-fixes). * USB: serial: option: add MeiG Smart SRM825WN (stable-fixes). * USB: serial: option: add support for Rolling Wireless RW135R-GL (stable- fixes). * USB: serial: option: add Telit Cinterion FN990A MBIM composition (stable- fixes). * USB: serial: option: add Telit Cinterion LE910Cx compositions (stable- fixes). * usb: storage: Expand range of matched versions for VL817 quirks entry (stable-fixes). * usb: ulpi: fix memory leak on ulpi_register() error paths (git-fixes). * usb: usblp: fix heap leak in IEEE 1284 device ID via short response (stable- fixes). * usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl (stable- fixes). * usb: xhci: Make usb_host_endpoint.hcpriv survive endpoint_disable() (git- fixes). * usbip: validate number_of_packets in usbip_pack_ret_submit() (git-fixes). * virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (git- fixes). * virt: tdx-guest: Return error for GetQuote failures (git-fixes). * wifi: ath5k: do not access array OOB (git-fixes). * wifi: ath9k: Fix typo (git-fixes). * wifi: ath11k: Pass the correct value of each TID during a stop AMPDU session (git-fixes). * wifi: ath11k: skip status ring entry processing (stable-fixes). * wifi: ath11k: Use dma_alloc_noncoherent for rx_tid buffer allocation (stable-fixes). * wifi: b43: enforce bounds check on firmware key index in b43_rx() (git- fixes). * wifi: b43legacy: enforce bounds check on firmware key index in RX path (git- fixes). * wifi: brcmfmac: Fix error pointer dereference (git-fixes). * wifi: brcmfmac: validate bsscfg indices in IF events (stable-fixes). * wifi: brcmsmac: Fix dma_free_coherent() size (git-fixes). * wifi: cw1200: Revert "Fix locking in error paths" (git-fixes). * wifi: libertas: notify firmware load wait on disconnect (git-fixes). * wifi: mac80211: check ieee80211_rx_data_set_link return in pubsta MLO path (git-fixes). * wifi: mac80211: drop stray 'static' from fast-RX rx_result (git-fixes). * wifi: mac80211: remove station if connection prep fails (git-fixes). * wifi: mt76: mt792x: describe USB WFSYS reset with a descriptor (stable- fixes). * wifi: mt76: mt792x: fix mt7925u USB WFSYS reset handling (git-fixes). * wifi: mt76: mt7615: fix use_cts_prot support (git-fixes). * wifi: mt76: mt7915: fix use-after-free bugs in mt7915_mac_dump_work() (git- fixes). * wifi: mt76: mt7915: fix use_cts_prot support (git-fixes). * wifi: mt76: mt7921: fix a potential clc buffer length underflow (git-fixes). * wifi: mt76: mt7921: fix ROC abort flow interruption in mt7921_roc_work (git- fixes). * wifi: mt76: mt7921: Reset ampdu_state state in case of failure in mt76_connac2_tx_check_aggr() (git-fixes). * wifi: mt76: mt7925: fix incorrect length field in txpower command (git- fixes). * wifi: mt76: mt7996: fix FCS error flag check in RX descriptor (git-fixes). * wifi: mt76: mt7996: fix struct mt7996_mcu_uni_event (git-fixes). * wifi: mwifiex: Fix memory leak in mwifiex_11n_aggregate_pkt() (git-fixes). * wifi: nl80211: fix NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST usage (git- fixes). * wifi: nl80211: require admin perm on SET_PMK / DEL_PMK (git-fixes). * wifi: rsi: fix kthread lifetime race between self-exit and external-stop (git-fixes). * wifi: rt2x00usb: fix devres lifetime (git-fixes). * wifi: rtlwifi: pci: fix possible use-after-free caused by unfinished irq_prepare_bcn_tasklet (git-fixes). * wifi: rtw88: check for PCI upstream bridge existence (git-fixes). * wifi: rtw88: fix device leak on probe failure (git-fixes). * wifi: rtw89: phy: fix uninitialized variable access in rtw89_phy_cfo_set_crystal_cap() (git-fixes). * wifi: wl1251: validate packet IDs before indexing tx_frames (stable-fixes). * workqueue: Break up enum definitions and give names to the types (bsc#1260522). * workqueue: Clean up enum work_bits and related constants (bsc#1260522). * workqueue: Factor out work_grab_pending() from __cancel_work_sync() (bsc#1260522). * workqueue: Fix UBSAN 'subtraction overflow' error in shift_and_mask() (bsc#1260522). * workqueue: Implement disable/enable for (delayed) work items (bsc#1260522). * workqueue: Introduce work_cancel_flags (bsc#1260522). * workqueue: Make @flags handling consistent across set_work_data() and friends (bsc#1260522). * workqueue: Preserve OFFQ bits in cancel[_sync] paths (bsc#1260522). * workqueue: Rename __cancel_work_timer() to __cancel_timer_sync() (bsc#1260522). * workqueue: Reorganize flush and cancel[_sync] functions (bsc#1260522). * x86/boot/64: Clear most of CR4 in startup_64(), except PAE, MCE and LA57 (git-fixes). * x86/boot/sev: Avoid shared GHCB page for early memory acceptance (git- fixes). * x86/boot: Don't add the EFI stub to targets, again (git-fixes). * x86/boot: Fix page table access in 5-level to 4-level paging transition (git-fixes). * X.509: Fix out-of-bounds access when parsing extensions (git-fixes). * Xarray: do not return sibling entries from xas_find_marked() (bsc#1263815). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro Extras 6.0 zypper in -t patch SUSE-SLE-Micro-Extras-6.0-kernel-435=1 ## Package List: * SUSE Linux Micro Extras 6.0 (nosrc) * kernel-default-6.4.0-46.1 * kernel-64kb-6.4.0-46.1 * SUSE Linux Micro Extras 6.0 (aarch64) * kernel-64kb-devel-6.4.0-46.1 * kernel-64kb-debugsource-6.4.0-46.1 * SUSE Linux Micro Extras 6.0 (aarch64 s390x x86_64) * kernel-obs-build-debugsource-6.4.0-46.1 * kernel-default-devel-6.4.0-46.1 * kernel-default-debugsource-6.4.0-46.1 * kernel-obs-build-6.4.0-46.1 * kernel-syms-6.4.0-46.1 * SUSE Linux Micro Extras 6.0 (x86_64) * kernel-default-devel-debuginfo-6.4.0-46.1 ## References: * https://www.suse.com/security/cve/CVE-2023-2058.html * https://www.suse.com/security/cve/CVE-2025-40219.html * https://www.suse.com/security/cve/CVE-2025-71183.html * https://www.suse.com/security/cve/CVE-2025-71238.html * https://www.suse.com/security/cve/CVE-2026-23168.html * https://www.suse.com/security/cve/CVE-2026-23209.html * https://www.suse.com/security/cve/CVE-2026-23236.html * https://www.suse.com/security/cve/CVE-2026-23237.html * https://www.suse.com/security/cve/CVE-2026-23239.html * https://www.suse.com/security/cve/CVE-2026-23240.html * https://www.suse.com/security/cve/CVE-2026-23245.html * https://www.suse.com/security/cve/CVE-2026-23246.html * https://www.suse.com/security/cve/CVE-2026-23253.html * https://www.suse.com/security/cve/CVE-2026-23260.html * https://www.suse.com/security/cve/CVE-2026-23264.html * https://www.suse.com/security/cve/CVE-2026-23266.html * https://www.suse.com/security/cve/CVE-2026-23268.html * https://www.suse.com/security/cve/CVE-2026-23269.html * https://www.suse.com/security/cve/CVE-2026-23271.html * https://www.suse.com/security/cve/CVE-2026-23273.html * https://www.suse.com/security/cve/CVE-2026-23276.html * https://www.suse.com/security/cve/CVE-2026-23279.html * https://www.suse.com/security/cve/CVE-2026-23290.html * https://www.suse.com/security/cve/CVE-2026-23291.html * https://www.suse.com/security/cve/CVE-2026-23298.html * https://www.suse.com/security/cve/CVE-2026-23300.html * https://www.suse.com/security/cve/CVE-2026-23306.html * https://www.suse.com/security/cve/CVE-2026-23307.html * https://www.suse.com/security/cve/CVE-2026-23308.html * https://www.suse.com/security/cve/CVE-2026-23312.html * https://www.suse.com/security/cve/CVE-2026-23313.html * https://www.suse.com/security/cve/CVE-2026-23315.html * https://www.suse.com/security/cve/CVE-2026-23318.html * https://www.suse.com/security/cve/CVE-2026-23321.html * https://www.suse.com/security/cve/CVE-2026-23324.html * https://www.suse.com/security/cve/CVE-2026-23325.html * https://www.suse.com/security/cve/CVE-2026-23336.html * https://www.suse.com/security/cve/CVE-2026-23339.html * https://www.suse.com/security/cve/CVE-2026-23340.html * https://www.suse.com/security/cve/CVE-2026-23346.html * https://www.suse.com/security/cve/CVE-2026-23351.html * https://www.suse.com/security/cve/CVE-2026-23357.html * https://www.suse.com/security/cve/CVE-2026-23362.html * https://www.suse.com/security/cve/CVE-2026-23363.html * https://www.suse.com/security/cve/CVE-2026-23365.html * https://www.suse.com/security/cve/CVE-2026-23367.html * https://www.suse.com/security/cve/CVE-2026-23368.html * https://www.suse.com/security/cve/CVE-2026-23370.html * https://www.suse.com/security/cve/CVE-2026-23372.html * https://www.suse.com/security/cve/CVE-2026-23373.html * https://www.suse.com/security/cve/CVE-2026-23374.html * https://www.suse.com/security/cve/CVE-2026-23378.html * https://www.suse.com/security/cve/CVE-2026-23382.html * https://www.suse.com/security/cve/CVE-2026-23391.html * https://www.suse.com/security/cve/CVE-2026-23392.html * https://www.suse.com/security/cve/CVE-2026-23393.html * https://www.suse.com/security/cve/CVE-2026-23396.html * https://www.suse.com/security/cve/CVE-2026-23397.html * https://www.suse.com/security/cve/CVE-2026-23399.html * https://www.suse.com/security/cve/CVE-2026-23403.html * https://www.suse.com/security/cve/CVE-2026-23404.html * https://www.suse.com/security/cve/CVE-2026-23405.html * https://www.suse.com/security/cve/CVE-2026-23406.html * https://www.suse.com/security/cve/CVE-2026-23407.html * https://www.suse.com/security/cve/CVE-2026-23408.html * https://www.suse.com/security/cve/CVE-2026-23409.html * https://www.suse.com/security/cve/CVE-2026-23410.html * https://www.suse.com/security/cve/CVE-2026-23411.html * https://www.suse.com/security/cve/CVE-2026-23420.html * https://www.suse.com/security/cve/CVE-2026-23426.html * https://www.suse.com/security/cve/CVE-2026-23434.html * https://www.suse.com/security/cve/CVE-2026-23440.html * https://www.suse.com/security/cve/CVE-2026-23441.html * https://www.suse.com/security/cve/CVE-2026-23442.html * https://www.suse.com/security/cve/CVE-2026-23443.html * https://www.suse.com/security/cve/CVE-2026-23446.html * https://www.suse.com/security/cve/CVE-2026-23447.html * https://www.suse.com/security/cve/CVE-2026-23448.html * https://www.suse.com/security/cve/CVE-2026-23449.html * https://www.suse.com/security/cve/CVE-2026-23450.html * https://www.suse.com/security/cve/CVE-2026-23452.html * https://www.suse.com/security/cve/CVE-2026-23455.html * https://www.suse.com/security/cve/CVE-2026-23456.html * https://www.suse.com/security/cve/CVE-2026-23457.html * https://www.suse.com/security/cve/CVE-2026-23458.html * https://www.suse.com/security/cve/CVE-2026-23460.html * https://www.suse.com/security/cve/CVE-2026-23461.html * https://www.suse.com/security/cve/CVE-2026-23462.html * https://www.suse.com/security/cve/CVE-2026-23463.html * https://www.suse.com/security/cve/CVE-2026-23465.html * https://www.suse.com/security/cve/CVE-2026-23468.html * https://www.suse.com/security/cve/CVE-2026-23472.html * https://www.suse.com/security/cve/CVE-2026-23473.html * https://www.suse.com/security/cve/CVE-2026-23474.html * https://www.suse.com/security/cve/CVE-2026-23475.html * https://www.suse.com/security/cve/CVE-2026-31389.html * https://www.suse.com/security/cve/CVE-2026-31393.html * https://www.suse.com/security/cve/CVE-2026-31400.html * https://www.suse.com/security/cve/CVE-2026-31402.html * https://www.suse.com/security/cve/CVE-2026-31403.html * https://www.suse.com/security/cve/CVE-2026-31404.html * https://www.suse.com/security/cve/CVE-2026-31405.html * https://www.suse.com/security/cve/CVE-2026-31407.html * https://www.suse.com/security/cve/CVE-2026-31408.html * https://www.suse.com/security/cve/CVE-2026-31411.html * https://www.suse.com/security/cve/CVE-2026-31412.html * https://www.suse.com/security/cve/CVE-2026-31415.html * https://www.suse.com/security/cve/CVE-2026-31416.html * https://www.suse.com/security/cve/CVE-2026-31417.html * https://www.suse.com/security/cve/CVE-2026-31420.html * https://www.suse.com/security/cve/CVE-2026-31421.html * https://www.suse.com/security/cve/CVE-2026-31422.html * https://www.suse.com/security/cve/CVE-2026-31423.html * https://www.suse.com/security/cve/CVE-2026-31424.html * https://www.suse.com/security/cve/CVE-2026-31425.html * https://www.suse.com/security/cve/CVE-2026-31426.html * https://www.suse.com/security/cve/CVE-2026-31427.html * https://www.suse.com/security/cve/CVE-2026-31428.html * https://www.suse.com/security/cve/CVE-2026-31436.html * https://www.suse.com/security/cve/CVE-2026-31449.html * https://www.suse.com/security/cve/CVE-2026-31470.html * https://www.suse.com/security/cve/CVE-2026-31488.html * https://www.suse.com/security/cve/CVE-2026-31494.html * https://www.suse.com/security/cve/CVE-2026-31496.html * https://www.suse.com/security/cve/CVE-2026-31504.html * https://www.suse.com/security/cve/CVE-2026-31505.html * https://www.suse.com/security/cve/CVE-2026-31507.html * https://www.suse.com/security/cve/CVE-2026-31512.html * https://www.suse.com/security/cve/CVE-2026-31515.html * https://www.suse.com/security/cve/CVE-2026-31519.html * https://www.suse.com/security/cve/CVE-2026-31525.html * https://www.suse.com/security/cve/CVE-2026-31528.html * https://www.suse.com/security/cve/CVE-2026-31533.html * https://www.suse.com/security/cve/CVE-2026-31550.html * https://www.suse.com/security/cve/CVE-2026-31565.html * https://www.suse.com/security/cve/CVE-2026-31570.html * https://www.suse.com/security/cve/CVE-2026-31586.html * https://www.suse.com/security/cve/CVE-2026-31588.html * https://www.suse.com/security/cve/CVE-2026-31602.html * https://www.suse.com/security/cve/CVE-2026-31607.html * https://www.suse.com/security/cve/CVE-2026-31622.html * https://www.suse.com/security/cve/CVE-2026-31649.html * https://www.suse.com/security/cve/CVE-2026-31656.html * https://www.suse.com/security/cve/CVE-2026-31662.html * https://www.suse.com/security/cve/CVE-2026-31668.html * https://www.suse.com/security/cve/CVE-2026-31669.html * https://www.suse.com/security/cve/CVE-2026-31675.html * https://www.suse.com/security/cve/CVE-2026-31679.html * https://www.suse.com/security/cve/CVE-2026-31681.html * https://www.suse.com/security/cve/CVE-2026-31682.html * https://www.suse.com/security/cve/CVE-2026-31684.html * https://www.suse.com/security/cve/CVE-2026-31685.html * https://www.suse.com/security/cve/CVE-2026-31694.html * https://www.suse.com/security/cve/CVE-2026-31700.html * https://www.suse.com/security/cve/CVE-2026-31738.html * https://www.suse.com/security/cve/CVE-2026-31787.html * https://www.suse.com/security/cve/CVE-2026-43009.html * https://www.suse.com/security/cve/CVE-2026-43025.html * https://www.suse.com/security/cve/CVE-2026-43027.html * https://www.suse.com/security/cve/CVE-2026-43037.html * https://www.suse.com/security/cve/CVE-2026-43038.html * https://www.suse.com/security/cve/CVE-2026-43044.html * https://www.suse.com/security/cve/CVE-2026-43050.html * https://www.suse.com/security/cve/CVE-2026-43060.html * https://www.suse.com/security/cve/CVE-2026-43088.html * https://www.suse.com/security/cve/CVE-2026-43110.html * https://www.suse.com/security/cve/CVE-2026-43120.html * https://www.suse.com/security/cve/CVE-2026-43126.html * https://www.suse.com/security/cve/CVE-2026-43190.html * https://www.suse.com/security/cve/CVE-2026-43214.html * https://www.suse.com/security/cve/CVE-2026-43265.html * https://www.suse.com/security/cve/CVE-2026-43329.html * https://www.suse.com/security/cve/CVE-2026-43330.html * https://www.suse.com/security/cve/CVE-2026-43334.html * https://www.suse.com/security/cve/CVE-2026-43365.html * https://www.suse.com/security/cve/CVE-2026-43366.html * https://www.suse.com/security/cve/CVE-2026-43419.html * https://www.suse.com/security/cve/CVE-2026-43437.html * https://www.suse.com/security/cve/CVE-2026-43441.html * https://www.suse.com/security/cve/CVE-2026-43494.html * https://www.suse.com/security/cve/CVE-2026-43503.html * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1234634 * https://bugzilla.suse.com/show_bug.cgi?id=1243603 * https://bugzilla.suse.com/show_bug.cgi?id=1248754 * https://bugzilla.suse.com/show_bug.cgi?id=1253122 * https://bugzilla.suse.com/show_bug.cgi?id=1253754 * https://bugzilla.suse.com/show_bug.cgi?id=1254518 * https://bugzilla.suse.com/show_bug.cgi?id=1256863 * https://bugzilla.suse.com/show_bug.cgi?id=1257631 * https://bugzilla.suse.com/show_bug.cgi?id=1258518 * https://bugzilla.suse.com/show_bug.cgi?id=1258718 * https://bugzilla.suse.com/show_bug.cgi?id=1258826 * https://bugzilla.suse.com/show_bug.cgi?id=1258849 * https://bugzilla.suse.com/show_bug.cgi?id=1258850 * https://bugzilla.suse.com/show_bug.cgi?id=1258854 * https://bugzilla.suse.com/show_bug.cgi?id=1258855 * https://bugzilla.suse.com/show_bug.cgi?id=1258856 * https://bugzilla.suse.com/show_bug.cgi?id=1258857 * https://bugzilla.suse.com/show_bug.cgi?id=1258961 * https://bugzilla.suse.com/show_bug.cgi?id=1259186 * https://bugzilla.suse.com/show_bug.cgi?id=1259199 * https://bugzilla.suse.com/show_bug.cgi?id=1259222 * https://bugzilla.suse.com/show_bug.cgi?id=1259484 * https://bugzilla.suse.com/show_bug.cgi?id=1259485 * https://bugzilla.suse.com/show_bug.cgi?id=1259535 * https://bugzilla.suse.com/show_bug.cgi?id=1259799 * https://bugzilla.suse.com/show_bug.cgi?id=1259806 * https://bugzilla.suse.com/show_bug.cgi?id=1259857 * https://bugzilla.suse.com/show_bug.cgi?id=1259868 * https://bugzilla.suse.com/show_bug.cgi?id=1259869 * https://bugzilla.suse.com/show_bug.cgi?id=1259873 * https://bugzilla.suse.com/show_bug.cgi?id=1259878 * https://bugzilla.suse.com/show_bug.cgi?id=1260010 * https://bugzilla.suse.com/show_bug.cgi?id=1260012 * https://bugzilla.suse.com/show_bug.cgi?id=1260018 * https://bugzilla.suse.com/show_bug.cgi?id=1260468 * https://bugzilla.suse.com/show_bug.cgi?id=1260483 * https://bugzilla.suse.com/show_bug.cgi?id=1260484 * https://bugzilla.suse.com/show_bug.cgi?id=1260485 * https://bugzilla.suse.com/show_bug.cgi?id=1260489 * https://bugzilla.suse.com/show_bug.cgi?id=1260501 * https://bugzilla.suse.com/show_bug.cgi?id=1260504 * https://bugzilla.suse.com/show_bug.cgi?id=1260505 * https://bugzilla.suse.com/show_bug.cgi?id=1260507 * https://bugzilla.suse.com/show_bug.cgi?id=1260522 * https://bugzilla.suse.com/show_bug.cgi?id=1260523 * https://bugzilla.suse.com/show_bug.cgi?id=1260526 * https://bugzilla.suse.com/show_bug.cgi?id=1260528 * https://bugzilla.suse.com/show_bug.cgi?id=1260529 * https://bugzilla.suse.com/show_bug.cgi?id=1260530 * https://bugzilla.suse.com/show_bug.cgi?id=1260531 * https://bugzilla.suse.com/show_bug.cgi?id=1260532 * https://bugzilla.suse.com/show_bug.cgi?id=1260533 * https://bugzilla.suse.com/show_bug.cgi?id=1260536 * https://bugzilla.suse.com/show_bug.cgi?id=1260537 * https://bugzilla.suse.com/show_bug.cgi?id=1260538 * https://bugzilla.suse.com/show_bug.cgi?id=1260541 * https://bugzilla.suse.com/show_bug.cgi?id=1260546 * https://bugzilla.suse.com/show_bug.cgi?id=1260549 * https://bugzilla.suse.com/show_bug.cgi?id=1260551 * https://bugzilla.suse.com/show_bug.cgi?id=1260552 * https://bugzilla.suse.com/show_bug.cgi?id=1260553 * https://bugzilla.suse.com/show_bug.cgi?id=1260555 * https://bugzilla.suse.com/show_bug.cgi?id=1260561 * https://bugzilla.suse.com/show_bug.cgi?id=1260566 * https://bugzilla.suse.com/show_bug.cgi?id=1260572 * https://bugzilla.suse.com/show_bug.cgi?id=1260581 * https://bugzilla.suse.com/show_bug.cgi?id=1260728 * https://bugzilla.suse.com/show_bug.cgi?id=1260729 * https://bugzilla.suse.com/show_bug.cgi?id=1260731 * https://bugzilla.suse.com/show_bug.cgi?id=1260800 * https://bugzilla.suse.com/show_bug.cgi?id=1260811 * https://bugzilla.suse.com/show_bug.cgi?id=1261020 * https://bugzilla.suse.com/show_bug.cgi?id=1261287 * https://bugzilla.suse.com/show_bug.cgi?id=1261295 * https://bugzilla.suse.com/show_bug.cgi?id=1261348 * https://bugzilla.suse.com/show_bug.cgi?id=1261503 * https://bugzilla.suse.com/show_bug.cgi?id=1261504 * https://bugzilla.suse.com/show_bug.cgi?id=1261581 * https://bugzilla.suse.com/show_bug.cgi?id=1261582 * https://bugzilla.suse.com/show_bug.cgi?id=1261584 * https://bugzilla.suse.com/show_bug.cgi?id=1261601 * https://bugzilla.suse.com/show_bug.cgi?id=1261602 * https://bugzilla.suse.com/show_bug.cgi?id=1261618 * https://bugzilla.suse.com/show_bug.cgi?id=1261628 * https://bugzilla.suse.com/show_bug.cgi?id=1261632 * https://bugzilla.suse.com/show_bug.cgi?id=1261636 * https://bugzilla.suse.com/show_bug.cgi?id=1261638 * https://bugzilla.suse.com/show_bug.cgi?id=1261641 * https://bugzilla.suse.com/show_bug.cgi?id=1261644 * https://bugzilla.suse.com/show_bug.cgi?id=1261645 * https://bugzilla.suse.com/show_bug.cgi?id=1261648 * https://bugzilla.suse.com/show_bug.cgi?id=1261679 * https://bugzilla.suse.com/show_bug.cgi?id=1261685 * https://bugzilla.suse.com/show_bug.cgi?id=1261686 * https://bugzilla.suse.com/show_bug.cgi?id=1261687 * https://bugzilla.suse.com/show_bug.cgi?id=1261692 * https://bugzilla.suse.com/show_bug.cgi?id=1261694 * https://bugzilla.suse.com/show_bug.cgi?id=1261700 * https://bugzilla.suse.com/show_bug.cgi?id=1261703 * https://bugzilla.suse.com/show_bug.cgi?id=1261707 * https://bugzilla.suse.com/show_bug.cgi?id=1261710 * https://bugzilla.suse.com/show_bug.cgi?id=1261713 * https://bugzilla.suse.com/show_bug.cgi?id=1261719 * https://bugzilla.suse.com/show_bug.cgi?id=1261750 * https://bugzilla.suse.com/show_bug.cgi?id=1261751 * https://bugzilla.suse.com/show_bug.cgi?id=1261752 * https://bugzilla.suse.com/show_bug.cgi?id=1261768 * https://bugzilla.suse.com/show_bug.cgi?id=1261778 * https://bugzilla.suse.com/show_bug.cgi?id=1261779 * https://bugzilla.suse.com/show_bug.cgi?id=1261781 * https://bugzilla.suse.com/show_bug.cgi?id=1261789 * https://bugzilla.suse.com/show_bug.cgi?id=1261796 * https://bugzilla.suse.com/show_bug.cgi?id=1261797 * https://bugzilla.suse.com/show_bug.cgi?id=1261896 * https://bugzilla.suse.com/show_bug.cgi?id=1262020 * https://bugzilla.suse.com/show_bug.cgi?id=1262053 * https://bugzilla.suse.com/show_bug.cgi?id=1262054 * https://bugzilla.suse.com/show_bug.cgi?id=1262055 * https://bugzilla.suse.com/show_bug.cgi?id=1262061 * https://bugzilla.suse.com/show_bug.cgi?id=1262063 * https://bugzilla.suse.com/show_bug.cgi?id=1262074 * https://bugzilla.suse.com/show_bug.cgi?id=1262078 * https://bugzilla.suse.com/show_bug.cgi?id=1262086 * https://bugzilla.suse.com/show_bug.cgi?id=1262087 * https://bugzilla.suse.com/show_bug.cgi?id=1262099 * https://bugzilla.suse.com/show_bug.cgi?id=1262100 * https://bugzilla.suse.com/show_bug.cgi?id=1262101 * https://bugzilla.suse.com/show_bug.cgi?id=1262179 * https://bugzilla.suse.com/show_bug.cgi?id=1262181 * https://bugzilla.suse.com/show_bug.cgi?id=1262602 * https://bugzilla.suse.com/show_bug.cgi?id=1262616 * https://bugzilla.suse.com/show_bug.cgi?id=1262665 * https://bugzilla.suse.com/show_bug.cgi?id=1262671 * https://bugzilla.suse.com/show_bug.cgi?id=1262673 * https://bugzilla.suse.com/show_bug.cgi?id=1262725 * https://bugzilla.suse.com/show_bug.cgi?id=1262731 * https://bugzilla.suse.com/show_bug.cgi?id=1262734 * https://bugzilla.suse.com/show_bug.cgi?id=1262746 * https://bugzilla.suse.com/show_bug.cgi?id=1262752 * https://bugzilla.suse.com/show_bug.cgi?id=1262758 * https://bugzilla.suse.com/show_bug.cgi?id=1263001 * https://bugzilla.suse.com/show_bug.cgi?id=1263012 * https://bugzilla.suse.com/show_bug.cgi?id=1263064 * https://bugzilla.suse.com/show_bug.cgi?id=1263065 * https://bugzilla.suse.com/show_bug.cgi?id=1263085 * https://bugzilla.suse.com/show_bug.cgi?id=1263093 * https://bugzilla.suse.com/show_bug.cgi?id=1263095 * https://bugzilla.suse.com/show_bug.cgi?id=1263104 * https://bugzilla.suse.com/show_bug.cgi?id=1263131 * https://bugzilla.suse.com/show_bug.cgi?id=1263140 * https://bugzilla.suse.com/show_bug.cgi?id=1263141 * https://bugzilla.suse.com/show_bug.cgi?id=1263149 * https://bugzilla.suse.com/show_bug.cgi?id=1263165 * https://bugzilla.suse.com/show_bug.cgi?id=1263170 * https://bugzilla.suse.com/show_bug.cgi?id=1263176 * https://bugzilla.suse.com/show_bug.cgi?id=1263556 * https://bugzilla.suse.com/show_bug.cgi?id=1263582 * https://bugzilla.suse.com/show_bug.cgi?id=1263592 * https://bugzilla.suse.com/show_bug.cgi?id=1263593 * https://bugzilla.suse.com/show_bug.cgi?id=1263595 * https://bugzilla.suse.com/show_bug.cgi?id=1263596 * https://bugzilla.suse.com/show_bug.cgi?id=1263600 * https://bugzilla.suse.com/show_bug.cgi?id=1263668 * https://bugzilla.suse.com/show_bug.cgi?id=1263723 * https://bugzilla.suse.com/show_bug.cgi?id=1263797 * https://bugzilla.suse.com/show_bug.cgi?id=1263815 * https://bugzilla.suse.com/show_bug.cgi?id=1263882 * https://bugzilla.suse.com/show_bug.cgi?id=1263901 * https://bugzilla.suse.com/show_bug.cgi?id=1263931 * https://bugzilla.suse.com/show_bug.cgi?id=1263933 * https://bugzilla.suse.com/show_bug.cgi?id=1263995 * https://bugzilla.suse.com/show_bug.cgi?id=1264014 * https://bugzilla.suse.com/show_bug.cgi?id=1264059 * https://bugzilla.suse.com/show_bug.cgi?id=1264082 * https://bugzilla.suse.com/show_bug.cgi?id=1264087 * https://bugzilla.suse.com/show_bug.cgi?id=1264097 * https://bugzilla.suse.com/show_bug.cgi?id=1264183 * https://bugzilla.suse.com/show_bug.cgi?id=1264427 * https://bugzilla.suse.com/show_bug.cgi?id=1264469 * https://bugzilla.suse.com/show_bug.cgi?id=1264482 * https://bugzilla.suse.com/show_bug.cgi?id=1264634 * https://bugzilla.suse.com/show_bug.cgi?id=1264651 * https://bugzilla.suse.com/show_bug.cgi?id=1264661 * https://bugzilla.suse.com/show_bug.cgi?id=1264674 * https://bugzilla.suse.com/show_bug.cgi?id=1264801 * https://bugzilla.suse.com/show_bug.cgi?id=1264848 * https://bugzilla.suse.com/show_bug.cgi?id=1265085 * https://bugzilla.suse.com/show_bug.cgi?id=1265090 * https://bugzilla.suse.com/show_bug.cgi?id=1265116 * https://bugzilla.suse.com/show_bug.cgi?id=1265119 * https://bugzilla.suse.com/show_bug.cgi?id=1265126 * https://bugzilla.suse.com/show_bug.cgi?id=1265144 * https://bugzilla.suse.com/show_bug.cgi?id=1265308 * https://bugzilla.suse.com/show_bug.cgi?id=1265421 * https://bugzilla.suse.com/show_bug.cgi?id=1265449 * https://bugzilla.suse.com/show_bug.cgi?id=1265456 * https://bugzilla.suse.com/show_bug.cgi?id=1265626 * https://bugzilla.suse.com/show_bug.cgi?id=1265846 * https://bugzilla.suse.com/show_bug.cgi?id=1265960 * https://jira.suse.com/browse/PED-7249 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 17:17:25 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 17:17:25 -0000 Subject: SUSE-SU-2026:2226-1: important: Security update for xorg-x11-server Message-ID: <178042064585.42.14157366316782974075@b0da085613fb> # Security update for xorg-x11-server Announcement ID: SUSE-SU-2026:2226-1 Release Date: 2026-06-02T08:42:33Z Rating: important References: * bsc#1266294 * bsc#1266295 * bsc#1266296 * bsc#1266297 * bsc#1266298 * bsc#1266299 * bsc#1266300 * bsc#1266301 * bsc#1266302 Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has nine security fixes can now be installed. ## Description: This update for xorg-x11-server fixes the following issues * CreateSaverWindow Use-After-Free Information Disclosure. (bsc#1266301) * DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write. (bsc#1266302) * Font Alias Stack-based Buffer Overflow. (bsc#1266294) * GLX ChangeDrawableAttributes Out-Of-Bounds Read/Write. (bsc#1266300) * XKB Key Types Stack-based Buffer Overflow. (bsc#1266296) * XKB SetMap Request Stack-based Buffer Overflow. (bsc#1266297) * XSYNC Use-After-Free in FreeCounter(). (bsc#1266298) * XSYNC Use-After-Free in miSyncDestroyFence(). (bsc#1266295) * XSYNC Use-After-Free in SyncChangeCounter(). (bsc#1266299) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2226=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2226=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2226=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * xorg-x11-server-debugsource-21.1.11-150600.5.28.1 * xorg-x11-server-debuginfo-21.1.11-150600.5.28.1 * xorg-x11-server-21.1.11-150600.5.28.1 * xorg-x11-server-extra-debuginfo-21.1.11-150600.5.28.1 * xorg-x11-server-sdk-21.1.11-150600.5.28.1 * xorg-x11-server-Xvfb-21.1.11-150600.5.28.1 * xorg-x11-server-extra-21.1.11-150600.5.28.1 * xorg-x11-server-source-21.1.11-150600.5.28.1 * xorg-x11-server-Xvfb-debuginfo-21.1.11-150600.5.28.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * xorg-x11-server-debugsource-21.1.11-150600.5.28.1 * xorg-x11-server-debuginfo-21.1.11-150600.5.28.1 * xorg-x11-server-extra-debuginfo-21.1.11-150600.5.28.1 * xorg-x11-server-21.1.11-150600.5.28.1 * xorg-x11-server-sdk-21.1.11-150600.5.28.1 * xorg-x11-server-Xvfb-21.1.11-150600.5.28.1 * xorg-x11-server-extra-21.1.11-150600.5.28.1 * xorg-x11-server-Xvfb-debuginfo-21.1.11-150600.5.28.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * xorg-x11-server-debugsource-21.1.11-150600.5.28.1 * xorg-x11-server-debuginfo-21.1.11-150600.5.28.1 * xorg-x11-server-21.1.11-150600.5.28.1 * xorg-x11-server-extra-debuginfo-21.1.11-150600.5.28.1 * xorg-x11-server-sdk-21.1.11-150600.5.28.1 * xorg-x11-server-Xvfb-21.1.11-150600.5.28.1 * xorg-x11-server-extra-21.1.11-150600.5.28.1 * xorg-x11-server-Xvfb-debuginfo-21.1.11-150600.5.28.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1266294 * https://bugzilla.suse.com/show_bug.cgi?id=1266295 * https://bugzilla.suse.com/show_bug.cgi?id=1266296 * https://bugzilla.suse.com/show_bug.cgi?id=1266297 * https://bugzilla.suse.com/show_bug.cgi?id=1266298 * https://bugzilla.suse.com/show_bug.cgi?id=1266299 * https://bugzilla.suse.com/show_bug.cgi?id=1266300 * https://bugzilla.suse.com/show_bug.cgi?id=1266301 * https://bugzilla.suse.com/show_bug.cgi?id=1266302 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 17:17:39 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 17:17:39 -0000 Subject: SUSE-SU-2026:2225-1: important: Security update for xorg-x11-server Message-ID: <178042065970.42.9798675917740509242@b0da085613fb> # Security update for xorg-x11-server Announcement ID: SUSE-SU-2026:2225-1 Release Date: 2026-06-02T08:42:21Z Rating: important References: * bsc#1266294 * bsc#1266295 * bsc#1266296 * bsc#1266297 * bsc#1266298 * bsc#1266299 * bsc#1266300 * bsc#1266301 * bsc#1266302 Affected Products: * Basesystem Module 15-SP7 * Development Tools Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that has nine security fixes can now be installed. ## Description: This update for xorg-x11-server fixes the following issues * CreateSaverWindow Use-After-Free Information Disclosure. (bsc#1266301) * DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write. (bsc#1266302) * Font Alias Stack-based Buffer Overflow. (bsc#1266294) * GLX ChangeDrawableAttributes Out-Of-Bounds Read/Write. (bsc#1266300) * XKB Key Types Stack-based Buffer Overflow. (bsc#1266296) * XKB SetMap Request Stack-based Buffer Overflow. (bsc#1266297) * XSYNC Use-After-Free in FreeCounter(). (bsc#1266298) * XSYNC Use-After-Free in miSyncDestroyFence(). (bsc#1266295) * XSYNC Use-After-Free in SyncChangeCounter(). (bsc#1266299) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2225=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2026-2225=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * xorg-x11-server-Xvfb-debuginfo-21.1.15-150700.5.19.1 * xorg-x11-server-debuginfo-21.1.15-150700.5.19.1 * xorg-x11-server-21.1.15-150700.5.19.1 * xorg-x11-server-debugsource-21.1.15-150700.5.19.1 * xorg-x11-server-extra-21.1.15-150700.5.19.1 * xorg-x11-server-extra-debuginfo-21.1.15-150700.5.19.1 * xorg-x11-server-Xvfb-21.1.15-150700.5.19.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * xorg-x11-server-debugsource-21.1.15-150700.5.19.1 * xorg-x11-server-debuginfo-21.1.15-150700.5.19.1 * xorg-x11-server-sdk-21.1.15-150700.5.19.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1266294 * https://bugzilla.suse.com/show_bug.cgi?id=1266295 * https://bugzilla.suse.com/show_bug.cgi?id=1266296 * https://bugzilla.suse.com/show_bug.cgi?id=1266297 * https://bugzilla.suse.com/show_bug.cgi?id=1266298 * https://bugzilla.suse.com/show_bug.cgi?id=1266299 * https://bugzilla.suse.com/show_bug.cgi?id=1266300 * https://bugzilla.suse.com/show_bug.cgi?id=1266301 * https://bugzilla.suse.com/show_bug.cgi?id=1266302 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 17:17:54 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 17:17:54 -0000 Subject: SUSE-SU-2026:2224-1: important: Security update for xorg-x11-server Message-ID: <178042067419.42.6565354911345885978@b0da085613fb> # Security update for xorg-x11-server Announcement ID: SUSE-SU-2026:2224-1 Release Date: 2026-06-02T08:41:58Z Rating: important References: * bsc#1266294 * bsc#1266295 * bsc#1266296 * bsc#1266297 * bsc#1266298 * bsc#1266299 * bsc#1266300 * bsc#1266301 * bsc#1266302 Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has nine security fixes can now be installed. ## Description: This update for xorg-x11-server fixes the following issues * CreateSaverWindow Use-After-Free Information Disclosure. (bsc#1266301) * DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write. (bsc#1266302) * Font Alias Stack-based Buffer Overflow. (bsc#1266294) * GLX ChangeDrawableAttributes Out-Of-Bounds Read/Write. (bsc#1266300) * XKB Key Types Stack-based Buffer Overflow. (bsc#1266296) * XKB SetMap Request Stack-based Buffer Overflow. (bsc#1266297) * XSYNC Use-After-Free in FreeCounter(). (bsc#1266298) * XSYNC Use-After-Free in miSyncDestroyFence(). (bsc#1266295) * XSYNC Use-After-Free in SyncChangeCounter(). (bsc#1266299) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2224=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2224=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2224=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2224=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2224=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * xorg-x11-server-extra-21.1.4-150500.7.49.1 * xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.49.1 * xorg-x11-server-21.1.4-150500.7.49.1 * xorg-x11-server-extra-debuginfo-21.1.4-150500.7.49.1 * xorg-x11-server-debuginfo-21.1.4-150500.7.49.1 * xorg-x11-server-sdk-21.1.4-150500.7.49.1 * xorg-x11-server-debugsource-21.1.4-150500.7.49.1 * xorg-x11-server-Xvfb-21.1.4-150500.7.49.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * xorg-x11-server-extra-21.1.4-150500.7.49.1 * xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.49.1 * xorg-x11-server-21.1.4-150500.7.49.1 * xorg-x11-server-debuginfo-21.1.4-150500.7.49.1 * xorg-x11-server-extra-debuginfo-21.1.4-150500.7.49.1 * xorg-x11-server-sdk-21.1.4-150500.7.49.1 * xorg-x11-server-debugsource-21.1.4-150500.7.49.1 * xorg-x11-server-Xvfb-21.1.4-150500.7.49.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * xorg-x11-server-extra-21.1.4-150500.7.49.1 * xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.49.1 * xorg-x11-server-source-21.1.4-150500.7.49.1 * xorg-x11-server-21.1.4-150500.7.49.1 * xorg-x11-server-debuginfo-21.1.4-150500.7.49.1 * xorg-x11-server-extra-debuginfo-21.1.4-150500.7.49.1 * xorg-x11-server-sdk-21.1.4-150500.7.49.1 * xorg-x11-server-debugsource-21.1.4-150500.7.49.1 * xorg-x11-server-Xvfb-21.1.4-150500.7.49.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * xorg-x11-server-extra-21.1.4-150500.7.49.1 * xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.49.1 * xorg-x11-server-21.1.4-150500.7.49.1 * xorg-x11-server-debuginfo-21.1.4-150500.7.49.1 * xorg-x11-server-extra-debuginfo-21.1.4-150500.7.49.1 * xorg-x11-server-sdk-21.1.4-150500.7.49.1 * xorg-x11-server-debugsource-21.1.4-150500.7.49.1 * xorg-x11-server-Xvfb-21.1.4-150500.7.49.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * xorg-x11-server-extra-21.1.4-150500.7.49.1 * xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.49.1 * xorg-x11-server-21.1.4-150500.7.49.1 * xorg-x11-server-debuginfo-21.1.4-150500.7.49.1 * xorg-x11-server-extra-debuginfo-21.1.4-150500.7.49.1 * xorg-x11-server-sdk-21.1.4-150500.7.49.1 * xorg-x11-server-debugsource-21.1.4-150500.7.49.1 * xorg-x11-server-Xvfb-21.1.4-150500.7.49.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1266294 * https://bugzilla.suse.com/show_bug.cgi?id=1266295 * https://bugzilla.suse.com/show_bug.cgi?id=1266296 * https://bugzilla.suse.com/show_bug.cgi?id=1266297 * https://bugzilla.suse.com/show_bug.cgi?id=1266298 * https://bugzilla.suse.com/show_bug.cgi?id=1266299 * https://bugzilla.suse.com/show_bug.cgi?id=1266300 * https://bugzilla.suse.com/show_bug.cgi?id=1266301 * https://bugzilla.suse.com/show_bug.cgi?id=1266302 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 17:18:12 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 17:18:12 -0000 Subject: SUSE-SU-2026:2223-1: important: Security update for xorg-x11-server Message-ID: <178042069207.42.3410113372303940556@b0da085613fb> # Security update for xorg-x11-server Announcement ID: SUSE-SU-2026:2223-1 Release Date: 2026-06-02T08:41:31Z Rating: important References: * bsc#1266294 * bsc#1266295 * bsc#1266296 * bsc#1266297 * bsc#1266298 * bsc#1266299 * bsc#1266300 * bsc#1266301 * bsc#1266302 Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that has nine security fixes can now be installed. ## Description: This update for xorg-x11-server fixes the following issues * CreateSaverWindow Use-After-Free Information Disclosure. (bsc#1266301) * DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write. (bsc#1266302) * Font Alias Stack-based Buffer Overflow. (bsc#1266294) * GLX ChangeDrawableAttributes Out-Of-Bounds Read/Write. (bsc#1266300) * XKB Key Types Stack-based Buffer Overflow. (bsc#1266296) * XKB SetMap Request Stack-based Buffer Overflow. (bsc#1266297) * XSYNC Use-After-Free in FreeCounter(). (bsc#1266298) * XSYNC Use-After-Free in miSyncDestroyFence(). (bsc#1266295) * XSYNC Use-After-Free in SyncChangeCounter(). (bsc#1266299) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2223=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2223=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2223=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2223=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2223=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * xorg-x11-server-extra-1.20.3-150400.38.71.1 * xorg-x11-server-1.20.3-150400.38.71.1 * xorg-x11-server-sdk-1.20.3-150400.38.71.1 * xorg-x11-server-source-1.20.3-150400.38.71.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.71.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.71.1 * xorg-x11-server-debugsource-1.20.3-150400.38.71.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * xorg-x11-server-extra-1.20.3-150400.38.71.1 * xorg-x11-server-1.20.3-150400.38.71.1 * xorg-x11-server-sdk-1.20.3-150400.38.71.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.71.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.71.1 * xorg-x11-server-debugsource-1.20.3-150400.38.71.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * xorg-x11-server-extra-1.20.3-150400.38.71.1 * xorg-x11-server-1.20.3-150400.38.71.1 * xorg-x11-server-sdk-1.20.3-150400.38.71.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.71.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.71.1 * xorg-x11-server-debugsource-1.20.3-150400.38.71.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * xorg-x11-server-extra-1.20.3-150400.38.71.1 * xorg-x11-server-1.20.3-150400.38.71.1 * xorg-x11-server-sdk-1.20.3-150400.38.71.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.71.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.71.1 * xorg-x11-server-debugsource-1.20.3-150400.38.71.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * xorg-x11-server-extra-1.20.3-150400.38.71.1 * xorg-x11-server-1.20.3-150400.38.71.1 * xorg-x11-server-sdk-1.20.3-150400.38.71.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.71.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.71.1 * xorg-x11-server-debugsource-1.20.3-150400.38.71.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1266294 * https://bugzilla.suse.com/show_bug.cgi?id=1266295 * https://bugzilla.suse.com/show_bug.cgi?id=1266296 * https://bugzilla.suse.com/show_bug.cgi?id=1266297 * https://bugzilla.suse.com/show_bug.cgi?id=1266298 * https://bugzilla.suse.com/show_bug.cgi?id=1266299 * https://bugzilla.suse.com/show_bug.cgi?id=1266300 * https://bugzilla.suse.com/show_bug.cgi?id=1266301 * https://bugzilla.suse.com/show_bug.cgi?id=1266302 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 17:18:25 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 17:18:25 -0000 Subject: SUSE-SU-2026:2222-1: critical: Security update for hplip Message-ID: <178042070552.42.6370316706590325780@b0da085613fb> # Security update for hplip Announcement ID: SUSE-SU-2026:2222-1 Release Date: 2026-06-02T08:40:55Z Rating: critical References: * bsc#1209401 * bsc#1234745 * bsc#1245358 * bsc#1250481 * bsc#1257529 * bsc#1266023 * bsc#1266024 * bsc#1266031 Cross-References: * CVE-2025-43023 * CVE-2026-8631 * CVE-2026-8632 CVSS scores: * CVE-2025-43023 ( SUSE ): 7.5 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-43023 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-43023 ( NVD ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-43023 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-8631 ( SUSE ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-8631 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-8631 ( NVD ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-8631 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-8632 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-8632 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-8632 ( NVD ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-8632 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities and has five security fixes can now be installed. ## Description: This update for hplip fixes the following issues Security issues: * CVE-2025-43023: weak code signing DSA key used to generate package signatures can lead to key spoofing and malicious software installation (bsc#1266031). * CVE-2026-8631: escalation of privileges and/or arbitrary code execution via an integer overflow in the hpcups processing path (bsc#1266023). * CVE-2026-8632: escalation of privileges and/or arbitrary code execution via operating system command injection (bsc#1266024). * Unauthenticated remote (LAN) denial-of-service in the SLP parser (ReDoS). (bsc#1245358) * URI parameter injection via unsanitized USB serial number. (bsc#1209401) Non security issues: * Can't set up fax for HP OfficeJet 3830 (bsc#1257529). * hplip requires foomatic-filters which does not exist in Leap 16 (bsc#1250481). * Update to HPLIP 3.26.4 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2222=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2222=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2222=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * hplip-debuginfo-3.26.4-150600.4.9.1 * hplip-debugsource-3.26.4-150600.4.9.1 * hplip-scan-utils-3.26.4-150600.4.9.1 * hplip-3.26.4-150600.4.9.1 * hplip-sane-debuginfo-3.26.4-150600.4.9.1 * hplip-udev-rules-3.26.4-150600.4.9.1 * hplip-sane-3.26.4-150600.4.9.1 * hplip-scan-utils-debuginfo-3.26.4-150600.4.9.1 * hplip-hpijs-debuginfo-3.26.4-150600.4.9.1 * hplip-devel-3.26.4-150600.4.9.1 * hplip-hpijs-3.26.4-150600.4.9.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * hplip-debuginfo-3.26.4-150600.4.9.1 * hplip-debugsource-3.26.4-150600.4.9.1 * hplip-3.26.4-150600.4.9.1 * hplip-sane-debuginfo-3.26.4-150600.4.9.1 * hplip-udev-rules-3.26.4-150600.4.9.1 * hplip-sane-3.26.4-150600.4.9.1 * hplip-hpijs-debuginfo-3.26.4-150600.4.9.1 * hplip-devel-3.26.4-150600.4.9.1 * hplip-hpijs-3.26.4-150600.4.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * hplip-debuginfo-3.26.4-150600.4.9.1 * hplip-debugsource-3.26.4-150600.4.9.1 * hplip-3.26.4-150600.4.9.1 * hplip-sane-debuginfo-3.26.4-150600.4.9.1 * hplip-udev-rules-3.26.4-150600.4.9.1 * hplip-sane-3.26.4-150600.4.9.1 * hplip-hpijs-debuginfo-3.26.4-150600.4.9.1 * hplip-devel-3.26.4-150600.4.9.1 * hplip-hpijs-3.26.4-150600.4.9.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43023.html * https://www.suse.com/security/cve/CVE-2026-8631.html * https://www.suse.com/security/cve/CVE-2026-8632.html * https://bugzilla.suse.com/show_bug.cgi?id=1209401 * https://bugzilla.suse.com/show_bug.cgi?id=1234745 * https://bugzilla.suse.com/show_bug.cgi?id=1245358 * https://bugzilla.suse.com/show_bug.cgi?id=1250481 * https://bugzilla.suse.com/show_bug.cgi?id=1257529 * https://bugzilla.suse.com/show_bug.cgi?id=1266023 * https://bugzilla.suse.com/show_bug.cgi?id=1266024 * https://bugzilla.suse.com/show_bug.cgi?id=1266031 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 2 17:18:39 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jun 2026 17:18:39 -0000 Subject: SUSE-SU-2026:2221-1: important: Security update for xorg-x11-server Message-ID: <178042071901.42.2378775478455485363@b0da085613fb> # Security update for xorg-x11-server Announcement ID: SUSE-SU-2026:2221-1 Release Date: 2026-06-02T08:40:04Z Rating: important References: * bsc#1266294 * bsc#1266295 * bsc#1266296 * bsc#1266297 * bsc#1266298 * bsc#1266299 * bsc#1266300 * bsc#1266301 * bsc#1266302 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that has nine security fixes can now be installed. ## Description: This update for xorg-x11-server fixes the following issues * CreateSaverWindow Use-After-Free Information Disclosure. (bsc#1266301) * DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write. (bsc#1266302) * Font Alias Stack-based Buffer Overflow. (bsc#1266294) * GLX ChangeDrawableAttributes Out-Of-Bounds Read/Write. (bsc#1266300) * XKB Key Types Stack-based Buffer Overflow. (bsc#1266296) * XKB SetMap Request Stack-based Buffer Overflow. (bsc#1266297) * XSYNC Use-After-Free in FreeCounter(). (bsc#1266298) * XSYNC Use-After-Free in miSyncDestroyFence(). (bsc#1266295) * XSYNC Use-After-Free in SyncChangeCounter(). (bsc#1266299) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-2221=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2221=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * xorg-x11-server-extra-debuginfo-1.19.6-10.102.1 * xorg-x11-server-debuginfo-1.19.6-10.102.1 * xorg-x11-server-debugsource-1.19.6-10.102.1 * xorg-x11-server-extra-1.19.6-10.102.1 * xorg-x11-server-1.19.6-10.102.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * xorg-x11-server-extra-debuginfo-1.19.6-10.102.1 * xorg-x11-server-debuginfo-1.19.6-10.102.1 * xorg-x11-server-debugsource-1.19.6-10.102.1 * xorg-x11-server-extra-1.19.6-10.102.1 * xorg-x11-server-1.19.6-10.102.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1266294 * https://bugzilla.suse.com/show_bug.cgi?id=1266295 * https://bugzilla.suse.com/show_bug.cgi?id=1266296 * https://bugzilla.suse.com/show_bug.cgi?id=1266297 * https://bugzilla.suse.com/show_bug.cgi?id=1266298 * https://bugzilla.suse.com/show_bug.cgi?id=1266299 * https://bugzilla.suse.com/show_bug.cgi?id=1266300 * https://bugzilla.suse.com/show_bug.cgi?id=1266301 * https://bugzilla.suse.com/show_bug.cgi?id=1266302 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:30:24 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:30:24 -0000 Subject: SUSE-SU-2026:21983-1: important: Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16) Message-ID: <178050422404.375.15459756537717723279@04080f4f8216> # Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21983-1 Release Date: 2026-06-02T11:43:50Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.5.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-870=1 ## Package List: * SUSE Linux Micro 6.2 (ppc64le s390x x86_64) * kernel-livepatch-6_12_0-160000_5-default-13-160000.4.3 * kernel-livepatch-SLE16_Update_0-debugsource-13-160000.4.3 * kernel-livepatch-6_12_0-160000_5-default-debuginfo-13-160000.4.3 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:30:34 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:30:34 -0000 Subject: SUSE-SU-2026:21982-1: important: Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16) Message-ID: <178050423451.375.7118541757315185808@04080f4f8216> # Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21982-1 Release Date: 2026-06-02T11:09:34Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.7.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-869=1 ## Package List: * SUSE Linux Micro 6.2 (ppc64le s390x x86_64) * kernel-livepatch-6_12_0-160000_7-default-debuginfo-9-160000.1.1 * kernel-livepatch-6_12_0-160000_7-default-9-160000.1.1 * kernel-livepatch-SLE16_Update_2-debugsource-9-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:30:43 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:30:43 -0000 Subject: SUSE-SU-2026:21981-1: important: Security update for ovmf Message-ID: <178050424345.375.5067246853833481700@04080f4f8216> # Security update for ovmf Announcement ID: SUSE-SU-2026:21981-1 Release Date: 2026-06-02T09:33:25Z Rating: important References: * bsc#1261469 * bsc#1261476 * bsc#1261477 * bsc#1261478 Cross-References: * CVE-2026-25833 * CVE-2026-25834 * CVE-2026-25835 * CVE-2026-34874 CVSS scores: * CVE-2026-25833 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-25833 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25833 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25834 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-25834 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-25834 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-25835 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-25835 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-25835 ( NVD ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-34874 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34874 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34874 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves four vulnerabilities can now be installed. ## Description: This update for ovmf fixes the following issues: * CVE-2026-25833: mbedtls: buffer overflow in the `x509_inet_pton_ipv6()` function (bsc#1261476). * CVE-2026-25834: mbedtls: client accepts signature algorithm chosen by server even if not advertised in client hello (bsc#1261477). * CVE-2026-25835: mbedtls: no pseudo-random number generator reseed when cloning an application (bsc#1261478). * CVE-2026-34874: mbedtls: NULL pointer dereference in distinguished name parsing (bsc#1261469). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-865=1 ## Package List: * SUSE Linux Micro 6.2 (noarch) * qemu-ovmf-x86_64-202502-160000.5.1 * qemu-uefi-aarch64-202502-160000.5.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25833.html * https://www.suse.com/security/cve/CVE-2026-25834.html * https://www.suse.com/security/cve/CVE-2026-25835.html * https://www.suse.com/security/cve/CVE-2026-34874.html * https://bugzilla.suse.com/show_bug.cgi?id=1261469 * https://bugzilla.suse.com/show_bug.cgi?id=1261476 * https://bugzilla.suse.com/show_bug.cgi?id=1261477 * https://bugzilla.suse.com/show_bug.cgi?id=1261478 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:30:57 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:30:57 -0000 Subject: SUSE-SU-2026:21980-1: important: Security update for rsync Message-ID: <178050425716.375.10539586380432408336@04080f4f8216> # Security update for rsync Announcement ID: SUSE-SU-2026:21980-1 Release Date: 2026-06-02T09:18:01Z Rating: important References: * bsc#1254441 * bsc#1262223 * bsc#1264511 * bsc#1264512 * bsc#1264513 * bsc#1264514 * bsc#1264515 * bsc#1265296 Cross-References: * CVE-2025-10158 * CVE-2026-29518 * CVE-2026-41035 * CVE-2026-43617 * CVE-2026-43618 * CVE-2026-43619 * CVE-2026-43620 * CVE-2026-45232 CVSS scores: * CVE-2025-10158 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2025-10158 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2026-29518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-29518 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-29518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-29518 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-41035 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-41035 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-41035 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-41035 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L * CVE-2026-43617 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-43617 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-43617 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-43617 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-43618 ( SUSE ): 6.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43618 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-43618 ( NVD ): 6.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-43618 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-43619 ( SUSE ): 7.2 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-43619 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-43619 ( NVD ): 7.2 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-43619 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-43620 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43620 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-43620 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-43620 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-43620 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-45232 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-45232 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2026-45232 ( NVD ): 2.1 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-45232 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-45232 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Micro 6.2 An update that solves eight vulnerabilities can now be installed. ## Description: This update for rsync fixes the following issues * CVE-2025-10158: Out of bounds array access via negative index (bsc#1254441). * CVE-2026-29518: Symlink-Race TOCTOU in Daemon (use chroot = no) (bsc#1264511). * CVE-2026-41035: count of entries mismatch can lead to a use-after-free (bsc#1262223). * CVE-2026-43617: Authorization Bypass via Hostname Resolution (bsc#1264515). * CVE-2026-43618: Integer Overflow Information Disclosure (bsc#1264512). * CVE-2026-43619: Symlink Race Condition via Path-Based Syscalls (bsc#1264514). * CVE-2026-43620: Out-of-Bounds Array Read via recv_files() (bsc#1264513). * CVE-2026-45232: Off-by-one stack OOB write in HTTP CONNECT proxy response parsing (bsc#1265296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-867=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * rsync-3.4.1-160000.4.1 * rsync-debugsource-3.4.1-160000.4.1 * rsync-debuginfo-3.4.1-160000.4.1 ## References: * https://www.suse.com/security/cve/CVE-2025-10158.html * https://www.suse.com/security/cve/CVE-2026-29518.html * https://www.suse.com/security/cve/CVE-2026-41035.html * https://www.suse.com/security/cve/CVE-2026-43617.html * https://www.suse.com/security/cve/CVE-2026-43618.html * https://www.suse.com/security/cve/CVE-2026-43619.html * https://www.suse.com/security/cve/CVE-2026-43620.html * https://www.suse.com/security/cve/CVE-2026-45232.html * https://bugzilla.suse.com/show_bug.cgi?id=1254441 * https://bugzilla.suse.com/show_bug.cgi?id=1262223 * https://bugzilla.suse.com/show_bug.cgi?id=1264511 * https://bugzilla.suse.com/show_bug.cgi?id=1264512 * https://bugzilla.suse.com/show_bug.cgi?id=1264513 * https://bugzilla.suse.com/show_bug.cgi?id=1264514 * https://bugzilla.suse.com/show_bug.cgi?id=1264515 * https://bugzilla.suse.com/show_bug.cgi?id=1265296 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:31:07 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:31:07 -0000 Subject: SUSE-SU-2026:21979-1: important: Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise 16) Message-ID: <178050426779.375.85603804778165639@04080f4f8216> # Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21979-1 Release Date: 2026-06-02T09:18:01Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.26.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-864=1 ## Package List: * SUSE Linux Micro 6.2 (x86_64) * kernel-livepatch-6_12_0-160000_26-rt-debuginfo-6-160000.1.1 * kernel-livepatch-6_12_0-160000_26-rt-6-160000.1.1 * kernel-livepatch-SLE16-RT_Update_5-debugsource-6-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:31:13 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:31:13 -0000 Subject: SUSE-SU-2026:21978-1: important: Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 16) Message-ID: <178050427379.375.1998093973221717260@04080f4f8216> # Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21978-1 Release Date: 2026-06-02T07:41:04Z Rating: important References: * bsc#1261630 * bsc#1261845 * bsc#1265384 Cross-References: * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-46333 CVSS scores: * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.31.1 fixes various security issues The following security issues were fixed: * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-862=1 ## Package List: * SUSE Linux Micro 6.2 (ppc64le s390x x86_64) * kernel-livepatch-6_12_0-160000_31-default-2-160000.1.1 * kernel-livepatch-SLE16_Update_10-debugsource-2-160000.1.1 * kernel-livepatch-6_12_0-160000_31-default-debuginfo-2-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:31:30 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:31:30 -0000 Subject: SUSE-SU-2026:21975-1: important: Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise 16) Message-ID: <178050429037.375.7586735976763240986@04080f4f8216> # Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21975-1 Release Date: 2026-06-02T07:22:26Z Rating: important References: * bsc#1261630 * bsc#1261845 Cross-References: * CVE-2026-23437 * CVE-2026-31406 CVSS scores: * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves two vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.32.1 fixes various security issues The following security issues were fixed: * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-858=1 ## Package List: * SUSE Linux Micro 6.2 (ppc64le s390x x86_64) * kernel-livepatch-SLE16_Update_11-debugsource-2-160000.1.1 * kernel-livepatch-6_12_0-160000_32-default-debuginfo-2-160000.1.1 * kernel-livepatch-6_12_0-160000_32-default-2-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:31:39 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:31:39 -0000 Subject: SUSE-SU-2026:21974-1: important: Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise 16) Message-ID: <178050429958.375.604377486489689240@04080f4f8216> # Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21974-1 Release Date: 2026-06-02T04:08:38Z Rating: important References: * bsc#1259798 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.27.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-857=1 ## Package List: * SUSE Linux Micro 6.2 (ppc64le s390x x86_64) * kernel-livepatch-SLE16_Update_6-debugsource-5-160000.1.1 * kernel-livepatch-6_12_0-160000_27-default-debuginfo-5-160000.1.1 * kernel-livepatch-6_12_0-160000_27-default-5-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:31:48 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:31:48 -0000 Subject: SUSE-SU-2026:21973-1: important: Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise 16) Message-ID: <178050430872.375.3651434585957329786@04080f4f8216> # Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21973-1 Release Date: 2026-06-02T03:39:39Z Rating: important References: * bsc#1261630 * bsc#1261845 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.29.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-856=1 ## Package List: * SUSE Linux Micro 6.2 (ppc64le s390x x86_64) * kernel-livepatch-SLE16_Update_8-debugsource-3-160000.1.1 * kernel-livepatch-6_12_0-160000_29-default-debuginfo-3-160000.1.1 * kernel-livepatch-6_12_0-160000_29-default-3-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:32:02 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:32:02 -0000 Subject: SUSE-SU-2026:21972-1: important: Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 16) Message-ID: <178050432293.375.12097463795211536048@04080f4f8216> # Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21972-1 Release Date: 2026-06-01T23:41:15Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.9.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-854=1 ## Package List: * SUSE Linux Micro 6.2 (ppc64le s390x x86_64) * kernel-livepatch-6_12_0-160000_9-default-7-160000.1.1 * kernel-livepatch-SLE16_Update_4-debugsource-7-160000.1.1 * kernel-livepatch-6_12_0-160000_9-default-debuginfo-7-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:32:09 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:32:09 -0000 Subject: SUSE-SU-2026:21971-1: important: Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 16) Message-ID: <178050432948.375.17044636484631505278@04080f4f8216> # Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21971-1 Release Date: 2026-06-01T23:39:59Z Rating: important References: * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.28.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-855=1 ## Package List: * SUSE Linux Micro 6.2 (ppc64le s390x x86_64) * kernel-livepatch-6_12_0-160000_28-default-4-160000.1.1 * kernel-livepatch-SLE16_Update_7-debugsource-4-160000.1.1 * kernel-livepatch-6_12_0-160000_28-default-debuginfo-4-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:32:20 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:32:20 -0000 Subject: SUSE-SU-2026:21970-1: important: Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16) Message-ID: <178050434003.375.8519666761016263187@04080f4f8216> # Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21970-1 Release Date: 2026-06-01T20:59:02Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.6.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-853=1 ## Package List: * SUSE Linux Micro 6.2 (ppc64le s390x x86_64) * kernel-livepatch-SLE16_Update_1-debugsource-11-160000.1.1 * kernel-livepatch-6_12_0-160000_6-default-11-160000.1.1 * kernel-livepatch-6_12_0-160000_6-default-debuginfo-11-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:32:30 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:32:30 -0000 Subject: SUSE-SU-2026:21969-1: important: Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 16) Message-ID: <178050435051.375.7064380980194969287@04080f4f8216> # Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21969-1 Release Date: 2026-06-01T20:10:13Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.8.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-852=1 ## Package List: * SUSE Linux Micro 6.2 (ppc64le s390x x86_64) * kernel-livepatch-6_12_0-160000_8-default-8-160000.1.1 * kernel-livepatch-6_12_0-160000_8-default-debuginfo-8-160000.1.1 * kernel-livepatch-SLE16_Update_3-debugsource-8-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:32:39 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:32:39 -0000 Subject: SUSE-SU-2026:21968-1: important: Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise 16) Message-ID: <178050435929.375.9801086625759334281@04080f4f8216> # Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21968-1 Release Date: 2026-06-01T16:45:52Z Rating: important References: * bsc#1261630 * bsc#1261845 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.30.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-849=1 ## Package List: * SUSE Linux Micro 6.2 (ppc64le s390x x86_64) * kernel-livepatch-6_12_0-160000_30-default-2-160000.1.1 * kernel-livepatch-6_12_0-160000_30-default-debuginfo-2-160000.1.1 * kernel-livepatch-SLE16_Update_9-debugsource-2-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:32:51 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:32:51 -0000 Subject: SUSE-SU-2026:21964-1: important: Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise 16) Message-ID: <178050437131.375.10059789747413072484@04080f4f8216> # Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21964-1 Release Date: 2026-06-01T11:24:31Z Rating: important References: * bsc#1261630 * bsc#1261845 Cross-References: * CVE-2026-23437 * CVE-2026-31406 CVSS scores: * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves two vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.32.1 fixes various security issues The following security issues were fixed: * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-843=1 ## Package List: * SUSE Linux Micro 6.2 (x86_64) * kernel-livepatch-SLE16-RT_Update_11-debugsource-2-160000.1.1 * kernel-livepatch-6_12_0-160000_32-rt-2-160000.1.1 * kernel-livepatch-6_12_0-160000_32-rt-debuginfo-2-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:33:03 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:33:03 -0000 Subject: SUSE-SU-2026:21963-1: important: Security update for the Linux Kernel RT (Live Patch 4 for SUSE Linux Enterprise 16) Message-ID: <178050438347.375.5222362558324726186@04080f4f8216> # Security update for the Linux Kernel RT (Live Patch 4 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21963-1 Release Date: 2026-06-01T11:07:23Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.9.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-842=1 ## Package List: * SUSE Linux Micro 6.2 (x86_64) * kernel-livepatch-6_12_0-160000_9-rt-7-160000.1.1 * kernel-livepatch-6_12_0-160000_9-rt-debuginfo-7-160000.1.1 * kernel-livepatch-SLE16-RT_Update_4-debugsource-7-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:33:13 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:33:13 -0000 Subject: SUSE-SU-2026:21962-1: important: Security update for the Linux Kernel RT (Live Patch 0 for SUSE Linux Enterprise 16) Message-ID: <178050439380.375.16811589945903497943@04080f4f8216> # Security update for the Linux Kernel RT (Live Patch 0 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21962-1 Release Date: 2026-06-01T09:46:34Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.5.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-841=1 ## Package List: * SUSE Linux Micro 6.2 (x86_64) * kernel-livepatch-SLE16-RT_Update_0-debugsource-11-160000.3.4 * kernel-livepatch-6_12_0-160000_5-rt-debuginfo-11-160000.3.4 * kernel-livepatch-6_12_0-160000_5-rt-11-160000.3.4 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:33:22 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:33:22 -0000 Subject: SUSE-SU-2026:21961-1: important: Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise 16) Message-ID: <178050440279.375.14278173801940212929@04080f4f8216> # Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21961-1 Release Date: 2026-06-01T08:22:30Z Rating: important References: * bsc#1261630 * bsc#1261845 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.30.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-840=1 ## Package List: * SUSE Linux Micro 6.2 (x86_64) * kernel-livepatch-SLE16-RT_Update_9-debugsource-2-160000.1.1 * kernel-livepatch-6_12_0-160000_30-rt-debuginfo-2-160000.1.1 * kernel-livepatch-6_12_0-160000_30-rt-2-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:33:33 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:33:33 -0000 Subject: SUSE-SU-2026:21960-1: important: Security update for the Linux Kernel RT (Live Patch 1 for SUSE Linux Enterprise 16) Message-ID: <178050441327.375.9272292215628323873@04080f4f8216> # Security update for the Linux Kernel RT (Live Patch 1 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21960-1 Release Date: 2026-06-01T08:22:30Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.6.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-839=1 ## Package List: * SUSE Linux Micro 6.2 (x86_64) * kernel-livepatch-SLE16-RT_Update_1-debugsource-10-160000.1.1 * kernel-livepatch-6_12_0-160000_6-rt-10-160000.1.1 * kernel-livepatch-6_12_0-160000_6-rt-debuginfo-10-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:33:47 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:33:47 -0000 Subject: SUSE-SU-2026:21959-1: important: Security update for the Linux Kernel RT (Live Patch 2 for SUSE Linux Enterprise 16) Message-ID: <178050442779.375.5120052216558779257@04080f4f8216> # Security update for the Linux Kernel RT (Live Patch 2 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21959-1 Release Date: 2026-06-01T08:22:30Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.7.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-838=1 ## Package List: * SUSE Linux Micro 6.2 (x86_64) * kernel-livepatch-6_12_0-160000_7-rt-8-160000.1.1 * kernel-livepatch-SLE16-RT_Update_2-debugsource-8-160000.1.1 * kernel-livepatch-6_12_0-160000_7-rt-debuginfo-8-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:33:58 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:33:58 -0000 Subject: SUSE-SU-2026:21958-1: important: Security update for the Linux Kernel RT (Live Patch 3 for SUSE Linux Enterprise 16) Message-ID: <178050443855.375.4139739648045645941@04080f4f8216> # Security update for the Linux Kernel RT (Live Patch 3 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21958-1 Release Date: 2026-06-01T08:22:30Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.8.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-837=1 ## Package List: * SUSE Linux Micro 6.2 (x86_64) * kernel-livepatch-SLE16-RT_Update_3-debugsource-7-160000.1.1 * kernel-livepatch-6_12_0-160000_8-rt-7-160000.1.1 * kernel-livepatch-6_12_0-160000_8-rt-debuginfo-7-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:34:13 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:34:13 -0000 Subject: SUSE-SU-2026:21957-1: important: Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise 16) Message-ID: <178050445356.375.8805578613014324870@04080f4f8216> # Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21957-1 Release Date: 2026-06-01T08:22:30Z Rating: important References: * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.28.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-836=1 ## Package List: * SUSE Linux Micro 6.2 (x86_64) * kernel-livepatch-6_12_0-160000_28-rt-debuginfo-4-160000.1.1 * kernel-livepatch-SLE16-RT_Update_7-debugsource-4-160000.1.1 * kernel-livepatch-6_12_0-160000_28-rt-4-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:34:28 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:34:28 -0000 Subject: SUSE-SU-2026:21956-1: important: Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise 16) Message-ID: <178050446893.375.10457902030465572236@04080f4f8216> # Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21956-1 Release Date: 2026-06-01T08:22:30Z Rating: important References: * bsc#1259798 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.27.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-835=1 ## Package List: * SUSE Linux Micro 6.2 (x86_64) * kernel-livepatch-6_12_0-160000_27-rt-5-160000.1.1 * kernel-livepatch-SLE16-RT_Update_6-debugsource-5-160000.1.1 * kernel-livepatch-6_12_0-160000_27-rt-debuginfo-5-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:34:31 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:34:31 -0000 Subject: SUSE-SU-2026:21955-1: important: Security update for python-urllib3 Message-ID: <178050447189.375.2069374570245430890@04080f4f8216> # Security update for python-urllib3 Announcement ID: SUSE-SU-2026:21955-1 Release Date: 2026-06-01T08:22:30Z Rating: important References: * bsc#1265267 Cross-References: * CVE-2026-44431 CVSS scores: * CVE-2026-44431 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-44431 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-44431 ( NVD ): 8.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-44431 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves one vulnerability can now be installed. ## Description: This update for python-urllib3 fixes the following issue * CVE-2026-44431: sensitive information disclosure due to sensitive headers being forwarded across origins in proxied low-level redirects (bsc#1265267). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-832=1 ## Package List: * SUSE Linux Micro 6.2 (noarch) * python313-urllib3-2.5.0-160000.6.1 ## References: * https://www.suse.com/security/cve/CVE-2026-44431.html * https://bugzilla.suse.com/show_bug.cgi?id=1265267 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:34:44 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:34:44 -0000 Subject: SUSE-SU-2026:21954-1: important: Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise 16) Message-ID: <178050448479.375.17373382335193133256@04080f4f8216> # Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21954-1 Release Date: 2026-06-01T07:59:43Z Rating: important References: * bsc#1261630 * bsc#1261845 * bsc#1265384 Cross-References: * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-46333 CVSS scores: * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.31.1 fixes various security issues The following security issues were fixed: * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-831=1 ## Package List: * SUSE Linux Micro 6.2 (x86_64) * kernel-livepatch-6_12_0-160000_31-rt-2-160000.1.1 * kernel-livepatch-SLE16-RT_Update_10-debugsource-2-160000.1.1 * kernel-livepatch-6_12_0-160000_31-rt-debuginfo-2-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:34:56 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:34:56 -0000 Subject: SUSE-SU-2026:21953-1: important: Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise 16) Message-ID: <178050449619.375.2838768095495324857@04080f4f8216> # Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21953-1 Release Date: 2026-06-01T07:59:43Z Rating: important References: * bsc#1261630 * bsc#1261845 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.29.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-830=1 ## Package List: * SUSE Linux Micro 6.2 (x86_64) * kernel-livepatch-6_12_0-160000_29-rt-debuginfo-3-160000.1.1 * kernel-livepatch-SLE16-RT_Update_8-debugsource-3-160000.1.1 * kernel-livepatch-6_12_0-160000_29-rt-3-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:35:03 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:35:03 -0000 Subject: SUSE-SU-2026:21952-1: important: Security update for helm Message-ID: <178050450330.375.4295718094639922228@04080f4f8216> # Security update for helm Announcement ID: SUSE-SU-2026:21952-1 Release Date: 2026-05-30T08:13:57Z Rating: important References: * bsc#1265428 * bsc#1265758 * jsc#PED-15794 Cross-References: * CVE-2026-33814 * CVE-2026-41888 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-41888 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-41888 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-41888 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-41888 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L Affected Products: * SUSE Linux Micro 6.2 An update that solves two vulnerabilities and contains one feature can now be installed. ## Description: This update for helm fixes the following issues Security issues: * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265758). * CVE-2026-41888: github.com/distribution/distribution/v3: tag deletion bypasses the storage.delete.enabled configuration (bsc#1265428). Non security issue: * Update to version 3.21.0. * Fix packages for %suse_version bump (jsc#PED-15794) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-829=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * helm-debuginfo-3.21.0-160000.1.1 * helm-3.21.0-160000.1.1 * SUSE Linux Micro 6.2 (noarch) * helm-bash-completion-3.21.0-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://www.suse.com/security/cve/CVE-2026-41888.html * https://bugzilla.suse.com/show_bug.cgi?id=1265428 * https://bugzilla.suse.com/show_bug.cgi?id=1265758 * https://jira.suse.com/browse/PED-15794 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:35:09 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:35:09 -0000 Subject: SUSE-SU-2026:21951-1: important: Security update for libsoup Message-ID: <178050450995.375.15453618971043547250@04080f4f8216> # Security update for libsoup Announcement ID: SUSE-SU-2026:21951-1 Release Date: 2026-05-29T13:40:32Z Rating: important References: * bsc#1259767 Cross-References: * CVE-2026-4271 CVSS scores: * CVE-2026-4271 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-4271 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-4271 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-4271 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves one vulnerability can now be installed. ## Description: This update for libsoup fixes the following issue * CVE-2026-4271: use-after-free in the HTTP/2 server when user signal handlers disconnect connections during callback execution (bsc#1259767). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-826=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * libsoup-debugsource-3.6.6-160000.2.1 * libsoup-3_0-0-3.6.6-160000.2.1 * libsoup-3_0-0-debuginfo-3.6.6-160000.2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-4271.html * https://bugzilla.suse.com/show_bug.cgi?id=1259767 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 16:41:28 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 16:41:28 -0000 Subject: SUSE-SU-2026:2238-1: important: Security update for the Linux Kernel Message-ID: <178050488880.375.7405527163774592285@04080f4f8216> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:2238-1 Release Date: 2026-06-03T11:35:27Z Rating: important References: * bsc#1215199 * bsc#1225897 * bsc#1234634 * bsc#1237452 * bsc#1241166 * bsc#1243603 * bsc#1248754 * bsc#1249104 * bsc#1253122 * bsc#1253754 * bsc#1254518 * bsc#1255160 * bsc#1255752 * bsc#1256863 * bsc#1257183 * bsc#1257631 * bsc#1258518 * bsc#1258718 * bsc#1258826 * bsc#1258849 * bsc#1258850 * bsc#1258854 * bsc#1258855 * bsc#1258856 * bsc#1258857 * bsc#1258961 * bsc#1259186 * bsc#1259199 * bsc#1259222 * bsc#1259461 * bsc#1259484 * bsc#1259485 * bsc#1259535 * bsc#1259672 * bsc#1259799 * bsc#1259806 * bsc#1259857 * bsc#1259868 * bsc#1259869 * bsc#1259870 * bsc#1259871 * bsc#1259873 * bsc#1259878 * bsc#1259995 * bsc#1260010 * bsc#1260012 * bsc#1260018 * bsc#1260428 * bsc#1260468 * bsc#1260483 * bsc#1260484 * bsc#1260485 * bsc#1260489 * bsc#1260497 * bsc#1260501 * bsc#1260504 * bsc#1260505 * bsc#1260507 * bsc#1260522 * bsc#1260523 * bsc#1260526 * bsc#1260527 * bsc#1260528 * bsc#1260529 * bsc#1260530 * bsc#1260531 * bsc#1260532 * bsc#1260533 * bsc#1260536 * bsc#1260537 * bsc#1260538 * bsc#1260541 * bsc#1260544 * bsc#1260546 * bsc#1260549 * bsc#1260550 * bsc#1260551 * bsc#1260552 * bsc#1260553 * bsc#1260555 * bsc#1260561 * bsc#1260566 * bsc#1260572 * bsc#1260580 * bsc#1260581 * bsc#1260728 * bsc#1260729 * bsc#1260731 * bsc#1260800 * bsc#1260801 * bsc#1260811 * bsc#1260989 * bsc#1261020 * bsc#1261287 * bsc#1261295 * bsc#1261348 * bsc#1261412 * bsc#1261503 * bsc#1261504 * bsc#1261505 * bsc#1261507 * bsc#1261555 * bsc#1261581 * bsc#1261582 * bsc#1261584 * bsc#1261585 * bsc#1261601 * bsc#1261602 * bsc#1261618 * bsc#1261628 * bsc#1261632 * bsc#1261636 * bsc#1261637 * bsc#1261638 * bsc#1261641 * bsc#1261644 * bsc#1261645 * bsc#1261648 * bsc#1261669 * bsc#1261679 * bsc#1261685 * bsc#1261686 * bsc#1261687 * bsc#1261692 * bsc#1261694 * bsc#1261700 * bsc#1261702 * bsc#1261703 * bsc#1261707 * bsc#1261710 * bsc#1261713 * bsc#1261714 * bsc#1261719 * bsc#1261738 * bsc#1261750 * bsc#1261751 * bsc#1261752 * bsc#1261768 * bsc#1261778 * bsc#1261779 * bsc#1261780 * bsc#1261781 * bsc#1261786 * bsc#1261788 * bsc#1261789 * bsc#1261796 * bsc#1261797 * bsc#1261896 * bsc#1262019 * bsc#1262020 * bsc#1262053 * bsc#1262054 * bsc#1262055 * bsc#1262061 * bsc#1262063 * bsc#1262074 * bsc#1262078 * bsc#1262086 * bsc#1262087 * bsc#1262099 * bsc#1262100 * bsc#1262101 * bsc#1262179 * bsc#1262181 * bsc#1262250 * bsc#1262480 * bsc#1262526 * bsc#1262599 * bsc#1262602 * bsc#1262616 * bsc#1262665 * bsc#1262671 * bsc#1262673 * bsc#1262709 * bsc#1262725 * bsc#1262731 * bsc#1262734 * bsc#1262746 * bsc#1262752 * bsc#1262758 * bsc#1263001 * bsc#1263012 * bsc#1263018 * bsc#1263064 * bsc#1263065 * bsc#1263085 * bsc#1263093 * bsc#1263095 * bsc#1263104 * bsc#1263131 * bsc#1263140 * bsc#1263141 * bsc#1263149 * bsc#1263165 * bsc#1263170 * bsc#1263176 * bsc#1263255 * bsc#1263556 * bsc#1263582 * bsc#1263592 * bsc#1263593 * bsc#1263595 * bsc#1263596 * bsc#1263600 * bsc#1263668 * bsc#1263723 * bsc#1263797 * bsc#1263815 * bsc#1263877 * bsc#1263882 * bsc#1263901 * bsc#1263931 * bsc#1263933 * bsc#1263995 * bsc#1264013 * bsc#1264014 * bsc#1264059 * bsc#1264082 * bsc#1264087 * bsc#1264097 * bsc#1264183 * bsc#1264427 * bsc#1264449 * bsc#1264469 * bsc#1264482 * bsc#1264634 * bsc#1264651 * bsc#1264661 * bsc#1264674 * bsc#1264801 * bsc#1264848 * bsc#1265085 * bsc#1265090 * bsc#1265116 * bsc#1265119 * bsc#1265126 * bsc#1265144 * bsc#1265209 * bsc#1265421 * bsc#1265449 * bsc#1265456 * bsc#1265626 * bsc#1265846 * bsc#1265960 * jsc#PED-10383 * jsc#PED-10664 * jsc#PED-11175 * jsc#PED-16221 * jsc#PED-16245 * jsc#PED-7249 Cross-References: * CVE-2023-20585 * CVE-2025-40219 * CVE-2025-54518 * CVE-2025-68310 * CVE-2025-71183 * CVE-2025-71238 * CVE-2026-23168 * CVE-2026-23209 * CVE-2026-23236 * CVE-2026-23237 * CVE-2026-23239 * CVE-2026-23240 * CVE-2026-23245 * CVE-2026-23246 * CVE-2026-23253 * CVE-2026-23260 * CVE-2026-23261 * CVE-2026-23262 * CVE-2026-23264 * CVE-2026-23266 * CVE-2026-23268 * CVE-2026-23269 * CVE-2026-23271 * CVE-2026-23273 * CVE-2026-23276 * CVE-2026-23279 * CVE-2026-23290 * CVE-2026-23291 * CVE-2026-23298 * CVE-2026-23300 * CVE-2026-23304 * CVE-2026-23306 * CVE-2026-23307 * CVE-2026-23308 * CVE-2026-23312 * CVE-2026-23313 * CVE-2026-23315 * CVE-2026-23318 * CVE-2026-23321 * CVE-2026-23324 * CVE-2026-23325 * CVE-2026-23335 * CVE-2026-23336 * CVE-2026-23339 * CVE-2026-23340 * CVE-2026-23343 * CVE-2026-23346 * CVE-2026-23351 * CVE-2026-23354 * CVE-2026-23357 * CVE-2026-23362 * CVE-2026-23363 * CVE-2026-23365 * CVE-2026-23367 * CVE-2026-23368 * CVE-2026-23370 * CVE-2026-23372 * CVE-2026-23373 * CVE-2026-23374 * CVE-2026-23378 * CVE-2026-23382 * CVE-2026-23383 * CVE-2026-23391 * CVE-2026-23392 * CVE-2026-23393 * CVE-2026-23395 * CVE-2026-23396 * CVE-2026-23397 * CVE-2026-23399 * CVE-2026-23403 * CVE-2026-23404 * CVE-2026-23405 * CVE-2026-23406 * CVE-2026-23407 * CVE-2026-23408 * CVE-2026-23409 * CVE-2026-23410 * CVE-2026-23411 * CVE-2026-23412 * CVE-2026-23418 * CVE-2026-23419 * CVE-2026-23420 * CVE-2026-23426 * CVE-2026-23434 * CVE-2026-23440 * CVE-2026-23441 * CVE-2026-23442 * CVE-2026-23443 * CVE-2026-23445 * CVE-2026-23446 * CVE-2026-23447 * CVE-2026-23448 * CVE-2026-23449 * CVE-2026-23450 * CVE-2026-23452 * CVE-2026-23454 * CVE-2026-23455 * CVE-2026-23456 * CVE-2026-23457 * CVE-2026-23458 * CVE-2026-23460 * CVE-2026-23461 * CVE-2026-23462 * CVE-2026-23463 * CVE-2026-23465 * CVE-2026-23466 * CVE-2026-23468 * CVE-2026-23470 * CVE-2026-23472 * CVE-2026-23473 * CVE-2026-23474 * CVE-2026-23475 * CVE-2026-31389 * CVE-2026-31392 * CVE-2026-31393 * CVE-2026-31394 * CVE-2026-31395 * CVE-2026-31400 * CVE-2026-31402 * CVE-2026-31403 * CVE-2026-31404 * CVE-2026-31405 * CVE-2026-31407 * CVE-2026-31408 * CVE-2026-31411 * CVE-2026-31412 * CVE-2026-31415 * CVE-2026-31416 * CVE-2026-31417 * CVE-2026-31420 * CVE-2026-31421 * CVE-2026-31422 * CVE-2026-31423 * CVE-2026-31424 * CVE-2026-31425 * CVE-2026-31426 * CVE-2026-31427 * CVE-2026-31428 * CVE-2026-31436 * CVE-2026-31449 * CVE-2026-31470 * CVE-2026-31488 * CVE-2026-31494 * CVE-2026-31496 * CVE-2026-31504 * CVE-2026-31505 * CVE-2026-31507 * CVE-2026-31512 * CVE-2026-31515 * CVE-2026-31519 * CVE-2026-31525 * CVE-2026-31528 * CVE-2026-31533 * CVE-2026-31547 * CVE-2026-31550 * CVE-2026-31565 * CVE-2026-31570 * CVE-2026-31586 * CVE-2026-31588 * CVE-2026-31602 * CVE-2026-31607 * CVE-2026-31622 * CVE-2026-31649 * CVE-2026-31656 * CVE-2026-31662 * CVE-2026-31668 * CVE-2026-31669 * CVE-2026-31675 * CVE-2026-31679 * CVE-2026-31681 * CVE-2026-31682 * CVE-2026-31684 * CVE-2026-31685 * CVE-2026-31694 * CVE-2026-31700 * CVE-2026-31738 * CVE-2026-31787 * CVE-2026-43009 * CVE-2026-43025 * CVE-2026-43027 * CVE-2026-43037 * CVE-2026-43038 * CVE-2026-43044 * CVE-2026-43050 * CVE-2026-43060 * CVE-2026-43088 * CVE-2026-43110 * CVE-2026-43120 * CVE-2026-43126 * CVE-2026-43190 * CVE-2026-43214 * CVE-2026-43265 * CVE-2026-43329 * CVE-2026-43330 * CVE-2026-43334 * CVE-2026-43365 * CVE-2026-43366 * CVE-2026-43419 * CVE-2026-43437 * CVE-2026-43441 * CVE-2026-43494 * CVE-2026-43503 * CVE-2026-46300 CVSS scores: * CVE-2023-20585 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2023-20585 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2023-20585 ( NVD ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-40219 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40219 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-68310 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68310 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-71183 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71183 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71238 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-71238 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-71238 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23168 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23168 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23168 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23209 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23209 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23236 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23236 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23236 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23236 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2026-23237 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23237 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23239 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23239 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23240 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23240 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23245 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23245 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23245 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23246 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23253 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23253 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23260 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23260 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23260 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23261 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23261 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23262 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23262 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23264 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23264 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23266 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23266 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23266 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23268 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23268 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23269 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23269 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23269 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23271 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23271 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23273 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23273 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23276 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23276 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23279 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23279 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23279 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23290 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23290 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23290 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23291 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23291 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23298 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23298 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23298 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23300 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23300 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23300 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23304 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23304 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23304 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23306 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23306 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H * CVE-2026-23306 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23307 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23308 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23308 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23312 ( SUSE ): 5.1 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23312 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23312 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23313 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23315 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23315 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23318 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23318 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23321 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23321 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23321 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23324 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23324 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23324 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23325 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23325 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23335 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23335 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-23335 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23336 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23336 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23339 ( SUSE ): 2.3 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23339 ( SUSE ): 3.1 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23339 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23340 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23340 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23340 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23343 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23343 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23343 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23346 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23346 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23346 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23351 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23354 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23354 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-23354 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23357 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23357 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23357 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23362 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23363 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23365 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23365 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23365 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23367 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-23367 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-23367 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23368 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23368 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23368 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23370 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23370 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23372 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23372 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23373 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23373 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23374 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23374 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23374 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23378 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23378 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23378 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23378 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23382 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23382 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23382 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23383 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23383 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23391 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23391 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23392 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23392 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23393 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23395 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23395 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23395 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23395 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23396 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23396 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23396 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23397 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23397 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23397 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23399 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23399 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23399 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23403 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23403 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23404 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23404 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23405 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23406 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23406 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23407 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23407 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23407 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23408 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23408 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23409 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23409 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23410 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23410 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23410 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23411 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23412 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23412 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23412 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23412 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23418 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23418 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23418 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23419 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23419 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23419 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23419 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23420 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23426 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23426 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23426 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23434 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23434 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23434 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23434 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23440 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23440 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23440 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23440 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23441 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23441 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23442 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23442 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23442 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23443 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23443 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23443 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23445 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23445 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23445 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23445 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23446 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23446 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23446 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23447 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23447 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23448 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23448 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23448 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23450 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23450 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23452 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23452 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23452 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23454 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23454 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23454 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23455 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23455 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23455 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23456 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23456 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-23456 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-23457 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23457 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23457 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23458 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23458 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23458 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23460 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23460 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23460 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23461 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23461 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23461 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23462 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23462 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23463 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23463 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2026-23463 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23465 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2026-23465 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2026-23465 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23466 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23466 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23466 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23468 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23470 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23470 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23472 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23472 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23472 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23473 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23473 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23474 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23474 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23474 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23475 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23475 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23475 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31389 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31389 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31389 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31392 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31392 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L * CVE-2026-31392 ( NVD ): 8.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L * CVE-2026-31393 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31393 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31393 ( NVD ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31394 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31394 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31394 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31395 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31395 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31395 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31400 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31400 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31400 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31402 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31402 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-31402 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31403 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31403 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31404 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31404 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31404 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31405 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31405 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31407 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31407 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31407 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31408 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31408 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31408 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31411 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31411 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31411 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31412 ( SUSE ): 7.0 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31412 ( SUSE ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31412 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31415 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31415 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31415 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31416 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31416 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-31416 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31417 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31417 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31417 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31420 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31421 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31421 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31421 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31422 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31422 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31422 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31423 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31423 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31423 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31424 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31424 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31424 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31425 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31425 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31426 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31426 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-31426 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31427 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-31427 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2026-31427 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31428 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31428 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31428 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31436 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31436 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31436 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31449 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31449 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-31470 ( SUSE ): 6.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31470 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31470 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31488 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31488 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31488 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31494 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-31494 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2026-31494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31496 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31496 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31496 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31504 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31504 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31504 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31505 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31507 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31507 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31512 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31512 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-31512 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31515 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31515 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31515 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31519 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31519 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31525 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31525 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31525 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31528 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31528 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31528 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31533 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31547 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31547 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31547 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31550 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31550 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31550 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31565 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31565 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31565 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31570 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:N/SA:N * CVE-2026-31570 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31586 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31588 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31588 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-31602 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31602 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31602 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31607 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31607 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2026-31607 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31622 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31622 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31622 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31649 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31649 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31656 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31656 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31662 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31662 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31662 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31668 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-31668 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2026-31668 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31669 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31669 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31675 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31675 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2026-31675 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31679 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31679 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31679 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31681 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31681 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31681 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31682 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31682 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-31682 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31684 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31684 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-31684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31685 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31685 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31685 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31694 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31694 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31694 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31700 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31700 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31738 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31738 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31787 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43009 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-43027 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43027 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43038 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43038 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43044 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43044 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43044 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43050 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43050 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43060 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43060 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43088 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-43088 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-43110 ( SUSE ): 7.7 CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43110 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43110 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43120 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43126 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43190 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43190 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43190 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43214 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43214 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43214 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43265 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43265 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43265 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43329 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43329 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43329 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43330 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43330 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43330 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43334 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-43334 ( SUSE ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-43334 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43365 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43365 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43365 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43366 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43366 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43366 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43419 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-43419 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-43437 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43437 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43441 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43441 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43494 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43494 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43503 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43503 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43503 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP7 * Development Tools Module 15-SP7 * Legacy Module 15-SP7 * Public Cloud Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Availability Extension 15 SP7 * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Linux Enterprise Workstation Extension 15 SP7 An update that solves 203 vulnerabilities, contains six features and has 41 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1 (bsc#1243603). * CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache (bsc#1264013). * CVE-2025-68310: s390/pci: Use pci_uevent_ers() in PCI recovery (bsc#1255160). * CVE-2025-71183: btrfs: always detect conflicting inodes when logging inode refs (bsc#1257631). * CVE-2026-23168: flex_proportions: make fprop_new_period() hardirq safe (bsc#1258826). * CVE-2026-23239: espintcp: Fix race condition in espintcp_close() (bsc#1259485). * CVE-2026-23240: tls: Fix race condition in tls_sw_cancel_work_tx() (bsc#1259484). * CVE-2026-23245: net/sched: act_gate: snapshot parameters with RCU on replace (bsc#1259799). * CVE-2026-23262: gve: Fix stats report corruption on queue count change (bsc#1259870). * CVE-2026-23271: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race (bsc#1260018). * CVE-2026-23276: net: move dev_xmit_recursion() helpers to net/core/dev.h (bsc#1260012). * CVE-2026-23300: net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop (bsc#1260538). * CVE-2026-23304: ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu() (bsc#1260544). * CVE-2026-23306: scsi: pm8001: Fix use-after-free in pm8001_queue_command() (bsc#1260501). * CVE-2026-23313: i40e: Fix preempt count leak in napi poll tracepoint (bsc#1260555). * CVE-2026-23321: mptcp: pm: in-kernel: always mark signal+subflow endp as used (bsc#1260505). * CVE-2026-23335: RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah() (bsc#1260550). * CVE-2026-23340: net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs (bsc#1260523). * CVE-2026-23343: xdp: produce a warning when calculated tailroom is negative (bsc#1260527). * CVE-2026-23346: mm/ioremap: define generic_ioremap_prot() and generic_iounmap() (bsc#1260529). * CVE-2026-23351: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase (bsc#1260526). * CVE-2026-23354: x86/fred: Correct speculative safety in fred_extint() (bsc#1260801). * CVE-2026-23368: net: phy: register phy led_triggers during probe to avoid AB-BA deadlock (bsc#1260530). * CVE-2026-23374: blktrace: fix __this_cpu_read/write in preemptible context (bsc#1260811). * CVE-2026-23378: net/sched: act_ife: Fix metalist update behavior (bsc#1260546). * CVE-2026-23383: bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing (bsc#1260497). * CVE-2026-23391: netfilter: xt_CT: drop pending enqueued packets on template removal (bsc#1260566). * CVE-2026-23392: netfilter: nf_tables: release flowtable after rcu grace period on error (bsc#1260531). * CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260522). * CVE-2026-23395: Bluetooth: L2CAP: Fix accepting multiple L2CAP_ECRED_CONN_REQ (bsc#1260580). * CVE-2026-23397: nfnetlink_osf: validate individual option lengths in fingerprints (bsc#1260728). * CVE-2026-23399: nf_tables: nft_dynset: fix possible stateful expression memleak in error path (bsc#1261020). * CVE-2026-23412: netfilter: bpf: defer hook memory release until rcu readers are done (bsc#1261412). * CVE-2026-23419: net/rds: Fix circular locking dependency in rds_tcp_tune (bsc#1261507). * CVE-2026-23440: net/mlx5e: Fix race condition during IPSec ESN update (bsc#1261641). * CVE-2026-23441: net/mlx5e: Prevent concurrent access to IPSec ASO context (bsc#1261768). * CVE-2026-23442: ipv6: add NULL checks for idev in SRv6 paths (bsc#1261581). * CVE-2026-23445: igc: fix page fault in XDP TX timestamps handling (bsc#1261702). * CVE-2026-23449: net/sched: teql: Fix double-free in teql_master_xmit (bsc#1261779). * CVE-2026-23450: net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock() (bsc#1261584). * CVE-2026-23455: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() (bsc#1261687). * CVE-2026-23456: netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case (bsc#1261703). * CVE-2026-23457: netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp() (bsc#1261686). * CVE-2026-23458: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() (bsc#1261781). * CVE-2026-23461: Bluetooth: L2CAP: Fix use-after-free in l2cap_unregister_user (bsc#1261707). * CVE-2026-23462: Bluetooth: HIDP: Fix possible UAF (bsc#1261710). * CVE-2026-23468: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion (bsc#1261692). * CVE-2026-23472: serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN (bsc#1261636). * CVE-2026-23473: io_uring/poll: fix multishot recv missing EOF on wakeup race (bsc#1261694). * CVE-2026-31395: bnxt_en: fix OOB access in DBG_BUF_PRODUCER async event handler (bsc#1261786). * CVE-2026-31400: sunrpc: fix cache_request leak in cache_release (bsc#1261645). * CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (bsc#1261638). * CVE-2026-31403: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd (bsc#1261796). * CVE-2026-31404: xfs: avoid dereferencing log items after push callbacks (bsc#1261628). * CVE-2026-31407: netfilter: conntrack: add missing netlink policy validations (bsc#1261632). * CVE-2026-31411: net: atm: fix crash due to unvalidated vcc pointer in sigd_send() (bsc#1261752). * CVE-2026-31415: ipv6: avoid overflows in ip6_datagram_send_ctl() (bsc#1262099). * CVE-2026-31416: netfilter: nfnetlink_log: account for netlink header size (bsc#1262100). * CVE-2026-31420: bridge: mrp: reject zero test interval to avoid OOM panic (bsc#1262055). * CVE-2026-31421: net/sched: cls_fw: fix NULL pointer dereference on shared blocks (bsc#1262061). * CVE-2026-31422: net/sched: cls_flow: fix NULL pointer dereference on shared blocks (bsc#1262054). * CVE-2026-31423: net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() (bsc#1262063). * CVE-2026-31424: netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP (bsc#1262053). * CVE-2026-31425: rds: ib: reject FRMR registration before IB connection is established (bsc#1262074). * CVE-2026-31427: netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp (bsc#1262086). * CVE-2026-31428: netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD (bsc#1262087). * CVE-2026-31436: dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() (bsc#1262602). * CVE-2026-31449: ext4: validate p_idx bounds in ext4_ext_correct_indexes (bsc#1262616). * CVE-2026-31470: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (bsc#1262665). * CVE-2026-31488: drm/amd/display: Do not skip unrelated mode changes in DSC validation (bsc#1262746). * CVE-2026-31494: net: cadence: macb: Synchronize stats calculations (bsc#1262671). * CVE-2026-31496: netfilter: nf_conntrack_expect: skip expectations in other netns via proc (bsc#1262673). * CVE-2026-31504: net: fix fanout UAF in packet_release() via NETDEV_UP race (bsc#1263085). * CVE-2026-31505: iavf: fix out-of-bounds writes in iavf_get_ethtool_stats() (bsc#1263093). * CVE-2026-31507: net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer (bsc#1263095). * CVE-2026-31512: Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv() (bsc#1262734). * CVE-2026-31515: af_key: validate families in pfkey_send_migrate() (bsc#1262752). * CVE-2026-31519: btrfs: set BTRFS_ROOT_ORPHAN_CLEANUP during subvol create (bsc#1263012). * CVE-2026-31525: bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN (bsc#1262725). * CVE-2026-31528: perf: Make sure to use pmu_ctx->pmu for groups (bsc#1263001). * CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (bsc#1262758). * CVE-2026-31547: drm/xe: Fix missing runtime PM reference in ccs_mode_store (bsc#1263018). * CVE-2026-31550: pmdomain: bcm: bcm2835-power: Increase ASB control timeout (bsc#1263104). * CVE-2026-31565: RDMA/irdma: Fix deadlock during netdev reset with active connections (bsc#1263064). * CVE-2026-31570: can: gw: fix OOB heap access in cgw_csum_crc8_rel() (bsc#1263065). * CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (bsc#1263176). * CVE-2026-31588: KVM: x86: Use scratch field in MMIO fragment to hold small write values (bsc#1263165). * CVE-2026-31602: ALSA: ctxfi: Limit PTP to a single page (bsc#1263723). * CVE-2026-31607: usbip: validate number_of_packets in usbip_pack_ret_submit() (bsc#1263600). * CVE-2026-31622: NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (bsc#1263797). * CVE-2026-31649: net: stmmac: fix integer underflow in chain mode (bsc#1263582). * CVE-2026-31656: drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (bsc#1263170). * CVE-2026-31662: tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG (bsc#1263131). * CVE-2026-31668: seg6: separate dst_cache for input and output paths in seg6 lwtunnel (bsc#1263140). * CVE-2026-31669: mptcp: fix slab-use-after-free in __inet_lookup_established (bsc#1263141). * CVE-2026-31675: net/sched: sch_netem: fix out-of-bounds access in packet corruption (bsc#1263556). * CVE-2026-31679: openvswitch: validate MPLS set/set_masked payload length (bsc#1263592). * CVE-2026-31681: netfilter: xt_multiport: validate range encoding in checkentry (bsc#1263593). * CVE-2026-31682: bridge: br_nd_send: linearize skb before parsing ND options (bsc#1263595). * CVE-2026-31684: net: sched: act_csum: validate nested VLAN headers (bsc#1263596). * CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263668). * CVE-2026-31694: fuse: reject oversized dirents in page cache (bsc#1263901). * CVE-2026-31700: net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (bsc#1263882). * CVE-2026-31738: vxlan: validate ND option lengths in vxlan_na_create (bsc#1264059). * CVE-2026-31787: xen/privcmd: fix double free via VMA splitting (bsc#1262181). * CVE-2026-43009: bpf: Fix incorrect pruning due to atomic fetch precision tracking (bsc#1264014). * CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new expectations (bsc#1263931). * CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect cleanup (bsc#1263933). * CVE-2026-43037: ip6_tunnel: clear skb2->cb in ip4ip6_err() (bsc#1263995). * CVE-2026-43038: ipv6: icmp: clear skb2->cb in ip6_err_gen_icmpv6_unreach() (bsc#1264097). * CVE-2026-43044: crypto: caam - fix DMA corruption on long hmac keys (bsc#1264087). * CVE-2026-43050: atm: lec: fix use-after-free in sock_def_readable() (bsc#1264082). * CVE-2026-43060: netfilter: nft_ct: drop pending enqueued packets on removal (bsc#1264183). * CVE-2026-43088: net: af_key: zero aligned sockaddr tail in PF_KEY exports (bsc#1264469). * CVE-2026-43110: wifi: brcmfmac: validate bsscfg indices in IF events (bsc#1264482). * CVE-2026-43120: RDMA/irdma: Fix double free related to rereg_user_mr. * CVE-2026-43126: ALSA: mixer: oss: Add card disconnect checkpoints (bsc#1264634). * CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264848). * CVE-2026-43214: KVM: x86: Add SRCU protection for reading PDPTRs in __get_sregs2() (bsc#1264651). * CVE-2026-43265: KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block() (bsc#1264427). * CVE-2026-43329: netfilter: flowtable: strictly check for maximum number of actions (bsc#1265085). * CVE-2026-43330: crypto: caam - fix overflow on long hmac keys (bsc#1264801). * CVE-2026-43334: Bluetooth: SMP: force responder MITM requirements before building the pairing response (bsc#1265090). * CVE-2026-43365: xfs: fix undersized l_iclog_roundoff values (bsc#1265119). * CVE-2026-43366: io_uring/kbuf: check if target buffer list is still legacy on recycle (bsc#1265116). * CVE-2026-43419: ceph: fix memory leaks in ceph_mdsc_build_path() (bsc#1264661). * CVE-2026-43437: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (bsc#1265126). * CVE-2026-43441: net: bonding: Fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1264674). * CVE-2026-43494: net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * CVE-2026-43503: net: skbuff: propagate shared-frag marker through frag- transfer helpers (bsc#1265960). * CVE-2026-46300: net: skbuff: preserve shared-frag marker during coalescing (bsc#1265209). The following non security issues were fixed: * accel/qaic: Add overflow check to remap_pfn_range during mmap (git-fixes). * ACPI: AGDI: fix missing newline in error message (git-fixes). * ACPI: CPPC: Fix related_cpus inconsistency during CPU hotplug (git-fixes). * ACPI: scan: Use acpi_dev_put() in object add error paths (git-fixes). * ACPI: video: Add backlight=native quirk for Dell OptiPlex 7770 AIO (git- fixes). * ACPI: video: force native backlight on HP OMEN 16 (8A44) (stable-fixes). * ALSA: 6fire: Fix input volume change detection (git-fixes). * ALSA: 6fire: fix use-after-free on disconnect (git-fixes). * ALSA: aoa: i2sbus: clear stale prepared state (git-fixes). * ALSA: aoa: i2sbus: fix OF node lifetime handling (git-fixes). * ALSA: aoa: Skip devices with no codecs in i2sbus_resume() (git-fixes). * ALSA: aoa: Use guard() for mutex locks (stable-fixes). * ALSA: asihpi: avoid write overflow check warning (stable-fixes). * ALSA: caiaq: Don't abort when no input device is available (git-fixes). * ALSA: caiaq: Fix control_put() result and cache rollback (git-fixes). * ALSA: caiaq: Fix potentially leftover ep1_in_urb at error path (git-fixes). * ALSA: caiaq: fix usb_dev refcount leak on probe failure (git-fixes). * ALSA: caiaq: Handle probe errors properly (git-fixes). * ALSA: caiaq: take a reference on the USB device in create_card() (git- fixes). * ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names() (git-fixes). * ALSA: core: Fix potential data race at fasync handling (git-fixes). * ALSA: core: Serialize deferred fasync state checks (git-fixes). * ALSA: core: Validate compress device numbers without dynamic minors (git- fixes). * ALSA: ctxfi: Add fallback to default RSR for S/PDIF (git-fixes). * ALSA: ctxfi: Fix missing SPDIFI1 index handling (stable-fixes). * ALSA: ctxfi: Limit PTP to a single page (git-fixes). * ALSA: firewire-tascam: Do not drop unread control events (git-fixes). * ALSA: fireworks: bound device-supplied status before string array lookup (git-fixes). * ALSA: hda/realtek - fixed speaker no sound update (git-fixes). * ALSA: hda/realtek: Add HP ENVY Laptop 13-ba0xxx quirk (stable-fixes). * ALSA: hda/realtek: Add mute LED quirk for HP Pavilion 15-eg0xxx (stable- fixes). * ALSA: hda/realtek: Add quirk for ASUS ROG Flow Z13-KJP GZ302EAC (stable- fixes). * ALSA: hda/realtek: add quirk for Framework F111:000F (stable-fixes). * ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14IAH10 (stable-fixes). * ALSA: hda/realtek: fix code style (ERROR: else should follow close brace '}') (git-fixes). * ALSA: hda: cs35l41: Put ACPI device on missing physical node (git-fixes). * ALSA: hda: cs35l56: Propagate ASP TX source control errors (git-fixes). * ALSA: hda: cs35l56: Put ACPI device after setting companion (git-fixes). * ALSA: hda: Fix NULL pointer dereference in snd_hda_ctl_add() (git-fixes). * ALSA: misc: Use guard() for spin locks (stable-fixes). * ALSA: scarlett2: Add missing error check when initialise Autogain Status (git-fixes). * ALSA: scarlett2: Add missing sentinel initializer field (git-fixes). * ALSA: seq: Notify client and port info changes (stable-fixes). * ALSA: seq_oss: return full count for successful SEQ_FULLSIZE writes (stable- fixes). * ALSA: usb-audio: apply quirk for MOONDROP JU Jiu (stable-fixes). * ALSA: usb-audio: Avoid false E-MU sample-rate notifications (git-fixes). * ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3() (git- fixes). * ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans (git-fixes). * ALSA: usb-audio: Bound MIDI endpoint descriptor scans (git-fixes). * ALSA: usb-audio: Evaluate packsize caps at the right place (git-fixes). * ALSA: usb-audio: Fix Audio Advantage Micro II SPDIF switch (git-fixes). * ALSA: usb-audio: Fix potential leak of pd at parsing UAC3 streams (git- fixes). * ALSA: usb-audio: Fix quirk flags for NeuralDSP Quad Cortex (stable-fixes). * ALSA: usb-audio: Fix UAC3 cluster descriptor size check (git-fixes). * ALSA: usb-audio: midi2: Restart output URBs on resume (git-fixes). * ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES (git-fixes). * amdgpu/jpeg: fix deepsleep register for jpeg 5_0_0 and 5_0_2 (stable-fixes). * ASoC: amd: acp: Add DMI quirk for Valve Steam Deck OLED (git-fixes). * ASoC: amd: yc: Add DMI entry for HP Laptop 15-fc0xxx (stable-fixes). * ASoC: amd: yc: Add DMI quirk for ASUS EXPERTBOOK BM1403CDA (stable-fixes). * ASoC: amd: yc: Add DMI quirk for Thin A15 B7VF (stable-fixes). * ASoC: amd: yc: Add HP OMEN Gaming Laptop 16-ap0xxx product line in quirk table (stable-fixes). * ASoC: codecs: ab8500: Fix casting of private data (git-fixes). * ASoC: cs35l56: Destroy workqueue in probe error path (git-fixes). * ASoC: cs35l56: Don't use devres to unregister component (git-fixes). * ASoC: cs35l56: Fix hibernate write in runtime resume error path (git-fixes). * ASoC: fsl_easrc: Change the type for iec958 channel status controls (git- fixes). * ASoC: fsl_easrc: Check the variable range in fsl_easrc_iec958_put_bits() (git-fixes). * ASoC: fsl_easrc: fix comment typo (git-fixes). * ASoC: fsl_easrc: Fix value type in fsl_easrc_iec958_get_bits() (git-fixes). * ASoC: fsl_micfil: Add access property for "VAD Detected" (git-fixes). * ASoC: fsl_micfil: Fix event generation in hwvad_put_enable() (git-fixes). * ASoC: fsl_micfil: Fix event generation in hwvad_put_init_mode() (git-fixes). * ASoC: fsl_micfil: Fix event generation in micfil_put_dc_remover_state() (git-fixes). * ASoC: fsl_micfil: Fix event generation in micfil_quality_set() (git-fixes). * ASoC: fsl_xcvr: Fix event generation for cached controls (git-fixes). * ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_arc_mode_put() (git-fixes). * ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_mode_put() (git-fixes). * ASoC: Intel: bytcr_wm5102: Fix MCLK leak on platform_clock_control error (git-fixes). * ASoC: qcom: q6apm-dai: reset queue ptr on trigger stop (git-fixes). * ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens (git-fixes). * ASoC: qcom: q6apm: move component registration to unmanaged version (git- fixes). * ASoC: qcom: q6apm: remove child devices when apm is removed (git-fixes). * ASoC: qcom: qdsp6: topology: check widget type before accessing data (git- fixes). * ASoC: soc-core: call missing INIT_LIST_HEAD() for card_aux_list (stable- fixes). * ASoC: SOF: compress: return the configured codec from get_params (git- fixes). * ASoC: SOF: Don't allow pointer operations on unconfigured streams (git- fixes). * ASoC: SOF: Intel: hda: Place check before dereference (git-fixes). * ASoC: SOF: topology: reject invalid vendor array size in token parser (stable-fixes). * ASoC: sti: Return errors from regmap_field_alloc() (git-fixes). * ASoC: sti: use managed regmap_field allocations (git-fixes). * ASoC: stm32_sai: fix incorrect BCLK polarity for DSP_A/B, LEFT_J (stable- fixes). * ata: ahci: force 32-bit DMA for JMicron JMB582/JMB585 (stable-fixes). * batman-adv: bla: only purge non-released claims (git-fixes). * batman-adv: bla: prevent use-after-free when deleting claims (git-fixes). * batman-adv: bla: put backbone reference on failed claim hash insert (git- fixes). * batman-adv: fix integer overflow on buff_pos (git-fixes). * batman-adv: hold claim backbone gateways by reference (git-fixes). * batman-adv: reject new tp_meter sessions during teardown (git-fixes). * batman-adv: reject oversized global TT response buffers (git-fixes). * batman-adv: stop caching unowned originator pointers in BAT IV (git-fixes). * Bluetooth: bnep: fix incorrect length parsing in bnep_rx_frame() extension handling (git-fixes). * Bluetooth: btmtk: validate WMT event SKB length before struct access (git- fixes). * Bluetooth: fix locking in hci_conn_request_evt() with HCI_PROTO_DEFER (git- fixes). * Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt (git-fixes). * Bluetooth: hci_event: fix potential UAF in SSP passkey handlers (git-fixes). * Bluetooth: hci_ldisc: Clear HCI_UART_PROTO_INIT on error (git-fixes). * Bluetooth: HIDP: serialise l2cap_unregister_user via hidp_session_sem (git- fixes). * Bluetooth: ISO: Fix data-race on dst in iso_sock_connect() (git-fixes). * Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp (git- fixes). * Bluetooth: l2cap: fix MPS check in l2cap_ecred_reconf_req (git-fixes). * Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb() (git- fixes). * Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_state_change_cb() (git- fixes). * Bluetooth: L2CAP: Fix printing wrong information if SDU length exceeds MTU (git-fixes). * Bluetooth: RFCOMM: pull credit byte with skb_pull_data() (git-fixes). * Bluetooth: SCO: check for codecs->num_codecs == 1 before assigning to sco_pi(sk)->codec (git-fixes). * Bluetooth: SCO: fix sleeping under spinlock in sco_conn_ready (git-fixes). * Bluetooth: SCO: hold sk properly in sco_conn_ready (git-fixes). * Bluetooth: virtio_bt: clamp rx length before skb_put (git-fixes). * Bluetooth: virtio_bt: validate rx pkt_type header length (git-fixes). * btrfs: do not skip logging new dentries when logging a new name (git-fixes). * btrfs: reject root items with drop_progress and zero drop_level (git-fixes). * btrfs: replace BUG() with error handling in __btrfs_balance() (git-fixes). * can: mcp251x: add error handling for power enable in open and resume (stable-fixes). * can: raw: fix ro->uniq use-after-free in raw_rcv() (git-fixes). * can: ucan: fix devres lifetime (git-fixes). * cdc-acm: new quirk for EPSON HMD (stable-fixes). * cgroup/cpuset: Fix incorrect change to effective_xcpus in partition_xcpus_del() (bsc#1241166). * cgroup/cpuset: Fix incorrect use of cpuset_update_tasks_cpumask() in update_cpumasks_hier() (bsc#1241166). * check-for-config-changes: Exclude CC_MS_EXTENSIONS. * check-for-config-changes: Exclude HAVE_CFI_ICALL_NORMALIZE_INTEGERS{,_RUSTC}. * checkpatch: add support for Assisted-by tag (stable-fixes). * comedi: dt2815: add hardware detection to prevent crash (stable-fixes). * cpufreq: intel_pstate: Drop Arrow Lake from "scaling factor" list (bsc#1249104). * crypto: algif_aead - Fix minimum RX size check for decryption (git-fixes). * crypto: arm64/aes - Fix 32-bit aes_mac_update() arg treated as 64-bit (git- fixes). * crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup (git- fixes). * crypto: atmel-ecc - Release client on allocation failure (git-fixes). * crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path (git-fixes). * crypto: atmel-tdes - fix DMA sync direction (git-fixes). * crypto: authencesn - reject short ahash digests during instance creation (git-fixes). * crypto: ccp - copy IV using skcipher ivsize (git-fixes). * crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed (git-fixes). * crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed (git-fixes). * crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed (git-fixes). * crypto: ccree - fix a memory leak in cc_mac_digest() (git-fixes). * crypto: hisilicon - Fix dma_unmap_single() direction (git-fixes). * crypto: jitterentropy - replace long-held spinlock with mutex (git-fixes). * crypto: pcrypt - Fix handling of MAY_BACKLOG requests (git-fixes). * crypto: qat - fix type mismatch in RAS sysfs show functions (git-fixes). * crypto: qat - use swab32 macro (git-fixes). * crypto: sa2ul - Fix AEAD fallback algorithm names (git-fixes). * crypto: simd - reject compat registrations without __ prefixes (git-fixes). * crypto: talitos - fix SEC1 32k ahash request limitation (git-fixes). * crypto: testmgr - Hide ENOENT errors (stable-fixes). * crypto: testmgr - Hide ENOENT errors better (git-fixes). * devres: fix missing node debug info in devm_krealloc() (git-fixes). * dm init: ensure device probing has finished in dm-mod.waitfor= (git-fixes). * dmaengine: dw-axi-dmac: Remove unnecessary return statement from void function (git-fixes). * dmaengine: mxs-dma: Fix missing return value from of_dma_controller_register() (git-fixes). * dpll: zl3073x: Add support to adjust phase (bsc#1255752). * dpll: zl3073x: Fix output pin phase adjustment sign (bsc#1255752). * dpll: zl3073x: Fix output pin registration (bsc#1255752). * dpll: zl3073x: fix REF_PHASE_OFFSET_COMP register width for some chip IDs (bsc#1255752). * dpll: zl3073x: Specify phase adjustment granularity for pins (bsc#1255752). * drm/amd/display: Add NULL check for integrated_info in clk_mgr_construct (git-fixes). * drm/amd/display: Allow DCE link encoder without AUX registers (git-fixes). * drm/amd/display: Avoid NULL dereference in dc_dmub_srv error paths (git- fixes). * drm/amd/display: Change dither policy for 10 bpc output back to dithering (git-fixes). * drm/amd/display: Correct logic check error for fastboot (git-fixes). * drm/amd/display: Disable 10-bit truncation and dithering on DCE 6.x (git- fixes). * drm/amd/display: Disable fastboot on DCE 6 too (stable-fixes). * drm/amd/display: Read EDID from VBIOS embedded panel info (git-fixes). * drm/amd/pm/ci: Clear EnabledForActivity field for memory levels (git-fixes). * drm/amd/pm/ci: Disable MCLK DPM on problematic CI ASICs (git-fixes). * drm/amd/pm/ci: Fill DW8 fields from SMC (git-fixes). * drm/amd/pm/ci: Fix powertune defaults for Hawaii 0x67B0 (git-fixes). * drm/amd/pm/ci: Use highest MCLK on CI when MCLK DPM is disabled (git-fixes). * drm/amd/pm/smu7: Add SCLK cap for quirky Hawaii board (git-fixes). * drm/amd/pm/smu7: Fix SMU7 voltage dependency on display clock (git-fixes). * drm/amd/pm: fix incorrect FeatureCtrlMask setting on smu v14.0.x (git- fixes). * drm/amdgpu/gfx6: Support harvested SI chips with disabled TCCs (v2) (git- fixes). * drm/amdgpu/gfx9: drop unnecessary 64-bit fence flag check in KIQ (stable- fixes). * drm/amdgpu/gfx10: look at the right prop for gfx queue priority (git-fixes). * drm/amdgpu/gfx11: look at the right prop for gfx queue priority (git-fixes). * drm/amdgpu/gmc: Fix AMDGPU_GART_PLACEMENT_LOW to not overlap with VRAM (git- fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v2.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v2.5 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v3.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.3 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.5 ring (git-fixes). * drm/amdgpu/jpeg: set no_user_fence for JPEG v5.0.0 ring (git-fixes). * drm/amdgpu/pm: add missing revision check for CI (git-fixes). * drm/amdgpu/pm: align Hawaii mclk workaround with radeon (git-fixes). * drm/amdgpu/pm: drop SMU driver if version not matched messages (stable- fixes). * drm/amdgpu/sdma4: replace BUG_ON with WARN_ON in fence emission (git-fixes). * drm/amdgpu/vce: Prevent partial address patches (stable-fixes). * drm/amdgpu/vcn3: Avoid overflow on msg bound check (git-fixes). * drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg (stable-fixes). * drm/amdgpu/vcn4: Avoid overflow on msg bound check (git-fixes). * drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg (stable-fixes). * drm/amdgpu/vcn4: Prevent OOB reads when parsing IB (stable-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v2.0 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v2.5 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v3.0 enc/dec rings (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0.3 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v4.0.5 enc ring (git-fixes). * drm/amdgpu/vcn: set no_user_fence for VCN v5.0.0 enc ring (git-fixes). * drm/amdgpu: Add bounds checking to ib_{get,set}_value (stable-fixes). * drm/amdgpu: Add default case in DVI mode validation (git-fixes). * drm/amdgpu: fix AMDGPU_INFO_READ_MMR_REG (git-fixes). * drm/amdgpu: fix the idr allocation flags (git-fixes). * drm/amdgpu: fix zero-size GDS range init on RDNA4 (stable-fixes). * drm/amdgpu: gate VM CPU HDP flush on reset lock (stable-fixes). * drm/amdgpu: replace PASID IDR with XArray (git-fixes). * drm/amdgpu: Use SMUIO 15.0.0 offsets for TSC upper and lower count (stable- fixes). * drm/amdgpu: zero-initialize GART table on allocation (stable-fixes). * drm/amdkfd: Add upper bound check for num_of_nodes (stable-fixes). * drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure (stable- fixes). * drm/amdkfd: Make all TLB-flushes heavy-weight (stable-fixes). * drm/amdkfd: validate SVM ioctl nattr against buffer size (stable-fixes). * drm/arcpgu: fix device node leak (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Add mode_valid hook to drm_bridge_funcs (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Handle HDCP state in bridge atomic check (git-fixes). * drm/bridge: cadence: cdns-mhdp8546-core: Set the mhdp connector earlier in atomic_enable() (git-fixes). * drm/bridge: stm_lvds: Do not fail atomic_check on disabled connector (git- fixes). * drm/etnaviv: Fix armed job not being pushed to the DRM scheduler (git- fixes). * drm/exynos: remove bridge when component_add fails (git-fixes). * drm/fb-helper: Fix clipping when damage area spans a single scanline (git- fixes). * drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() (git-fixes). * drm/gma500/oaktrail_hdmi: fix i2c adapter leak on setup (git-fixes). * drm/gma500/oaktrail_lvds: fix hang on init failure (git-fixes). * drm/gma500/oaktrail_lvds: fix i2c adapter leaks on init (git-fixes). * drm/i915/dp: Fix VSC dynamic range signaling for RGB formats (git-fixes). * drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (git- fixes). * drm/i915/wm: Verify the correct plane DDB entry (git-fixes). * drm/i915: skip __i915_request_skip() for already signaled requests (git- fixes). * drm/imagination: Switch reset_reason fields from enum to u32 (git-fixes). * drm/komeda: fix integer overflow in AFBC framebuffer size check (git-fixes). * drm/loongson: Use managed KMS polling (git-fixes). * drm/msm/a6xx: Fix dumping A650+ debugbus blocks (git-fixes). * drm/msm/a6xx: Fix HLSQ register dumping (git-fixes). * drm/msm/a6xx: Use barriers while updating HFI Q headers (git-fixes). * drm/msm/dpu: fix mismatch between power and frequency (git-fixes). * drm/msm/dsi: add the missing parameter description (git-fixes). * drm/msm/dsi: fix bits_per_pclk (git-fixes). * drm/msm/dsi: fix hdisplay calculation for CMD mode panel (git-fixes). * drm/msm/dsi: rename MSM8998 DSI version from V2_2_0 to V2_0_0 (git-fixes). * drm/msm/gem: fix error handling in msm_ioctl_gem_info_get_metadata() (git- fixes). * drm/msm/shrinker: Fix can_block() logic (git-fixes). * drm/msm: add missing MODULE_DEVICE_ID definitions (git-fixes). * drm/nouveau: fix nvkm_device leak on aperture removal failure (git-fixes). * drm/nouveau: fix u32 overflow in pushbuf reloc bounds check (git-fixes). * drm/panel: boe-tv101wum-nl6: restore MODE_LPM after sending disable cmds (git-fixes). * drm/panel: himax-hx83102: restore MODE_LPM after sending disable cmds (git- fixes). * drm/panel: sharp-ls043t1le01: make use of prepare_prev_first (git-fixes). * drm/panel: simple: Correct G190EAN01 prepare timing (git-fixes). * drm/panfrost: Fix wait_bo ioctl leaking positive return from dma_resv_wait_timeout() (git-fixes). * drm/panthor: Fix outdated function documentation (git-fixes). * drm/radeon: add missing revision check for CI (git-fixes). * drm/sun4i: backend: fix error pointer dereference (git-fixes). * drm/sun4i: Fix resource leaks (git-fixes). * drm/v3d: Handle error from drm_sched_entity_init() (git-fixes). * drm/vc4: Fix a memory leak in hang state error path (git-fixes). * drm/vc4: Fix memory leak of BO array in hang state (git-fixes). * drm/vc4: platform_get_irq_byname() returns an int (stable-fixes). * drm/vc4: Protect madv read in vc4_gem_object_mmap() with madv_lock (git- fixes). * drm/vc4: Release runtime PM reference after binding V3D (git-fixes). * drm/vram: remove DRM_VRAM_MM_FILE_OPERATIONS from docs (git-fixes). * drm/xe/bo: Fix bo leak on GGTT flag validation in xe_bo_init_locked() (git- fixes). * drm/xe/bo: Fix bo leak on unaligned size validation in xe_bo_init_locked() (git-fixes). * drm/xe/debugfs: Correct printing of register whitelist ranges (git-fixes). * drm/xe/dma-buf: handle empty bo and UAF races (git-fixes). * drm/xe/gsc: Fix BO leak on error in query_compatibility_version() (git- fixes). * drm/xe/uapi: update used tracking kernel-doc (git-fixes). * drm/xe: Fix dma-buf attachment leak in xe_gem_prime_import() (git-fixes). * drm/xe: Fix error cleanup in xe_exec_queue_create_ioctl() (git-fixes). * dt-bindings: net: Fix Tegra234 MGBE PTP clock (git-fixes). * efi/capsule-loader: fix incorrect sizeof in phys array reallocation (git- fixes). * efi: pstore: Drop efivar lock when efi_pstore_open() returns with an error (git-fixes). * ext4: fix fsync(2) for nojournal mode (git-fixes). * ext4: make recently_deleted() properly work with lazy itable initialization (git-fixes). * ext4: reject mount if bigalloc with s_first_data_block != 0 (git-fixes). * extcon: ptn5150: handle pending IRQ events during system resume (git-fixes). * fbdev: matroxfb: Mark variable with __maybe_unused to avoid W=1 build break (git-fixes). * fbdev: offb: fix PCI device reference leak on probe failure (git-fixes). * fbdev: tdfxfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (stable-fixes). * fbdev: udlfb: add vm_ops to dlfb_ops_mmap to prevent use-after-free (stable- fixes). * fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (git-fixes). * firmware: dmi: Correct an indexing error in dmi.h (git-fixes). * gpio: tegra: fix irq_release_resources calling enable instead of disable (git-fixes). * gtp: disable BH before calling udp_tunnel_xmit_skb() (git-fixes). * HID: alps: fix NULL pointer dereference in alps_raw_event() (git-fixes). * HID: asus: do not abort probe when not necessary (git-fixes). * HID: asus: make asus_resume adhere to linux kernel coding standards (git- fixes). * HID: core: clamp report_size in s32ton() to avoid undefined shift (stable- fixes). * HID: multitouch: Check to ensure report responses match the request (stable- fixes). * HID: playstation: Clamp num_touch_reports (git-fixes). * HID: quirks: add HID_QUIRK_ALWAYS_POLL for 8BitDo Pro 3 (stable-fixes). * HID: roccat: fix use-after-free in roccat_report_event (stable-fixes). * HID: usbhid: fix deadlock in hid_post_reset() (git-fixes). * HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq (stable-fixes). * hv_sock: fix ARM64 support (git-fixes). * hwmon: (ads7871) Fix endianness bug in 16-bit register reads (git-fixes). * hwmon: (corsair-psu) Close HID device on probe errors (git-fixes). * hwmon: (lm63) Add locking to avoid TOCTOU (git-fixes). * hwmon: (ltc2992) Clamp threshold writes to hardware range (git-fixes). * hwmon: (ltc2992) Fix u32 overflow in power read path (git-fixes). * i2c: s3c24xx: check the size of the SMBUS message before using it (stable- fixes). * i2c: smbus: reject oversized block transfers in the common path (git-fixes). * i2c: stm32f7: reinit_completion() per transfer not per msg (git-fixes). * i2c: stub: Reject I2C block transfers with invalid length (git-fixes). * i3c: master: Fix error codes at send_ccc_cmd (git-fixes). * i3c: mipi-i3c-hci: fix IBI payload length calculation for final status (git- fixes). * ibmveth: Disable GSO for packets with small MSS (bsc#1265144). * ice: set max queues in alloc_etherdev_mqs() (git-fixes). * iio: adc: ad7768-1: fix one-shot mode data acquisition (git-fixes). * iio: adc: ti-adc161s626: use DMA-safe memory for spi_read() (git-fixes). * iio: adc: ti-ads7950: use iio_push_to_buffers_with_ts_unaligned() (git- fixes). * Input: i8042 - add TUXEDO InfinityBook Max 16 Gen10 AMD to i8042 quirk table (stable-fixes). * Input: uinput - fix circular locking dependency with ff-core (git-fixes). * Input: uinput - take event lock when submitting FF request "event" (stable- fixes). * Input: xpad - add support for BETOP BTP-KP50B/C controller's wireless mode (stable-fixes). * Input: xpad - add support for Razer Wolverine V3 Pro (stable-fixes). * intel_idle: add Clearwater Forest SoC support (jsc#PED-10383). * ipmi: Add limits to event and receive message requests (git-fixes). * ipmi: Check event message buffer response for bad data (git-fixes). * ipmi: ssif_bmc: change log level to dbg in irq callback (git-fixes). * ipmi: ssif_bmc: fix message desynchronization after truncated response (git- fixes). * ipmi: ssif_bmc: fix missing check for copy_to_user() partial failure (git- fixes). * irqchip/irq-pic32-evic: Address warning related to wrong printf() formatter (git-fixes). * kdump, documentation: describe craskernel CMA reservation (jsc#PED-7249). * KVM: Reject wrapped offset in kvm_reset_dirty_gfn() (git-fixes). * KVM: SVM: Fix a missing kunmap_local() in sev_gmem_post_populate() (git- fixes). * KVM: SVM: Mark VMCB_NPT as dirty on nested VMRUN (git-fixes). * KVM: SVM: Mark VMCB_PERM_MAP as dirty on nested VMRUN (git-fixes). * KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE (bsc#1259461). * KVM: x86/mmu: Retry fault before acquiring mmu_lock if mapping is changing (bsc#1253122). * KVM: x86/xen: Fix cleanup logic in emulation of Xen schedop poll hypercalls (git-fixes). * KVM: x86: check for nEPT/nNPT in slow flush hypercalls (git-fixes). * KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (git- fixes). * KVM: x86: hyper-v: Validate all GVAs during PV TLB flush (git-fixes). * KVM: x86: Ignore cpuid faulting in SMM (git-fixes). * leds: lgm-sso: Remove duplicate assignments for priv->mmap (git-fixes). * leds: qcom-lpg: Check for array overflow when selecting the high resolution (stable-fixes). * lib/hexdump: print_hex_dump_bytes() calls print_hex_dump_debug() (git- fixes). * md/raid1: fix the comparing region of interval tree (bsc#1261555). * md/raid1: serialize overlap io for writemostly disk (bsc#1261555). * media: amphion: Fix race between m2m job_abort and device_run (git-fixes). * media: as102: fix to not free memory after the device is registered in as102_usb_probe() (git-fixes). * media: chips-media: wave5: add missing spinlock protection for handle_dynamic_resolution_change() (git-fixes). * media: chips-media: wave5: add missing spinlock protection for send_eos_event() (git-fixes). * media: chips-media: wave5: fix a potential memory leak in wave5_vdi_init() (git-fixes). * media: dib8000: avoid division by 0 in dib8000_set_dds() (git-fixes). * media: em28xx: fix use-after-free in em28xx_v4l2_open() (git-fixes). * media: hackrf: fix to not free memory after the device is registered in hackrf_probe() (git-fixes). * media: i2c: imx219: Check return value of devm_gpiod_get_optional() in imx219_probe() (git-fixes). * media: i2c: imx412: Assert reset GPIO during probe (git-fixes). * media: i2c: ov08d10: fix image vertical start setting (git-fixes). * media: i2c: ov8856: free control handler on error in ov8856_init_controls() (git-fixes). * media: intel/ipu6: fix error pointer dereference (git-fixes). * media: mtk-jpeg: fix use-after-free in release path due to uncancelled work (git-fixes). * media: nxp: imx8-isi: Reduce minimum queued buffers from 2 to 0 (git-fixes). * media: omap3isp: drop the use count of v4l2 pipeline (git-fixes). * media: pci: zoran: fix potential memory leak in zoran_probe() (git-fixes). * media: rc: streamzap: Error handling in probe (git-fixes). * media: rc: xbox_remote: heed DMA restrictions (git-fixes). * media: saa7164: add ioremap return checks and cleanups (git-fixes). * media: staging: imx: configure src_mux in csi_start (git-fixes). * media: staging: imx: request mbus_config in csi_start (git-fixes). * media: uvcvideo: Enable VB2_DMABUF for metadata stream (git-fixes). * media: videobuf2: Set vma_flags in vb2_dma_sg_mmap (git-fixes). * media: vidtv: fix nfeeds state corruption on start_streaming failure (git- fixes). * media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections (git-fixes). * media: vidtv: fix pass-by-value structs causing MSAN warnings (git-fixes). * memory: tegra30-emc: Fix dll_change check (git-fixes). * memory: tegra124-emc: Fix dll_change check (git-fixes). * mfd: mc13xxx-core: Fix memory leak in mc13xxx_add_subdevice_pdata() (git- fixes). * mkspec: Add signature to source list only when it exists. * mmc: sdhci-of-dwcmshc: Disable clock before DLL configuration (git-fixes). * mmc: vub300: fix NULL-deref on disconnect (git-fixes). * modpost: Amend ppc64 save/restfpr symnames for -Os build (bsc#1215199). * mtd: docg3: Convert to platform remove callback returning void (stable- fixes). * mtd: docg3: fix use-after-free in docg3_release() (git-fixes). * mtd: parsers: ofpart: call of_node_get() for dedicated subpartitions (git- fixes). * mtd: parsers: ofpart: call of_node_put() only in ofpart_fail path (git- fixes). * mtd: physmap_of_gemini: Fix disabled pinctrl state check (git-fixes). * mtd: rawnand: sunxi: fix sunxi_nfc_hw_ecc_read_extra_oob (git-fixes). * mtd: spi-nor: core: correct the op.dummy.nbytes when check read operations (git-fixes). * mtd: spi-nor: debugfs: fix out-of-bounds read in spi_nor_params_show() (git- fixes). * mtd: spi-nor: sst: Factor out common write operation to `sst_nor_write_data()` (stable-fixes). * mtd: spi-nor: sst: Fix SST write failure (git-fixes). * mtd: spi-nor: sst: Fix write enable before AAI sequence (git-fixes). * mtd: spi-nor: swp: check SR_TB flag when getting tb_mask (git-fixes). * net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). * net/sched: cls_fw: fix NULL dereference of "old" filters before change() (git-fixes). * net/sched: fix pedit partial COW leading to page cache corruption (bsc#1265421). * net: gro: don't merge zcopy skbs (git-fixes). * net: mana: Add MAC address to vPort logs and clarify error messages (git- fixes). * net: mana: check xdp_rxq registration before unreg in mana_destroy_rxq() (git-fixes). * net: mana: Don't overwrite port probe error with add_adev result (git- fixes). * net: mana: Fix crash from unvalidated SHM offset read from BAR0 during FLR (bsc#1265846). * net: mana: Fix EQ leak in mana_remove on NULL port (git-fixes). * net: mana: Fix RX skb truesize accounting (bsc#1248754). * net: mana: fix use-after-free in mana_hwc_destroy_channel() by reordering teardown (git-fixes). * net: mana: Guard mana_remove against double invocation (git-fixes). * net: mana: hardening: Validate adapter_mtu from MANA_QUERY_DEV_CONFIG (git- fixes). * net: mana: hardening: Validate doorbell ID from GDMA_REGISTER_DEVICE response (git-fixes). * net: mana: Init gf_stats_work before potential error paths in probe (git- fixes). * net: mana: Init link_change_work before potential error paths in probe (git- fixes). * net: mana: remove double CQ cleanup in mana_create_rxq error path (git- fixes). * net: mana: Set default number of queues to 16 (bsc#1261648). * net: mana: Skip WQ object destruction for uninitialized RXQ (git-fixes). * net: mana: Use at least SZ_4K in doorbell ID range check (git-fixes). * net: mana: Use pci_name() for debugfs directory naming (git-fixes). * net: phy: dp83869: fix setting CLK_O_SEL field (git-fixes). * net: stmmac: Fix PTP ref clock for Tegra234 (git-fixes). * net: usb: asix: ax88772: re-add usbnet_link_change() in phylink callbacks (git-fixes). * net: usb: cdc-phonet: fix skb frags[] overflow in rx_complete() (git-fixes). * net: usb: rtl8150: fix use-after-free in rtl8150_start_xmit() (git-fixes). * net: usb: rtl8150: free skb on usb_submit_urb() failure in xmit (git-fixes). * net: wan: fsl_ucc_hdlc: fix ucc_hdlc_remove (git-fixes). * net: wan: fsl_ucc_hdlc: fix uhdlc_memclean (git-fixes). * net: wan: fsl_ucc_hdlc: free tx_skbuff in uhdlc_memclean (git-fixes). * NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (git- fixes). * nfc: llcp: add missing return after LLCP_CLOSED checks (git-fixes). * nfc: pn533: allocate rx skb before consuming bytes (git-fixes). * nfc: s3fwrn5: allocate rx skb before consuming bytes (git-fixes). * NFC: trf7970a: Ignore antenna noise when checking for RF field (git-fixes). * nvme-auth: Include SC_C in RVAL controller hash (bsc#1260428). * nvme-fabrics: use kfree_sensitive() for DHCHAP secrets (git-fixes). * nvme-loop: do not cancel I/O and admin tagset during ctrl reset/shutdown (bsc#1262709). * nvme-pci: cap queue creation to used queues (git-fixes). * nvme-pci: ensure we're polling a polled queue (git-fixes). * nvme: Allow reauth from sysfs (bsc#1259672). * nvme: Expose the tls_configured sysfs for secure concat connections (bsc#1259672). * nvme: expose TLS mode (bsc#1259672). * nvme: fix PCIe subsystem reset controller state transition (bsc#1261738). * nvmet-tcp: propagate nvmet_tcp_build_pdu_iovec() errors to its callers (git- fixes). * ocfs2: fix possible deadlock between unlink and dio_end_io_write (bsc#1258718). * ocfs2: split transactions in dio completion to avoid credit exhaustion (bsc#1258718). * Partial revert "x86/xen: fix balloon target initialization for PVH dom0" (bsc#1262599). * PCI/AER: Clear only error bits in PCIe Device Status (git-fixes). * PCI/AER: Stop ruling out unbound devices as error source (git-fixes). * PCI: dwc: Apply ECRC workaround to DesignWare 5.00a as well (git-fixes). * PCI: Enable AtomicOps only if Root Port supports them (git-fixes). * PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown (git-fixes). * PCI: hv: Set default NUMA node to 0 for devices without affinity info (git- fixes). * PCI: mediatek-gen3: Prevent leaking IRQ domains when IRQ not found (git- fixes). * PCI: tegra194: Allow system suspend when the Endpoint link is not up (git- fixes). * PCI: tegra194: Disable direct speed change for Endpoint mode (git-fixes). * PCI: tegra194: Disable LTSSM after transition to Detect on surprise link down (git-fixes). * PCI: tegra194: Disable PERST# IRQ only in Endpoint mode (git-fixes). * PCI: tegra194: Fix polling delay for L2 state (git-fixes). * PCI: tegra194: Increase LTSSM poll time on surprise link down (git-fixes). * PCI: tegra194: Set LTR message request before PCIe link up in Endpoint mode (git-fixes). * PCI: tegra194: Use devm_gpiod_get_optional() to parse "nvidia,refclk-select" (git-fixes). * PCI: tegra194: Use DWC IP core version (git-fixes). * pinctrl: abx500: Fix type of 'argument' variable (git-fixes). * pinctrl: Fix spelling problem (git-fixes). * pinctrl: intel: Fix the revision for new features (1kOhm PD, HW debouncer) (stable-fixes). * pinctrl: pic32: change all cases of bare 'unsigned' to 'unsigned int' (git- fixes). * pinctrl: pic32: use consistent spacing around '+' (git-fixes). * pinctrl: pinctrl-pic32: Fix resource leak (git-fixes). * platform/chrome: chromeos_tbmc: Drop wakeup source on remove (git-fixes). * platform/surface: surfacepro3_button: Drop wakeup source on remove (git- fixes). * platform/x86/amd: pmc: Add Thinkpad L14 Gen3 to quirk_s2idle_bug (stable- fixes). * platform/x86/intel-uncore-freq: Handle autonomous UFS status bit (git- fixes). * platform/x86/intel: power-domains: Add Clearwater Forest support (jsc#PED-16221). * platform/x86: dell-wmi-sysman: bound enumeration string aggregation (git- fixes). * platform/x86: dell_rbu: avoid uninit value usage in packet_size_write() (git-fixes). * platform/x86: hp-wmi: Ignore backlight and FnLock events (stable-fixes). * platform/x86: ISST: Add Clearwater Forest to support list (jsc#PED-16221). * platform/x86: panasonic-laptop: Fix OPTD notifier registration and cleanup (git-fixes). * power: supply: axp288_charger: Do not cancel work before initializing it (git-fixes). * power: supply: max17042: avoid overflow when determining health (git-fixes). * powerpc/crash: adjust the elfcorehdr size (jsc#PED-11175 git-fixes). * powerpc/crash: fix backup region offset update to elfcorehdr (bsc#1259535). * powerpc/crash: Update backup region offset in elfcorehdr on memory hotplug (bsc#1259535). * powerpc/kdump: Fix size calculation for hot-removed memory ranges (jsc#PED-11175 git-fixes). * RDMA/mana: Fix error unwind in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Fix mana_destroy_wq_obj() cleanup in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss() (git-fixes). * RDMA/mana: Validate rx_hash_key_len (git-fixes). * RDMA/mana_ib: cleanup the usage of mana_gd_send_request() (git-fixes). * RDMA/mana_ib: Disable RX steering on RSS QP destroy (git-fixes). * RDMA/mana_ib: Support memory windows (git-fixes). * regulator: act8945a: fix OF node reference imbalance (git-fixes). * regulator: bd9571mwv: fix OF node reference imbalance (git-fixes). * regulator: max77650: fix OF node reference imbalance (git-fixes). * regulator: mt6357: fix OF node reference imbalance (git-fixes). * remoteproc: xlnx: Only access buffer information if IPI is buffered (git- fixes). * Revert "ALSA: usb: Increase volume range that triggers a warning" (git- fixes). * rtc: abx80x: Disable alarm feature if no interrupt attached (git-fixes). * rtc: ntxec: fix OF node reference imbalance (git-fixes). * s390/dasd: Copy detected format information to secondary device (bsc#1259995). * s390/dasd: Fix gendisk parent after copy pair swap (bsc#1259995). * s390/dasd: Move quiesce state with pprc swap (bsc#1259995). * sched/balancing: Switch the 'DEFINE_SPINLOCK(balancing)' spinlock into an 'atomic_t sched_balance_running' flag (bsc#1253754). * sched/fair: Change likelyhood of nohz.nr_cpus (bsc#1234634 bsc#1258961). * sched/fair: Have SD_SERIALIZE affect newidle balancing (bsc#1253754). * sched/fair: Move checking for nohz cpus after time check (bsc#1234634 bsc#1258961). * sched/fair: Remove nohz.nr_cpus and use weight of cpumask instead (bsc#1234634 bsc#1258961). * sched/fair: Skip sched_balance_running cmpxchg when balance is not due (bsc#1253754). * scsi: lpfc: Add clean up of aborted NVMe commands during PCI fcn reset (bsc#1262019). * scsi: lpfc: Add log messages to fabric login error labels (bsc#1262019). * scsi: lpfc: Add PCI ID support for LPe42100 series adapters (bsc#1262019). * scsi: lpfc: Add REG_VFI mailbox cmd error handling (bsc#1262019). * scsi: lpfc: Break out of IRQ affinity assignment when mask reaches nr_cpu_ids (bsc#1262019). * scsi: lpfc: Check ASIC_ID register to aid diagnostics during failed fw updates (bsc#1262019). * scsi: lpfc: Cleanup error exit paths in lpfc_fdmi_cmd() and associated messages (bsc#1262019). * scsi: lpfc: ELIMINATE kernel-doc warnings in lpfc.h (bsc#1262019). * scsi: lpfc: Fix incorrect txcmplq_cnt during cleanup in lpfc_sli_abort_ring() (bsc#1262019). * scsi: lpfc: Introduce 128G link speed selection and support (bsc#1262019). * scsi: lpfc: Log discarded and insufficient RQE buffer events (bsc#1262019). * scsi: lpfc: Log MCQE contents for mbox commands with no context (bsc#1262019). * scsi: lpfc: Properly set WC for DPP mapping (bsc#1262019). * scsi: lpfc: Reduce pointer chasing when accessing vmid_flag (bsc#1262019). * scsi: lpfc: Remove deprecated PBDE feature (bsc#1262019). * scsi: lpfc: Remove unnecessary ndlp kref get in lpfc_check_nlp_post_devloss (bsc#1262019). * scsi: lpfc: Restrict first burst to non-FCoE and SLI4 adapters only (bsc#1262019). * scsi: lpfc: Select mailbox rq_create cmd version based on SLI4 if_type (bsc#1262019). * scsi: lpfc: Update class of service bit field to 3 bits for WQE submissions (bsc#1262019). * scsi: lpfc: Update construction of SGL when XPSGL is enabled (bsc#1262019). * scsi: lpfc: Update copyright year string for 2026 (bsc#1262019). * scsi: lpfc: Update log message when ndlp kref get is unsuccessful (bsc#1262019). * scsi: lpfc: Update lpfc version to 14.4.0.14 (bsc#1262019). * scsi: lpfc: Update lpfc version to 15.0.0.0 (bsc#1262019). * scsi: lpfc: Update outdated comment for renamed lpfc_freenode() (bsc#1262019). * scsi: lpfc: Use min_t() instead of min() in lpfc_sli4_driver_resource_setup (bsc#1262019). * scsi: storvsc: Handle PERSISTENT_RESERVE_IN truncation for Hyper-V vFC (git- fixes). * scsi: target: iscsi: validate CHAP_R length before base64 decode (bsc#1265449). * selftests/powerpc: make sub-folders buildable on their own (bsc#1261669 ltc#212590). * selftests/powerpc: Re-order *FLAGS to follow lib.mk (bsc#1261669 ltc#212590). * selftests/powerpc: Suppress -Wmaybe-uninitialized with GCC 15 (bsc#1261669 ltc#212590). * serial: 8250: Add serial8250_handle_irq_locked() (bsc#1262480). * serial: 8250: Protect LCR write in shutdown (bsc#1262480). * serial: 8250_dw: Avoid unnecessary LCR writes (bsc#1262480). * serial: 8250_dw: Ensure BUSY is deasserted (bsc#1262480). * serial: 8250_dw: Rework dw8250_handle_irq() locking and IIR handling (bsc#1262480). * serial: 8250_dw: Rework IIR_NO_INT handling to stop interrupt storm (bsc#1262480). * soc/tegra: cbb: Set ERD on resume for err interrupt (git-fixes). * soc: qcom: aoss: compare against normalized cooling state (git-fixes). * soc: qcom: llcc: fix v1 SB syndrome register offset (git-fixes). * sound: ua101: fix division by zero at probe (git-fixes). * soundwire: bus: demote UNATTACHED state warnings to dev_dbg() (git-fixes). * soundwire: cadence: Clear message complete before signaling waiting thread (git-fixes). * spi: at91-usart: fix controller deregistration (git-fixes). * spi: atmel: fix controller deregistration (git-fixes). * spi: cadence: fix controller deregistration (git-fixes). * spi: fix controller cleanup() documentation (git-fixes). * spi: fix misleading controller deregistration kernel-doc (git-fixes). * spi: fix misleading controller registration kernel-doc (git-fixes). * spi: fsl-qspi: Use reinit_completion() for repeated operations (git-fixes). * spi: hisi-kunpeng: prevent infinite while() loop in hisi_spi_flush_fifo (git-fixes). * spi: imx: fix runtime pm leak on probe deferral (git-fixes). * spi: imx: fix use-after-free on unbind (git-fixes). * spi: microchip-core-qspi: fix controller deregistration (git-fixes). * spi: microchip-core-qspi: Use helper function devm_clk_get_enabled() (stable-fixes). * spi: mpc52xx: fix use-after-free on unbind (git-fixes). * spi: mtk-nor: fix controller deregistration (git-fixes). * spi: mtk-snfi: unregister ECC engine on probe failure and remove() callback (git-fixes). * spi: omap2-mcspi: fix controller deregistration (git-fixes). * spi: orion: fix clock imbalance on registration failure (git-fixes). * spi: orion: fix runtime pm leak on unbind (git-fixes). * spi: rockchip: fix controller deregistration (git-fixes). * spi: rspi: fix controller deregistration (git-fixes). * spi: sh-hspi: fix controller deregistration (git-fixes). * spi: spi-ti-qspi: Convert to platform remove callback returning void (stable-fixes). * spi: sprd: fix controller deregistration (git-fixes). * spi: sun4i: fix controller deregistration (git-fixes). * spi: sun4i: switch to use modern name (stable-fixes). * spi: syncuacer: fix controller deregistration (git-fixes). * spi: synquacer: switch to use modern name (stable-fixes). * spi: uniphier: fix controller deregistration (git-fixes). * spi: uniphier: Simplify clock handling with devm_clk_get_enabled() (stable- fixes). * spi: uniphier: switch to use modern name (stable-fixes). * spi: zynq-qspi: switch to use modern name (stable-fixes). * spi: zynqmp-gqspi: fix controller deregistration (git-fixes). * staging: media: atomisp: Disallow all private IOCTLs (git-fixes). * staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify() (git-fixes). * staging: sm750fb: fix division by zero in ps_to_hz() (git-fixes). * staging: vme_user: added bound check to geoid (stable-fixes). * staging: vme_user: fix root device leak on init failure (git-fixes). * tg3: Fix race for querying speed/duplex (bsc#1257183). * tg3: replace placeholder MAC address with device property (git-fixes). * thermal/drivers/spear: Fix error condition for reading st,thermal-flags (git-fixes). * thermal/drivers/sprd: Fix raw temperature clamping in sprd_thm_rawdata_to_temp (git-fixes). * thermal/drivers/sprd: Fix temperature clamping in sprd_thm_temp_to_rawdata (git-fixes). * tpm: avoid -Wunused-but-set-variable (git-fixes). * tpm: tpm_tis: add error logging for data transfer (git-fixes). * tpm: tpm_tis: stop transmit if retries are exhausted (git-fixes). * tty: tty_io: update timestamps on all device nodes (bsc#1262020). * unshare: fix unshare_fs() handling (git-fixes). * USB: cdc-acm: Add quirks for Yoga Book 9 14IAH10 INGENIC touchscreen (stable-fixes). * usb: chipidea: core: allow ci_irq_handler() handle both ID and VBUS change (git-fixes). * usb: chipidea: otg: not wait vbus drop if use role_switch (git-fixes). * USB: core: add NO_LPM quirk for Razer Kiyo Pro webcam (stable-fixes). * usb: gadget: dummy_hcd: fix premature URB completion when ZLP follows partial transfer (stable-fixes). * usb: gadget: f_ncm: validate minimum block_len in ncm_unwrap_ntb() (git- fixes). * usb: gadget: f_phonet: fix skb frags[] overflow in pn_rx_complete() (stable- fixes). * usb: gadget: f_uac1_legacy: validate control request size (stable-fixes). * usb: gadget: renesas_usb3: validate endpoint index in standard request handlers (git-fixes). * USB: omap_udc: DMA: Don't enable burst 4 mode (git-fixes). * usb: port: add delay after usb_hub_set_port_power() (git-fixes). * usb: quirks: add DELAY_INIT quirk for another Silicon Motion flash drive (stable-fixes). * USB: serial: io_edgeport: add support for Blackbox IC135A (stable-fixes). * USB: serial: option: add MeiG Smart SRM825WN (stable-fixes). * USB: serial: option: add support for Rolling Wireless RW135R-GL (stable- fixes). * USB: serial: option: add Telit Cinterion FN990A MBIM composition (stable- fixes). * USB: serial: option: add Telit Cinterion LE910Cx compositions (stable- fixes). * usb: storage: Expand range of matched versions for VL817 quirks entry (stable-fixes). * usb: typec: tcpm: reset internal port states on soft reset AMS (git-fixes). * usb: ulpi: fix memory leak on ulpi_register() error paths (git-fixes). * usb: usblp: fix heap leak in IEEE 1284 device ID via short response (stable- fixes). * usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl (stable- fixes). * usb: xhci: Make usb_host_endpoint.hcpriv survive endpoint_disable() (git- fixes). * usbip: validate number_of_packets in usbip_pack_ret_submit() (git-fixes). * virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (git- fixes). * virt: tdx-guest: Return error for GetQuote failures (git-fixes). * wifi: ath5k: do not access array OOB (git-fixes). * wifi: ath9k: Fix typo (git-fixes). * wifi: ath11k: Pass the correct value of each TID during a stop AMPDU session (git-fixes). * wifi: ath11k: skip status ring entry processing (stable-fixes). * wifi: ath11k: Use dma_alloc_noncoherent for rx_tid buffer allocation (stable-fixes). * wifi: ath12k: fix leak in some ath12k_wmi_xxx() functions (git-fixes). * wifi: b43: enforce bounds check on firmware key index in b43_rx() (git- fixes). * wifi: b43legacy: enforce bounds check on firmware key index in RX path (git- fixes). * wifi: brcmfmac: Fix error pointer dereference (git-fixes). * wifi: brcmfmac: validate bsscfg indices in IF events (stable-fixes). * wifi: brcmsmac: Fix dma_free_coherent() size (git-fixes). * wifi: cw1200: Revert "Fix locking in error paths" (git-fixes). * wifi: libertas: notify firmware load wait on disconnect (git-fixes). * wifi: mac80211: check ieee80211_rx_data_set_link return in pubsta MLO path (git-fixes). * wifi: mac80211: check tdls flag in ieee80211_tdls_oper (stable-fixes). * wifi: mac80211: drop stray 'static' from fast-RX rx_result (git-fixes). * wifi: mac80211: handle VHT EXT NSS in ieee80211_determine_our_sta_mode() (git-fixes). * wifi: mac80211: remove station if connection prep fails (git-fixes). * wifi: mac80211: use safe list iteration in radar detect work (git-fixes). * wifi: mt76: mt792x: describe USB WFSYS reset with a descriptor (stable- fixes). * wifi: mt76: mt792x: fix mt7925u USB WFSYS reset handling (git-fixes). * wifi: mt76: mt7615: fix use_cts_prot support (git-fixes). * wifi: mt76: mt7915: fix use-after-free bugs in mt7915_mac_dump_work() (git- fixes). * wifi: mt76: mt7915: fix use_cts_prot support (git-fixes). * wifi: mt76: mt7921: fix 6GHz regulatory update on connection (git-fixes). * wifi: mt76: mt7921: fix a potential clc buffer length underflow (git-fixes). * wifi: mt76: mt7921: fix ROC abort flow interruption in mt7921_roc_work (git- fixes). * wifi: mt76: mt7921: Reset ampdu_state state in case of failure in mt76_connac2_tx_check_aggr() (git-fixes). * wifi: mt76: mt7925: fix incorrect length field in txpower command (git- fixes). * wifi: mt76: mt7996: fix FCS error flag check in RX descriptor (git-fixes). * wifi: mt76: mt7996: fix struct mt7996_mcu_uni_event (git-fixes). * wifi: mwifiex: Fix memory leak in mwifiex_11n_aggregate_pkt() (git-fixes). * wifi: nl80211: fix NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST usage (git- fixes). * wifi: nl80211: require admin perm on SET_PMK / DEL_PMK (git-fixes). * wifi: rsi: fix kthread lifetime race between self-exit and external-stop (git-fixes). * wifi: rt2x00usb: fix devres lifetime (git-fixes). * wifi: rtlwifi: pci: fix possible use-after-free caused by unfinished irq_prepare_bcn_tasklet (git-fixes). * wifi: rtw88: check for PCI upstream bridge existence (git-fixes). * wifi: rtw88: fix device leak on probe failure (git-fixes). * wifi: rtw89: phy: fix uninitialized variable access in rtw89_phy_cfo_set_crystal_cap() (git-fixes). * wifi: wl1251: validate packet IDs before indexing tx_frames (stable-fixes). * workqueue: Break up enum definitions and give names to the types (bsc#1260522). * workqueue: Clean up enum work_bits and related constants (bsc#1260522). * workqueue: Factor out work_grab_pending() from __cancel_work_sync() (bsc#1260522). * workqueue: Fix UBSAN 'subtraction overflow' error in shift_and_mask() (bsc#1260522). * workqueue: Implement disable/enable for (delayed) work items (bsc#1260522). * workqueue: Introduce work_cancel_flags (bsc#1260522). * workqueue: Make @flags handling consistent across set_work_data() and friends (bsc#1260522). * workqueue: Preserve OFFQ bits in cancel[_sync] paths (bsc#1260522). * workqueue: Rename __cancel_work_timer() to __cancel_timer_sync() (bsc#1260522). * workqueue: Reorganize flush and cancel[_sync] functions (bsc#1260522). * x86/boot/64: Clear most of CR4 in startup_64(), except PAE, MCE and LA57 (git-fixes). * x86/boot/sev: Avoid shared GHCB page for early memory acceptance (git- fixes). * x86/boot: Don't add the EFI stub to targets, again (git-fixes). * x86/boot: Fix page table access in 5-level to 4-level paging transition (git-fixes). * x86/CPU/AMD: Add models 0x60-0x6f to the Zen5 range (bsc#1263255). * x86/CPU/AMD: Add X86_FEATURE_ZEN6 (bsc#1263255). * x86/cpu: Remove X86_CR4_FRED from the CR4 pinned bits mask (git-fixes). * x86/cpufeatures: Free up unused feature bits (bsc#1263255). * x86/fred: Remove ENDBR64 from FRED entry points (git-fixes). * x86: KVM: Advertise CPUIDs for new instructions in Clearwater Forest (jsc#PED-16245). * X.509: Fix out-of-bounds access when parsing extensions (git-fixes). * Xarray: do not return sibling entries from xas_find_marked() (bsc#1263815). * xfrm: esp: avoid in-place decrypt on shared skb frags (bsc#1264449). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Availability Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-HA-15-SP7-2026-2238=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2238=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2026-2238=1 * Legacy Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP7-2026-2238=1 * Public Cloud Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP7-2026-2238=1 * SUSE Linux Enterprise Workstation Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2026-2238=1 * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-2238=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. ## Package List: * SUSE Linux Enterprise High Availability Extension 15 SP7 (aarch64 ppc64le s390x x86_64) * cluster-md-kmp-default-6.4.0-150700.53.55.1 * kernel-default-debuginfo-6.4.0-150700.53.55.1 * ocfs2-kmp-default-debuginfo-6.4.0-150700.53.55.1 * dlm-kmp-default-debuginfo-6.4.0-150700.53.55.1 * kernel-default-debugsource-6.4.0-150700.53.55.1 * gfs2-kmp-default-6.4.0-150700.53.55.1 * gfs2-kmp-default-debuginfo-6.4.0-150700.53.55.1 * dlm-kmp-default-6.4.0-150700.53.55.1 * cluster-md-kmp-default-debuginfo-6.4.0-150700.53.55.1 * ocfs2-kmp-default-6.4.0-150700.53.55.1 * SUSE Linux Enterprise High Availability Extension 15 SP7 (nosrc) * kernel-default-6.4.0-150700.53.55.1 * Basesystem Module 15-SP7 (aarch64 nosrc) * kernel-64kb-6.4.0-150700.53.55.1 * Basesystem Module 15-SP7 (aarch64) * kernel-64kb-devel-debuginfo-6.4.0-150700.53.55.1 * kernel-64kb-debugsource-6.4.0-150700.53.55.1 * kernel-64kb-devel-6.4.0-150700.53.55.1 * kernel-64kb-debuginfo-6.4.0-150700.53.55.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-150700.53.55.1 * Basesystem Module 15-SP7 (aarch64 ppc64le x86_64) * kernel-default-base-6.4.0-150700.53.55.1.150700.17.33.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-debuginfo-6.4.0-150700.53.55.1 * kernel-default-debuginfo-6.4.0-150700.53.55.1 * kernel-default-debugsource-6.4.0-150700.53.55.1 * kernel-default-devel-6.4.0-150700.53.55.1 * Basesystem Module 15-SP7 (noarch) * kernel-devel-6.4.0-150700.53.55.1 * kernel-macros-6.4.0-150700.53.55.1 * Basesystem Module 15-SP7 (nosrc s390x) * kernel-zfcpdump-6.4.0-150700.53.55.1 * Basesystem Module 15-SP7 (s390x) * kernel-zfcpdump-debuginfo-6.4.0-150700.53.55.1 * kernel-zfcpdump-debugsource-6.4.0-150700.53.55.1 * Development Tools Module 15-SP7 (noarch nosrc) * kernel-docs-6.4.0-150700.53.55.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * kernel-syms-6.4.0-150700.53.55.1 * kernel-obs-build-6.4.0-150700.53.55.1 * kernel-obs-build-debugsource-6.4.0-150700.53.55.1 * Development Tools Module 15-SP7 (noarch) * kernel-source-6.4.0-150700.53.55.1 * Legacy Module 15-SP7 (nosrc) * kernel-default-6.4.0-150700.53.55.1 * Legacy Module 15-SP7 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-6.4.0-150700.53.55.1 * kernel-default-debugsource-6.4.0-150700.53.55.1 * reiserfs-kmp-default-debuginfo-6.4.0-150700.53.55.1 * reiserfs-kmp-default-6.4.0-150700.53.55.1 * Public Cloud Module 15-SP7 (aarch64 nosrc x86_64) * kernel-azure-6.4.0-150700.53.55.1 * Public Cloud Module 15-SP7 (aarch64 x86_64) * kernel-azure-debugsource-6.4.0-150700.53.55.1 * kernel-azure-debuginfo-6.4.0-150700.53.55.1 * kernel-azure-devel-debuginfo-6.4.0-150700.53.55.1 * kernel-azure-devel-6.4.0-150700.53.55.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (nosrc) * kernel-default-6.4.0-150700.53.55.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64) * kernel-default-debuginfo-6.4.0-150700.53.55.1 * kernel-default-extra-debuginfo-6.4.0-150700.53.55.1 * kernel-default-debugsource-6.4.0-150700.53.55.1 * kernel-default-extra-6.4.0-150700.53.55.1 * SUSE Linux Enterprise Live Patching 15-SP7 (nosrc) * kernel-default-6.4.0-150700.53.55.1 * SUSE Linux Enterprise Live Patching 15-SP7 (ppc64le s390x x86_64) * kernel-default-debuginfo-6.4.0-150700.53.55.1 * kernel-default-livepatch-6.4.0-150700.53.55.1 * kernel-livepatch-6_4_0-150700_53_55-default-debuginfo-1-150700.15.3.1 * kernel-default-debugsource-6.4.0-150700.53.55.1 * kernel-default-livepatch-devel-6.4.0-150700.53.55.1 * kernel-livepatch-SLE15-SP7_Update_15-debugsource-1-150700.15.3.1 * kernel-livepatch-6_4_0-150700_53_55-default-1-150700.15.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-20585.html * https://www.suse.com/security/cve/CVE-2025-40219.html * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2025-68310.html * https://www.suse.com/security/cve/CVE-2025-71183.html * https://www.suse.com/security/cve/CVE-2025-71238.html * https://www.suse.com/security/cve/CVE-2026-23168.html * https://www.suse.com/security/cve/CVE-2026-23209.html * https://www.suse.com/security/cve/CVE-2026-23236.html * https://www.suse.com/security/cve/CVE-2026-23237.html * https://www.suse.com/security/cve/CVE-2026-23239.html * https://www.suse.com/security/cve/CVE-2026-23240.html * https://www.suse.com/security/cve/CVE-2026-23245.html * https://www.suse.com/security/cve/CVE-2026-23246.html * https://www.suse.com/security/cve/CVE-2026-23253.html * https://www.suse.com/security/cve/CVE-2026-23260.html * https://www.suse.com/security/cve/CVE-2026-23261.html * https://www.suse.com/security/cve/CVE-2026-23262.html * https://www.suse.com/security/cve/CVE-2026-23264.html * https://www.suse.com/security/cve/CVE-2026-23266.html * https://www.suse.com/security/cve/CVE-2026-23268.html * https://www.suse.com/security/cve/CVE-2026-23269.html * https://www.suse.com/security/cve/CVE-2026-23271.html * https://www.suse.com/security/cve/CVE-2026-23273.html * https://www.suse.com/security/cve/CVE-2026-23276.html * https://www.suse.com/security/cve/CVE-2026-23279.html * https://www.suse.com/security/cve/CVE-2026-23290.html * https://www.suse.com/security/cve/CVE-2026-23291.html * https://www.suse.com/security/cve/CVE-2026-23298.html * https://www.suse.com/security/cve/CVE-2026-23300.html * https://www.suse.com/security/cve/CVE-2026-23304.html * https://www.suse.com/security/cve/CVE-2026-23306.html * https://www.suse.com/security/cve/CVE-2026-23307.html * https://www.suse.com/security/cve/CVE-2026-23308.html * https://www.suse.com/security/cve/CVE-2026-23312.html * https://www.suse.com/security/cve/CVE-2026-23313.html * https://www.suse.com/security/cve/CVE-2026-23315.html * https://www.suse.com/security/cve/CVE-2026-23318.html * https://www.suse.com/security/cve/CVE-2026-23321.html * https://www.suse.com/security/cve/CVE-2026-23324.html * https://www.suse.com/security/cve/CVE-2026-23325.html * https://www.suse.com/security/cve/CVE-2026-23335.html * https://www.suse.com/security/cve/CVE-2026-23336.html * https://www.suse.com/security/cve/CVE-2026-23339.html * https://www.suse.com/security/cve/CVE-2026-23340.html * https://www.suse.com/security/cve/CVE-2026-23343.html * https://www.suse.com/security/cve/CVE-2026-23346.html * https://www.suse.com/security/cve/CVE-2026-23351.html * https://www.suse.com/security/cve/CVE-2026-23354.html * https://www.suse.com/security/cve/CVE-2026-23357.html * https://www.suse.com/security/cve/CVE-2026-23362.html * https://www.suse.com/security/cve/CVE-2026-23363.html * https://www.suse.com/security/cve/CVE-2026-23365.html * https://www.suse.com/security/cve/CVE-2026-23367.html * https://www.suse.com/security/cve/CVE-2026-23368.html * https://www.suse.com/security/cve/CVE-2026-23370.html * https://www.suse.com/security/cve/CVE-2026-23372.html * https://www.suse.com/security/cve/CVE-2026-23373.html * https://www.suse.com/security/cve/CVE-2026-23374.html * https://www.suse.com/security/cve/CVE-2026-23378.html * https://www.suse.com/security/cve/CVE-2026-23382.html * https://www.suse.com/security/cve/CVE-2026-23383.html * https://www.suse.com/security/cve/CVE-2026-23391.html * https://www.suse.com/security/cve/CVE-2026-23392.html * https://www.suse.com/security/cve/CVE-2026-23393.html * https://www.suse.com/security/cve/CVE-2026-23395.html * https://www.suse.com/security/cve/CVE-2026-23396.html * https://www.suse.com/security/cve/CVE-2026-23397.html * https://www.suse.com/security/cve/CVE-2026-23399.html * https://www.suse.com/security/cve/CVE-2026-23403.html * https://www.suse.com/security/cve/CVE-2026-23404.html * https://www.suse.com/security/cve/CVE-2026-23405.html * https://www.suse.com/security/cve/CVE-2026-23406.html * https://www.suse.com/security/cve/CVE-2026-23407.html * https://www.suse.com/security/cve/CVE-2026-23408.html * https://www.suse.com/security/cve/CVE-2026-23409.html * https://www.suse.com/security/cve/CVE-2026-23410.html * https://www.suse.com/security/cve/CVE-2026-23411.html * https://www.suse.com/security/cve/CVE-2026-23412.html * https://www.suse.com/security/cve/CVE-2026-23418.html * https://www.suse.com/security/cve/CVE-2026-23419.html * https://www.suse.com/security/cve/CVE-2026-23420.html * https://www.suse.com/security/cve/CVE-2026-23426.html * https://www.suse.com/security/cve/CVE-2026-23434.html * https://www.suse.com/security/cve/CVE-2026-23440.html * https://www.suse.com/security/cve/CVE-2026-23441.html * https://www.suse.com/security/cve/CVE-2026-23442.html * https://www.suse.com/security/cve/CVE-2026-23443.html * https://www.suse.com/security/cve/CVE-2026-23445.html * https://www.suse.com/security/cve/CVE-2026-23446.html * https://www.suse.com/security/cve/CVE-2026-23447.html * https://www.suse.com/security/cve/CVE-2026-23448.html * https://www.suse.com/security/cve/CVE-2026-23449.html * https://www.suse.com/security/cve/CVE-2026-23450.html * https://www.suse.com/security/cve/CVE-2026-23452.html * https://www.suse.com/security/cve/CVE-2026-23454.html * https://www.suse.com/security/cve/CVE-2026-23455.html * https://www.suse.com/security/cve/CVE-2026-23456.html * https://www.suse.com/security/cve/CVE-2026-23457.html * https://www.suse.com/security/cve/CVE-2026-23458.html * https://www.suse.com/security/cve/CVE-2026-23460.html * https://www.suse.com/security/cve/CVE-2026-23461.html * https://www.suse.com/security/cve/CVE-2026-23462.html * https://www.suse.com/security/cve/CVE-2026-23463.html * https://www.suse.com/security/cve/CVE-2026-23465.html * https://www.suse.com/security/cve/CVE-2026-23466.html * https://www.suse.com/security/cve/CVE-2026-23468.html * https://www.suse.com/security/cve/CVE-2026-23470.html * https://www.suse.com/security/cve/CVE-2026-23472.html * https://www.suse.com/security/cve/CVE-2026-23473.html * https://www.suse.com/security/cve/CVE-2026-23474.html * https://www.suse.com/security/cve/CVE-2026-23475.html * https://www.suse.com/security/cve/CVE-2026-31389.html * https://www.suse.com/security/cve/CVE-2026-31392.html * https://www.suse.com/security/cve/CVE-2026-31393.html * https://www.suse.com/security/cve/CVE-2026-31394.html * https://www.suse.com/security/cve/CVE-2026-31395.html * https://www.suse.com/security/cve/CVE-2026-31400.html * https://www.suse.com/security/cve/CVE-2026-31402.html * https://www.suse.com/security/cve/CVE-2026-31403.html * https://www.suse.com/security/cve/CVE-2026-31404.html * https://www.suse.com/security/cve/CVE-2026-31405.html * https://www.suse.com/security/cve/CVE-2026-31407.html * https://www.suse.com/security/cve/CVE-2026-31408.html * https://www.suse.com/security/cve/CVE-2026-31411.html * https://www.suse.com/security/cve/CVE-2026-31412.html * https://www.suse.com/security/cve/CVE-2026-31415.html * https://www.suse.com/security/cve/CVE-2026-31416.html * https://www.suse.com/security/cve/CVE-2026-31417.html * https://www.suse.com/security/cve/CVE-2026-31420.html * https://www.suse.com/security/cve/CVE-2026-31421.html * https://www.suse.com/security/cve/CVE-2026-31422.html * https://www.suse.com/security/cve/CVE-2026-31423.html * https://www.suse.com/security/cve/CVE-2026-31424.html * https://www.suse.com/security/cve/CVE-2026-31425.html * https://www.suse.com/security/cve/CVE-2026-31426.html * https://www.suse.com/security/cve/CVE-2026-31427.html * https://www.suse.com/security/cve/CVE-2026-31428.html * https://www.suse.com/security/cve/CVE-2026-31436.html * https://www.suse.com/security/cve/CVE-2026-31449.html * https://www.suse.com/security/cve/CVE-2026-31470.html * https://www.suse.com/security/cve/CVE-2026-31488.html * https://www.suse.com/security/cve/CVE-2026-31494.html * https://www.suse.com/security/cve/CVE-2026-31496.html * https://www.suse.com/security/cve/CVE-2026-31504.html * https://www.suse.com/security/cve/CVE-2026-31505.html * https://www.suse.com/security/cve/CVE-2026-31507.html * https://www.suse.com/security/cve/CVE-2026-31512.html * https://www.suse.com/security/cve/CVE-2026-31515.html * https://www.suse.com/security/cve/CVE-2026-31519.html * https://www.suse.com/security/cve/CVE-2026-31525.html * https://www.suse.com/security/cve/CVE-2026-31528.html * https://www.suse.com/security/cve/CVE-2026-31533.html * https://www.suse.com/security/cve/CVE-2026-31547.html * https://www.suse.com/security/cve/CVE-2026-31550.html * https://www.suse.com/security/cve/CVE-2026-31565.html * https://www.suse.com/security/cve/CVE-2026-31570.html * https://www.suse.com/security/cve/CVE-2026-31586.html * https://www.suse.com/security/cve/CVE-2026-31588.html * https://www.suse.com/security/cve/CVE-2026-31602.html * https://www.suse.com/security/cve/CVE-2026-31607.html * https://www.suse.com/security/cve/CVE-2026-31622.html * https://www.suse.com/security/cve/CVE-2026-31649.html * https://www.suse.com/security/cve/CVE-2026-31656.html * https://www.suse.com/security/cve/CVE-2026-31662.html * https://www.suse.com/security/cve/CVE-2026-31668.html * https://www.suse.com/security/cve/CVE-2026-31669.html * https://www.suse.com/security/cve/CVE-2026-31675.html * https://www.suse.com/security/cve/CVE-2026-31679.html * https://www.suse.com/security/cve/CVE-2026-31681.html * https://www.suse.com/security/cve/CVE-2026-31682.html * https://www.suse.com/security/cve/CVE-2026-31684.html * https://www.suse.com/security/cve/CVE-2026-31685.html * https://www.suse.com/security/cve/CVE-2026-31694.html * https://www.suse.com/security/cve/CVE-2026-31700.html * https://www.suse.com/security/cve/CVE-2026-31738.html * https://www.suse.com/security/cve/CVE-2026-31787.html * https://www.suse.com/security/cve/CVE-2026-43009.html * https://www.suse.com/security/cve/CVE-2026-43025.html * https://www.suse.com/security/cve/CVE-2026-43027.html * https://www.suse.com/security/cve/CVE-2026-43037.html * https://www.suse.com/security/cve/CVE-2026-43038.html * https://www.suse.com/security/cve/CVE-2026-43044.html * https://www.suse.com/security/cve/CVE-2026-43050.html * https://www.suse.com/security/cve/CVE-2026-43060.html * https://www.suse.com/security/cve/CVE-2026-43088.html * https://www.suse.com/security/cve/CVE-2026-43110.html * https://www.suse.com/security/cve/CVE-2026-43120.html * https://www.suse.com/security/cve/CVE-2026-43126.html * https://www.suse.com/security/cve/CVE-2026-43190.html * https://www.suse.com/security/cve/CVE-2026-43214.html * https://www.suse.com/security/cve/CVE-2026-43265.html * https://www.suse.com/security/cve/CVE-2026-43329.html * https://www.suse.com/security/cve/CVE-2026-43330.html * https://www.suse.com/security/cve/CVE-2026-43334.html * https://www.suse.com/security/cve/CVE-2026-43365.html * https://www.suse.com/security/cve/CVE-2026-43366.html * https://www.suse.com/security/cve/CVE-2026-43419.html * https://www.suse.com/security/cve/CVE-2026-43437.html * https://www.suse.com/security/cve/CVE-2026-43441.html * https://www.suse.com/security/cve/CVE-2026-43494.html * https://www.suse.com/security/cve/CVE-2026-43503.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1225897 * https://bugzilla.suse.com/show_bug.cgi?id=1234634 * https://bugzilla.suse.com/show_bug.cgi?id=1237452 * https://bugzilla.suse.com/show_bug.cgi?id=1241166 * https://bugzilla.suse.com/show_bug.cgi?id=1243603 * https://bugzilla.suse.com/show_bug.cgi?id=1248754 * https://bugzilla.suse.com/show_bug.cgi?id=1249104 * https://bugzilla.suse.com/show_bug.cgi?id=1253122 * https://bugzilla.suse.com/show_bug.cgi?id=1253754 * https://bugzilla.suse.com/show_bug.cgi?id=1254518 * https://bugzilla.suse.com/show_bug.cgi?id=1255160 * https://bugzilla.suse.com/show_bug.cgi?id=1255752 * https://bugzilla.suse.com/show_bug.cgi?id=1256863 * https://bugzilla.suse.com/show_bug.cgi?id=1257183 * https://bugzilla.suse.com/show_bug.cgi?id=1257631 * https://bugzilla.suse.com/show_bug.cgi?id=1258518 * https://bugzilla.suse.com/show_bug.cgi?id=1258718 * https://bugzilla.suse.com/show_bug.cgi?id=1258826 * https://bugzilla.suse.com/show_bug.cgi?id=1258849 * https://bugzilla.suse.com/show_bug.cgi?id=1258850 * https://bugzilla.suse.com/show_bug.cgi?id=1258854 * https://bugzilla.suse.com/show_bug.cgi?id=1258855 * https://bugzilla.suse.com/show_bug.cgi?id=1258856 * https://bugzilla.suse.com/show_bug.cgi?id=1258857 * https://bugzilla.suse.com/show_bug.cgi?id=1258961 * https://bugzilla.suse.com/show_bug.cgi?id=1259186 * https://bugzilla.suse.com/show_bug.cgi?id=1259199 * https://bugzilla.suse.com/show_bug.cgi?id=1259222 * https://bugzilla.suse.com/show_bug.cgi?id=1259461 * https://bugzilla.suse.com/show_bug.cgi?id=1259484 * https://bugzilla.suse.com/show_bug.cgi?id=1259485 * https://bugzilla.suse.com/show_bug.cgi?id=1259535 * https://bugzilla.suse.com/show_bug.cgi?id=1259672 * https://bugzilla.suse.com/show_bug.cgi?id=1259799 * https://bugzilla.suse.com/show_bug.cgi?id=1259806 * https://bugzilla.suse.com/show_bug.cgi?id=1259857 * https://bugzilla.suse.com/show_bug.cgi?id=1259868 * https://bugzilla.suse.com/show_bug.cgi?id=1259869 * https://bugzilla.suse.com/show_bug.cgi?id=1259870 * https://bugzilla.suse.com/show_bug.cgi?id=1259871 * https://bugzilla.suse.com/show_bug.cgi?id=1259873 * https://bugzilla.suse.com/show_bug.cgi?id=1259878 * https://bugzilla.suse.com/show_bug.cgi?id=1259995 * https://bugzilla.suse.com/show_bug.cgi?id=1260010 * https://bugzilla.suse.com/show_bug.cgi?id=1260012 * https://bugzilla.suse.com/show_bug.cgi?id=1260018 * https://bugzilla.suse.com/show_bug.cgi?id=1260428 * https://bugzilla.suse.com/show_bug.cgi?id=1260468 * https://bugzilla.suse.com/show_bug.cgi?id=1260483 * https://bugzilla.suse.com/show_bug.cgi?id=1260484 * https://bugzilla.suse.com/show_bug.cgi?id=1260485 * https://bugzilla.suse.com/show_bug.cgi?id=1260489 * https://bugzilla.suse.com/show_bug.cgi?id=1260497 * https://bugzilla.suse.com/show_bug.cgi?id=1260501 * https://bugzilla.suse.com/show_bug.cgi?id=1260504 * https://bugzilla.suse.com/show_bug.cgi?id=1260505 * https://bugzilla.suse.com/show_bug.cgi?id=1260507 * https://bugzilla.suse.com/show_bug.cgi?id=1260522 * https://bugzilla.suse.com/show_bug.cgi?id=1260523 * https://bugzilla.suse.com/show_bug.cgi?id=1260526 * https://bugzilla.suse.com/show_bug.cgi?id=1260527 * https://bugzilla.suse.com/show_bug.cgi?id=1260528 * https://bugzilla.suse.com/show_bug.cgi?id=1260529 * https://bugzilla.suse.com/show_bug.cgi?id=1260530 * https://bugzilla.suse.com/show_bug.cgi?id=1260531 * https://bugzilla.suse.com/show_bug.cgi?id=1260532 * https://bugzilla.suse.com/show_bug.cgi?id=1260533 * https://bugzilla.suse.com/show_bug.cgi?id=1260536 * https://bugzilla.suse.com/show_bug.cgi?id=1260537 * https://bugzilla.suse.com/show_bug.cgi?id=1260538 * https://bugzilla.suse.com/show_bug.cgi?id=1260541 * https://bugzilla.suse.com/show_bug.cgi?id=1260544 * https://bugzilla.suse.com/show_bug.cgi?id=1260546 * https://bugzilla.suse.com/show_bug.cgi?id=1260549 * https://bugzilla.suse.com/show_bug.cgi?id=1260550 * https://bugzilla.suse.com/show_bug.cgi?id=1260551 * https://bugzilla.suse.com/show_bug.cgi?id=1260552 * https://bugzilla.suse.com/show_bug.cgi?id=1260553 * https://bugzilla.suse.com/show_bug.cgi?id=1260555 * https://bugzilla.suse.com/show_bug.cgi?id=1260561 * https://bugzilla.suse.com/show_bug.cgi?id=1260566 * https://bugzilla.suse.com/show_bug.cgi?id=1260572 * https://bugzilla.suse.com/show_bug.cgi?id=1260580 * https://bugzilla.suse.com/show_bug.cgi?id=1260581 * https://bugzilla.suse.com/show_bug.cgi?id=1260728 * https://bugzilla.suse.com/show_bug.cgi?id=1260729 * https://bugzilla.suse.com/show_bug.cgi?id=1260731 * https://bugzilla.suse.com/show_bug.cgi?id=1260800 * https://bugzilla.suse.com/show_bug.cgi?id=1260801 * https://bugzilla.suse.com/show_bug.cgi?id=1260811 * https://bugzilla.suse.com/show_bug.cgi?id=1260989 * https://bugzilla.suse.com/show_bug.cgi?id=1261020 * https://bugzilla.suse.com/show_bug.cgi?id=1261287 * https://bugzilla.suse.com/show_bug.cgi?id=1261295 * https://bugzilla.suse.com/show_bug.cgi?id=1261348 * https://bugzilla.suse.com/show_bug.cgi?id=1261412 * https://bugzilla.suse.com/show_bug.cgi?id=1261503 * https://bugzilla.suse.com/show_bug.cgi?id=1261504 * https://bugzilla.suse.com/show_bug.cgi?id=1261505 * https://bugzilla.suse.com/show_bug.cgi?id=1261507 * https://bugzilla.suse.com/show_bug.cgi?id=1261555 * https://bugzilla.suse.com/show_bug.cgi?id=1261581 * https://bugzilla.suse.com/show_bug.cgi?id=1261582 * https://bugzilla.suse.com/show_bug.cgi?id=1261584 * https://bugzilla.suse.com/show_bug.cgi?id=1261585 * https://bugzilla.suse.com/show_bug.cgi?id=1261601 * https://bugzilla.suse.com/show_bug.cgi?id=1261602 * https://bugzilla.suse.com/show_bug.cgi?id=1261618 * https://bugzilla.suse.com/show_bug.cgi?id=1261628 * https://bugzilla.suse.com/show_bug.cgi?id=1261632 * https://bugzilla.suse.com/show_bug.cgi?id=1261636 * https://bugzilla.suse.com/show_bug.cgi?id=1261637 * https://bugzilla.suse.com/show_bug.cgi?id=1261638 * https://bugzilla.suse.com/show_bug.cgi?id=1261641 * https://bugzilla.suse.com/show_bug.cgi?id=1261644 * https://bugzilla.suse.com/show_bug.cgi?id=1261645 * https://bugzilla.suse.com/show_bug.cgi?id=1261648 * https://bugzilla.suse.com/show_bug.cgi?id=1261669 * https://bugzilla.suse.com/show_bug.cgi?id=1261679 * https://bugzilla.suse.com/show_bug.cgi?id=1261685 * https://bugzilla.suse.com/show_bug.cgi?id=1261686 * https://bugzilla.suse.com/show_bug.cgi?id=1261687 * https://bugzilla.suse.com/show_bug.cgi?id=1261692 * https://bugzilla.suse.com/show_bug.cgi?id=1261694 * https://bugzilla.suse.com/show_bug.cgi?id=1261700 * https://bugzilla.suse.com/show_bug.cgi?id=1261702 * https://bugzilla.suse.com/show_bug.cgi?id=1261703 * https://bugzilla.suse.com/show_bug.cgi?id=1261707 * https://bugzilla.suse.com/show_bug.cgi?id=1261710 * https://bugzilla.suse.com/show_bug.cgi?id=1261713 * https://bugzilla.suse.com/show_bug.cgi?id=1261714 * https://bugzilla.suse.com/show_bug.cgi?id=1261719 * https://bugzilla.suse.com/show_bug.cgi?id=1261738 * https://bugzilla.suse.com/show_bug.cgi?id=1261750 * https://bugzilla.suse.com/show_bug.cgi?id=1261751 * https://bugzilla.suse.com/show_bug.cgi?id=1261752 * https://bugzilla.suse.com/show_bug.cgi?id=1261768 * https://bugzilla.suse.com/show_bug.cgi?id=1261778 * https://bugzilla.suse.com/show_bug.cgi?id=1261779 * https://bugzilla.suse.com/show_bug.cgi?id=1261780 * https://bugzilla.suse.com/show_bug.cgi?id=1261781 * https://bugzilla.suse.com/show_bug.cgi?id=1261786 * https://bugzilla.suse.com/show_bug.cgi?id=1261788 * https://bugzilla.suse.com/show_bug.cgi?id=1261789 * https://bugzilla.suse.com/show_bug.cgi?id=1261796 * https://bugzilla.suse.com/show_bug.cgi?id=1261797 * https://bugzilla.suse.com/show_bug.cgi?id=1261896 * https://bugzilla.suse.com/show_bug.cgi?id=1262019 * https://bugzilla.suse.com/show_bug.cgi?id=1262020 * https://bugzilla.suse.com/show_bug.cgi?id=1262053 * https://bugzilla.suse.com/show_bug.cgi?id=1262054 * https://bugzilla.suse.com/show_bug.cgi?id=1262055 * https://bugzilla.suse.com/show_bug.cgi?id=1262061 * https://bugzilla.suse.com/show_bug.cgi?id=1262063 * https://bugzilla.suse.com/show_bug.cgi?id=1262074 * https://bugzilla.suse.com/show_bug.cgi?id=1262078 * https://bugzilla.suse.com/show_bug.cgi?id=1262086 * https://bugzilla.suse.com/show_bug.cgi?id=1262087 * https://bugzilla.suse.com/show_bug.cgi?id=1262099 * https://bugzilla.suse.com/show_bug.cgi?id=1262100 * https://bugzilla.suse.com/show_bug.cgi?id=1262101 * https://bugzilla.suse.com/show_bug.cgi?id=1262179 * https://bugzilla.suse.com/show_bug.cgi?id=1262181 * https://bugzilla.suse.com/show_bug.cgi?id=1262250 * https://bugzilla.suse.com/show_bug.cgi?id=1262480 * https://bugzilla.suse.com/show_bug.cgi?id=1262526 * https://bugzilla.suse.com/show_bug.cgi?id=1262599 * https://bugzilla.suse.com/show_bug.cgi?id=1262602 * https://bugzilla.suse.com/show_bug.cgi?id=1262616 * https://bugzilla.suse.com/show_bug.cgi?id=1262665 * https://bugzilla.suse.com/show_bug.cgi?id=1262671 * https://bugzilla.suse.com/show_bug.cgi?id=1262673 * https://bugzilla.suse.com/show_bug.cgi?id=1262709 * https://bugzilla.suse.com/show_bug.cgi?id=1262725 * https://bugzilla.suse.com/show_bug.cgi?id=1262731 * https://bugzilla.suse.com/show_bug.cgi?id=1262734 * https://bugzilla.suse.com/show_bug.cgi?id=1262746 * https://bugzilla.suse.com/show_bug.cgi?id=1262752 * https://bugzilla.suse.com/show_bug.cgi?id=1262758 * https://bugzilla.suse.com/show_bug.cgi?id=1263001 * https://bugzilla.suse.com/show_bug.cgi?id=1263012 * https://bugzilla.suse.com/show_bug.cgi?id=1263018 * https://bugzilla.suse.com/show_bug.cgi?id=1263064 * https://bugzilla.suse.com/show_bug.cgi?id=1263065 * https://bugzilla.suse.com/show_bug.cgi?id=1263085 * https://bugzilla.suse.com/show_bug.cgi?id=1263093 * https://bugzilla.suse.com/show_bug.cgi?id=1263095 * https://bugzilla.suse.com/show_bug.cgi?id=1263104 * https://bugzilla.suse.com/show_bug.cgi?id=1263131 * https://bugzilla.suse.com/show_bug.cgi?id=1263140 * https://bugzilla.suse.com/show_bug.cgi?id=1263141 * https://bugzilla.suse.com/show_bug.cgi?id=1263149 * https://bugzilla.suse.com/show_bug.cgi?id=1263165 * https://bugzilla.suse.com/show_bug.cgi?id=1263170 * https://bugzilla.suse.com/show_bug.cgi?id=1263176 * https://bugzilla.suse.com/show_bug.cgi?id=1263255 * https://bugzilla.suse.com/show_bug.cgi?id=1263556 * https://bugzilla.suse.com/show_bug.cgi?id=1263582 * https://bugzilla.suse.com/show_bug.cgi?id=1263592 * https://bugzilla.suse.com/show_bug.cgi?id=1263593 * https://bugzilla.suse.com/show_bug.cgi?id=1263595 * https://bugzilla.suse.com/show_bug.cgi?id=1263596 * https://bugzilla.suse.com/show_bug.cgi?id=1263600 * https://bugzilla.suse.com/show_bug.cgi?id=1263668 * https://bugzilla.suse.com/show_bug.cgi?id=1263723 * https://bugzilla.suse.com/show_bug.cgi?id=1263797 * https://bugzilla.suse.com/show_bug.cgi?id=1263815 * https://bugzilla.suse.com/show_bug.cgi?id=1263877 * https://bugzilla.suse.com/show_bug.cgi?id=1263882 * https://bugzilla.suse.com/show_bug.cgi?id=1263901 * https://bugzilla.suse.com/show_bug.cgi?id=1263931 * https://bugzilla.suse.com/show_bug.cgi?id=1263933 * https://bugzilla.suse.com/show_bug.cgi?id=1263995 * https://bugzilla.suse.com/show_bug.cgi?id=1264013 * https://bugzilla.suse.com/show_bug.cgi?id=1264014 * https://bugzilla.suse.com/show_bug.cgi?id=1264059 * https://bugzilla.suse.com/show_bug.cgi?id=1264082 * https://bugzilla.suse.com/show_bug.cgi?id=1264087 * https://bugzilla.suse.com/show_bug.cgi?id=1264097 * https://bugzilla.suse.com/show_bug.cgi?id=1264183 * https://bugzilla.suse.com/show_bug.cgi?id=1264427 * https://bugzilla.suse.com/show_bug.cgi?id=1264449 * https://bugzilla.suse.com/show_bug.cgi?id=1264469 * https://bugzilla.suse.com/show_bug.cgi?id=1264482 * https://bugzilla.suse.com/show_bug.cgi?id=1264634 * https://bugzilla.suse.com/show_bug.cgi?id=1264651 * https://bugzilla.suse.com/show_bug.cgi?id=1264661 * https://bugzilla.suse.com/show_bug.cgi?id=1264674 * https://bugzilla.suse.com/show_bug.cgi?id=1264801 * https://bugzilla.suse.com/show_bug.cgi?id=1264848 * https://bugzilla.suse.com/show_bug.cgi?id=1265085 * https://bugzilla.suse.com/show_bug.cgi?id=1265090 * https://bugzilla.suse.com/show_bug.cgi?id=1265116 * https://bugzilla.suse.com/show_bug.cgi?id=1265119 * https://bugzilla.suse.com/show_bug.cgi?id=1265126 * https://bugzilla.suse.com/show_bug.cgi?id=1265144 * https://bugzilla.suse.com/show_bug.cgi?id=1265209 * https://bugzilla.suse.com/show_bug.cgi?id=1265421 * https://bugzilla.suse.com/show_bug.cgi?id=1265449 * https://bugzilla.suse.com/show_bug.cgi?id=1265456 * https://bugzilla.suse.com/show_bug.cgi?id=1265626 * https://bugzilla.suse.com/show_bug.cgi?id=1265846 * https://bugzilla.suse.com/show_bug.cgi?id=1265960 * https://jira.suse.com/browse/PED-10383 * https://jira.suse.com/browse/PED-10664 * https://jira.suse.com/browse/PED-11175 * https://jira.suse.com/browse/PED-16221 * https://jira.suse.com/browse/PED-16245 * https://jira.suse.com/browse/PED-7249 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 20:30:07 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 20:30:07 -0000 Subject: SUSE-SU-2026:2261-1: moderate: Security update for python-pyOpenSSL Message-ID: <178051860759.412.12432629408152842299@04080f4f8216> # Security update for python-pyOpenSSL Announcement ID: SUSE-SU-2026:2261-1 Release Date: 2026-06-03T15:32:18Z Rating: moderate References: * bsc#1262803 Cross-References: * CVE-2026-40475 CVSS scores: * CVE-2026-40475 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-40475 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * Public Cloud Module 15-SP4 * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python-pyOpenSSL fixes the following issue ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2261=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2026-2261=1 * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-2261=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-pyOpenSSL-23.2.0-150400.3.16.1 * Public Cloud Module 15-SP4 (noarch) * python311-pyOpenSSL-23.2.0-150400.3.16.1 * Python 3 Module 15-SP7 (noarch) * python311-pyOpenSSL-23.2.0-150400.3.16.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40475.html * https://bugzilla.suse.com/show_bug.cgi?id=1262803 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 20:30:13 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 20:30:13 -0000 Subject: SUSE-SU-2026:2260-1: moderate: Security update for python-pyOpenSSL Message-ID: <178051861327.412.659636619601088041@04080f4f8216> # Security update for python-pyOpenSSL Announcement ID: SUSE-SU-2026:2260-1 Release Date: 2026-06-03T15:31:59Z Rating: moderate References: * bsc#1262803 Cross-References: * CVE-2026-40475 CVSS scores: * CVE-2026-40475 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-40475 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python-pyOpenSSL fixes the following issue * CVE-2026-40475: improper input handling of null bytes can lead to silent data truncation and security-state inconsistency (bsc#1262803). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2260=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * python-pyOpenSSL-17.1.0-4.35.1 * python3-pyOpenSSL-17.1.0-4.35.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40475.html * https://bugzilla.suse.com/show_bug.cgi?id=1262803 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 20:30:16 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 20:30:16 -0000 Subject: SUSE-SU-2026:2259-1: moderate: Security update for python3-pyOpenSSL Message-ID: <178051861674.412.18121090138229152488@04080f4f8216> # Security update for python3-pyOpenSSL Announcement ID: SUSE-SU-2026:2259-1 Release Date: 2026-06-03T15:31:51Z Rating: moderate References: * bsc#1262803 Cross-References: * CVE-2026-40475 CVSS scores: * CVE-2026-40475 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-40475 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for python3-pyOpenSSL fixes the following issue * CVE-2026-40475: improper input handling of null bytes can lead to silent data truncation and security-state inconsistency (bsc#1262803). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2259=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2259=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2259=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2259=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2259=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2259=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2259=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * python3-pyOpenSSL-21.0.0-150400.13.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * python3-pyOpenSSL-21.0.0-150400.13.1 * openSUSE Leap 15.4 (noarch) * python3-pyOpenSSL-21.0.0-150400.13.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * python3-pyOpenSSL-21.0.0-150400.13.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * python3-pyOpenSSL-21.0.0-150400.13.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * python3-pyOpenSSL-21.0.0-150400.13.1 * Basesystem Module 15-SP7 (noarch) * python3-pyOpenSSL-21.0.0-150400.13.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40475.html * https://bugzilla.suse.com/show_bug.cgi?id=1262803 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 20:30:38 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 20:30:38 -0000 Subject: SUSE-SU-2026:2258-1: moderate: Security update for grafana Message-ID: <178051863862.412.17972498766972477440@04080f4f8216> # Security update for grafana Announcement ID: SUSE-SU-2026:2258-1 Release Date: 2026-06-03T14:22:06Z Rating: moderate References: * bsc#1258595 * bsc#1258873 * bsc#1259999 * bsc#1260263 * bsc#1260878 * bsc#1260881 * bsc#1261025 * bsc#1261026 * bsc#1261027 * bsc#1261029 * bsc#1262950 * bsc#1263501 * jsc#MSQA-1052 Cross-References: * CVE-2025-29923 * CVE-2026-21724 * CVE-2026-21725 * CVE-2026-26958 * CVE-2026-27876 * CVE-2026-27877 * CVE-2026-27879 * CVE-2026-28375 * CVE-2026-33186 * CVE-2026-33375 * CVE-2026-34986 * CVE-2026-41602 CVSS scores: * CVE-2025-29923 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-29923 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-21724 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-21724 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-21724 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-21724 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2026-21725 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-21725 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L * CVE-2026-21725 ( NVD ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2026-21725 ( NVD ): 2.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N * CVE-2026-26958 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2026-26958 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L * CVE-2026-26958 ( NVD ): 1.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27876 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-27876 ( SUSE ): 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-27876 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-27877 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-27877 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-27877 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-27877 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-27879 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-27879 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-27879 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-28375 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-28375 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-28375 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33186 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-33186 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33186 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33375 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33375 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34986 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34986 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34986 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-41602 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-41602 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-41602 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves 12 vulnerabilities and contains one feature can now be installed. ## Description: This update for grafana to version to 11.6.14+security01 fixes the following issues: * Security Fixes: * CVE-2026-34986: Fixed unrecoverable error in JWE decryption that could lead to a denial of service (bsc#1262950) * CVE-2026-41602: Fixed Integer Overflow or Wraparound vulnerability in Apache Thrift (bsc#1263501) * CVE-2026-26958: Ensure that MultiScalarMult properly handles initialization and produces correct results (bsc#1258595) * CVE-2026-21725: Fixed missing UID when deleting datasource by name (bsc#1258873) * CVE-2026-33375: Fixed denial of Service via out-of-memory exhaustion in MSSQL data source plugin (bsc#1260881) * CVE-2026-27876: Fixed remote arbitrary code execution via chained SQL Expressions (bsc#1261025) * CVE-2026-27877: Fixed information disclosure of data-source passwords via public dashboards (bsc#1261026) * CVE-2026-28375: Fixed denial of service via testdata data-source (bsc#1261029) * CVE-2026-27879: Fixed denial of service via resample query (bsc#1261027) * CVE-2026-33186: Fixed authorization bypass due to improper validation of the HTTP/2 :path pseudo-header (bsc#1260263) * CVE-2026-21724: Fixed authorization bypass allows modification of protected webhook URLs (bsc#1260878) * Highlights of other changes and bug fixes: * Version 11.6.13: * Wire the public dashboard service to the HTTP server * Version 11.6.12: * Update authentication redirect logic * Fixed single panel render with variable references ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2258=1 ## Package List: * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * grafana-11.6.14+security01-150200.3.88.1 * grafana-debuginfo-11.6.14+security01-150200.3.88.1 ## References: * https://www.suse.com/security/cve/CVE-2025-29923.html * https://www.suse.com/security/cve/CVE-2026-21724.html * https://www.suse.com/security/cve/CVE-2026-21725.html * https://www.suse.com/security/cve/CVE-2026-26958.html * https://www.suse.com/security/cve/CVE-2026-27876.html * https://www.suse.com/security/cve/CVE-2026-27877.html * https://www.suse.com/security/cve/CVE-2026-27879.html * https://www.suse.com/security/cve/CVE-2026-28375.html * https://www.suse.com/security/cve/CVE-2026-33186.html * https://www.suse.com/security/cve/CVE-2026-33375.html * https://www.suse.com/security/cve/CVE-2026-34986.html * https://www.suse.com/security/cve/CVE-2026-41602.html * https://bugzilla.suse.com/show_bug.cgi?id=1258595 * https://bugzilla.suse.com/show_bug.cgi?id=1258873 * https://bugzilla.suse.com/show_bug.cgi?id=1259999 * https://bugzilla.suse.com/show_bug.cgi?id=1260263 * https://bugzilla.suse.com/show_bug.cgi?id=1260878 * https://bugzilla.suse.com/show_bug.cgi?id=1260881 * https://bugzilla.suse.com/show_bug.cgi?id=1261025 * https://bugzilla.suse.com/show_bug.cgi?id=1261026 * https://bugzilla.suse.com/show_bug.cgi?id=1261027 * https://bugzilla.suse.com/show_bug.cgi?id=1261029 * https://bugzilla.suse.com/show_bug.cgi?id=1262950 * https://bugzilla.suse.com/show_bug.cgi?id=1263501 * https://jira.suse.com/browse/MSQA-1052 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 20:30:50 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 20:30:50 -0000 Subject: SUSE-SU-2026:2257-1: important: Security update for salt Message-ID: <178051865060.412.12583605685960640615@04080f4f8216> # Security update for salt Announcement ID: SUSE-SU-2026:2257-1 Release Date: 2026-06-03T14:21:02Z Rating: important References: * bsc#1254629 * bsc#1254900 * bsc#1257583 * bsc#1257831 * bsc#1259554 * bsc#1259700 * jsc#MSQA-1052 Cross-References: * CVE-2026-31958 CVSS scores: * CVE-2026-31958 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31958 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31958 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-31958 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * Systems Management Module 15-SP7 An update that solves one vulnerability, contains one feature and has five security fixes can now be installed. ## Description: This update for salt fixes the following issue: Security issues fixed: * CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service (bsc#1259554). Other updates and bugfixes: * Use non vendored Tornado with Python 3.11 (bsc#1257583, bsc#1259700) * Harden Tornado from invalid HTTP reason phrases * Read full URI from ldap pillar config (bsc#1254900) * Make users with backslash work for `salt-ssh` (bsc#1254629). * Fixed `ansible.playbooks` `extra-vars` quoting (bsc#1257831), * Fixed `virtualenv` call in test helper to use proper Python version. ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Systems Management Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Systems-Management-15-SP7-2026-2257=1 ## Package List: * Systems Management Module 15-SP7 (aarch64 ppc64le s390x x86_64) * salt-3006.0-150700.14.23.1 * salt-ssh-3006.0-150700.14.23.1 * salt-standalone-formulas-configuration-3006.0-150700.14.23.1 * salt-master-3006.0-150700.14.23.1 * python311-salt-3006.0-150700.14.23.1 * salt-doc-3006.0-150700.14.23.1 * salt-syndic-3006.0-150700.14.23.1 * salt-api-3006.0-150700.14.23.1 * salt-transactional-update-3006.0-150700.14.23.1 * salt-proxy-3006.0-150700.14.23.1 * salt-minion-3006.0-150700.14.23.1 * Systems Management Module 15-SP7 (noarch) * salt-bash-completion-3006.0-150700.14.23.1 * salt-fish-completion-3006.0-150700.14.23.1 * salt-zsh-completion-3006.0-150700.14.23.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31958.html * https://bugzilla.suse.com/show_bug.cgi?id=1254629 * https://bugzilla.suse.com/show_bug.cgi?id=1254900 * https://bugzilla.suse.com/show_bug.cgi?id=1257583 * https://bugzilla.suse.com/show_bug.cgi?id=1257831 * https://bugzilla.suse.com/show_bug.cgi?id=1259554 * https://bugzilla.suse.com/show_bug.cgi?id=1259700 * https://jira.suse.com/browse/MSQA-1052 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 20:31:02 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 20:31:02 -0000 Subject: SUSE-SU-2026:2256-1: important: Security update for salt Message-ID: <178051866296.412.5927111556342375615@04080f4f8216> # Security update for salt Announcement ID: SUSE-SU-2026:2256-1 Release Date: 2026-06-03T14:20:38Z Rating: important References: * bsc#1254629 * bsc#1254900 * bsc#1257583 * bsc#1257831 * bsc#1259554 * bsc#1259700 * jsc#MSQA-1052 Cross-References: * CVE-2026-31958 CVSS scores: * CVE-2026-31958 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31958 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31958 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-31958 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability, contains one feature and has five security fixes can now be installed. ## Description: This update for salt fixes the following issue: Security issues fixed: * CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service (bsc#1259554). Other updates and bugfixes: * Use non vendored Tornado with Python 3.11 (bsc#1257583, bsc#1259700) * Harden Tornado from invalid HTTP reason phrases * Read full URI from ldap pillar config (bsc#1254900) * Make users with backslash work for `salt-ssh` (bsc#1254629). * Fixed `ansible.playbooks` `extra-vars` quoting (bsc#1257831), * Fixed `virtualenv` call in test helper to use proper Python version. ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2256=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2256=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2256=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2256=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2256=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2256=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2256=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2256=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * salt-minion-3006.0-150500.4.75.1 * python3-salt-3006.0-150500.4.75.1 * salt-transactional-update-3006.0-150500.4.75.1 * salt-3006.0-150500.4.75.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * salt-api-3006.0-150500.4.75.1 * salt-syndic-3006.0-150500.4.75.1 * python311-salt-3006.0-150500.4.75.1 * salt-doc-3006.0-150500.4.75.1 * salt-ssh-3006.0-150500.4.75.1 * salt-proxy-3006.0-150500.4.75.1 * salt-standalone-formulas-configuration-3006.0-150500.4.75.1 * salt-3006.0-150500.4.75.1 * salt-cloud-3006.0-150500.4.75.1 * salt-master-3006.0-150500.4.75.1 * python3-salt-3006.0-150500.4.75.1 * salt-minion-3006.0-150500.4.75.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * salt-bash-completion-3006.0-150500.4.75.1 * salt-fish-completion-3006.0-150500.4.75.1 * salt-zsh-completion-3006.0-150500.4.75.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * salt-bash-completion-3006.0-150500.4.75.1 * salt-fish-completion-3006.0-150500.4.75.1 * salt-zsh-completion-3006.0-150500.4.75.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * salt-api-3006.0-150500.4.75.1 * salt-syndic-3006.0-150500.4.75.1 * python311-salt-3006.0-150500.4.75.1 * python3-salt-3006.0-150500.4.75.1 * salt-ssh-3006.0-150500.4.75.1 * salt-proxy-3006.0-150500.4.75.1 * salt-standalone-formulas-configuration-3006.0-150500.4.75.1 * salt-3006.0-150500.4.75.1 * salt-cloud-3006.0-150500.4.75.1 * salt-master-3006.0-150500.4.75.1 * salt-doc-3006.0-150500.4.75.1 * salt-minion-3006.0-150500.4.75.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * salt-api-3006.0-150500.4.75.1 * salt-syndic-3006.0-150500.4.75.1 * python311-salt-3006.0-150500.4.75.1 * salt-doc-3006.0-150500.4.75.1 * salt-ssh-3006.0-150500.4.75.1 * salt-proxy-3006.0-150500.4.75.1 * salt-standalone-formulas-configuration-3006.0-150500.4.75.1 * salt-3006.0-150500.4.75.1 * salt-cloud-3006.0-150500.4.75.1 * salt-master-3006.0-150500.4.75.1 * python3-salt-3006.0-150500.4.75.1 * salt-minion-3006.0-150500.4.75.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * salt-bash-completion-3006.0-150500.4.75.1 * salt-fish-completion-3006.0-150500.4.75.1 * salt-zsh-completion-3006.0-150500.4.75.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * salt-api-3006.0-150500.4.75.1 * salt-syndic-3006.0-150500.4.75.1 * python311-salt-3006.0-150500.4.75.1 * salt-doc-3006.0-150500.4.75.1 * salt-ssh-3006.0-150500.4.75.1 * salt-proxy-3006.0-150500.4.75.1 * python3-salt-testsuite-3006.0-150500.4.75.1 * salt-standalone-formulas-configuration-3006.0-150500.4.75.1 * salt-3006.0-150500.4.75.1 * salt-transactional-update-3006.0-150500.4.75.1 * salt-cloud-3006.0-150500.4.75.1 * salt-master-3006.0-150500.4.75.1 * python3-salt-3006.0-150500.4.75.1 * python311-salt-testsuite-3006.0-150500.4.75.1 * salt-minion-3006.0-150500.4.75.1 * openSUSE Leap 15.5 (noarch) * salt-bash-completion-3006.0-150500.4.75.1 * salt-fish-completion-3006.0-150500.4.75.1 * salt-zsh-completion-3006.0-150500.4.75.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * salt-api-3006.0-150500.4.75.1 * salt-syndic-3006.0-150500.4.75.1 * python311-salt-3006.0-150500.4.75.1 * salt-doc-3006.0-150500.4.75.1 * salt-ssh-3006.0-150500.4.75.1 * salt-proxy-3006.0-150500.4.75.1 * salt-standalone-formulas-configuration-3006.0-150500.4.75.1 * salt-3006.0-150500.4.75.1 * salt-cloud-3006.0-150500.4.75.1 * salt-master-3006.0-150500.4.75.1 * python3-salt-3006.0-150500.4.75.1 * salt-minion-3006.0-150500.4.75.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * salt-bash-completion-3006.0-150500.4.75.1 * salt-fish-completion-3006.0-150500.4.75.1 * salt-zsh-completion-3006.0-150500.4.75.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * salt-api-3006.0-150500.4.75.1 * salt-syndic-3006.0-150500.4.75.1 * python311-salt-3006.0-150500.4.75.1 * salt-doc-3006.0-150500.4.75.1 * salt-ssh-3006.0-150500.4.75.1 * salt-proxy-3006.0-150500.4.75.1 * salt-standalone-formulas-configuration-3006.0-150500.4.75.1 * salt-3006.0-150500.4.75.1 * salt-cloud-3006.0-150500.4.75.1 * salt-master-3006.0-150500.4.75.1 * python3-salt-3006.0-150500.4.75.1 * salt-minion-3006.0-150500.4.75.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * salt-bash-completion-3006.0-150500.4.75.1 * salt-fish-completion-3006.0-150500.4.75.1 * salt-zsh-completion-3006.0-150500.4.75.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * salt-api-3006.0-150500.4.75.1 * salt-syndic-3006.0-150500.4.75.1 * python311-salt-3006.0-150500.4.75.1 * salt-doc-3006.0-150500.4.75.1 * salt-ssh-3006.0-150500.4.75.1 * salt-proxy-3006.0-150500.4.75.1 * salt-standalone-formulas-configuration-3006.0-150500.4.75.1 * salt-3006.0-150500.4.75.1 * salt-cloud-3006.0-150500.4.75.1 * salt-master-3006.0-150500.4.75.1 * python3-salt-3006.0-150500.4.75.1 * salt-minion-3006.0-150500.4.75.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * salt-bash-completion-3006.0-150500.4.75.1 * salt-fish-completion-3006.0-150500.4.75.1 * salt-zsh-completion-3006.0-150500.4.75.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31958.html * https://bugzilla.suse.com/show_bug.cgi?id=1254629 * https://bugzilla.suse.com/show_bug.cgi?id=1254900 * https://bugzilla.suse.com/show_bug.cgi?id=1257583 * https://bugzilla.suse.com/show_bug.cgi?id=1257831 * https://bugzilla.suse.com/show_bug.cgi?id=1259554 * https://bugzilla.suse.com/show_bug.cgi?id=1259700 * https://jira.suse.com/browse/MSQA-1052 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 20:31:24 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 20:31:24 -0000 Subject: SUSE-SU-2026:2255-1: important: Security update 5.0.8 for Multi-Linux Manager Salt Bundle Message-ID: <178051868473.412.15054500046424103631@04080f4f8216> # Security update 5.0.8 for Multi-Linux Manager Salt Bundle Announcement ID: SUSE-SU-2026:2255-1 Release Date: 2026-06-03T14:19:09Z Rating: important References: * bsc#1254629 * bsc#1254900 * bsc#1257583 * bsc#1257831 * bsc#1258957 * bsc#1259554 * bsc#1259700 * bsc#1259804 * bsc#1259808 * jsc#MSQA-1052 Cross-References: * CVE-2026-27448 * CVE-2026-27459 * CVE-2026-31958 CVSS scores: * CVE-2026-27448 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-27448 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-27448 ( NVD ): 1.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27448 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-27459 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-27459 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-27459 ( NVD ): 7.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27459 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31958 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31958 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31958 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-31958 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Liberty Linux 9.6 EMS * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 An update that solves three vulnerabilities, contains one feature and has six security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * Security issues fixed: * CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service (bsc#1259554) * CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow (bsc#1259808) * CVE-2026-27448: pyOpenSSL: Fixed unhandled exception can result in connection not being cancelled (bsc#1259804) * Other updates and bugfixes: * Use non vendored Tornado with Python 3.11 (bsc#1257583, bsc#1259700) * Hardened Tornado from invalid HTTP reason phrases * Read full URI from ldap pillar config (bsc#1254900) * Make users with backslash work for `salt-ssh` (bsc#1254629). * Fixed `ansible.playbooks` `extra-vars` quoting (bsc#1257831), * Fixed `virtualenv` call in test helper to use proper Python version. * Fixed the issue preventing SELinux profile to be loaded on SLES 16 deployed using cloud images (bsc#1258957) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 zypper in -t patch SUSE-EL-9-CLIENT-TOOLS-2026-2255=1 ## Package List: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 (aarch64 ppc64le s390x x86_64) * venv-salt-minion-3006.0-1.76.1 ## References: * https://www.suse.com/security/cve/CVE-2026-27448.html * https://www.suse.com/security/cve/CVE-2026-27459.html * https://www.suse.com/security/cve/CVE-2026-31958.html * https://bugzilla.suse.com/show_bug.cgi?id=1254629 * https://bugzilla.suse.com/show_bug.cgi?id=1254900 * https://bugzilla.suse.com/show_bug.cgi?id=1257583 * https://bugzilla.suse.com/show_bug.cgi?id=1257831 * https://bugzilla.suse.com/show_bug.cgi?id=1258957 * https://bugzilla.suse.com/show_bug.cgi?id=1259554 * https://bugzilla.suse.com/show_bug.cgi?id=1259700 * https://bugzilla.suse.com/show_bug.cgi?id=1259804 * https://bugzilla.suse.com/show_bug.cgi?id=1259808 * https://jira.suse.com/browse/MSQA-1052 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 20:31:46 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 20:31:46 -0000 Subject: SUSE-SU-2026:2254-1: important: Security update 5.0.8 for Multi-Linux Manager Client Tools Message-ID: <178051870611.412.16897120929689506198@04080f4f8216> # Security update 5.0.8 for Multi-Linux Manager Client Tools Announcement ID: SUSE-SU-2026:2254-1 Release Date: 2026-06-03T14:18:10Z Rating: important References: * bsc#1236516 * bsc#1238686 * bsc#1248699 * bsc#1248707 * bsc#1252964 * bsc#1254619 * bsc#1257941 * bsc#1258927 * bsc#1259208 * bsc#1261810 * jsc#ECO-3319 * jsc#MSQA-1052 * jsc#PED-12485 * jsc#PED-7893 * jsc#PED-7928 Cross-References: * CVE-2022-21698 * CVE-2023-45288 * CVE-2025-22870 CVSS scores: * CVE-2022-21698 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2022-21698 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45288 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2023-45288 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2023-45288 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22870 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22870 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-22870 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L Affected Products: * SUSE Liberty Linux 9.6 EMS * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 An update that solves three vulnerabilities, contains five features and has seven security fixes can now be installed. ## Description: This update fixes the following issues: golang-github-QubitProducts-exporter_exporter: * Security Fixes: * CVE-2022-21698: Fixed denial of service using InstrumentHandlerCounter (bsc#1248707) golang-github-prometheus-node_exporter was updated from version 1.5.0 to 1.10.2: * Security Fixes: * Version 1.9.1: * CVE-2025-22870: Fixed potential proxy bypass using IPv6 zone IDs (bsc#1238686) * Version 1.9.0: * CVE-2023-45288: Close connections when receiving too many headers (bsc#1236516) * Highlights of other changes and bug fixes: * Backward Compatibility and packaging changes: * Added compatibility for Go 1.22/1.23 needed in older RHEL toolchains * Pinned golang.org/x/net to v0.37.0 for Go 1.22 compatibility * Version 1.10.2: * Fixed typo in Zswap metric name (meminfo) * Version 1.10.1: * Fixed mount points being collected multiple times (filesystem) * Refactored mountinfo parsing (bsc#1261810) * Added Zswap/Zswapped metrics (meminfo) * Version 1.10.0: * New collectors: PCIe devices, swaps * Added systemd virtualization metrics, AIX metrics * WiFi packet metrics, additional PCIe and TLB metrics * Changed mdadm to use sysfs, added erofs to excluded filesystems * Fixed bugs: cpufreq collector, ethtool metrics * Version 1.9.1: * Fixed missing IRQ on older kernels (pressure) * Version 1.9.0 (jsc#PED-12485): * Switched to Go log/slog for logging * Converted meminfo to use procfs library * New features: filesystem mount info, Btrfs commit stats, interrupt filtering, slabinfo filters, IRQ PSI metrics, hwmon filtering, network interface alias labels, GPU clock frequencies, AIX support, * Enhancements: TCP receive queue drop, block device rotational status, CPU online status, performance optimizations * Fixed: ZFS integer underflow, CPU pressure on limited systems, dataset name parsing * Version 1.8.x: * Fixed CPU pressure metric collection, CPU seconds on Solaris, pressure collector nil reference * Version 1.8.0: * New collectors: xfrm (IPsec), watchdog * Added CPU vulnerability mitigation labels, TCP out-of-order queue metrics, filesystem device error surfacing * Removed caching of os-release file modtime/filename * Fixed: hwmon nil pointer, ethtool metric sanitization, NetClass data race * Version 1.7.0 (jsc#PED-7893, jsc#PED-7928): * New: CPU vulnerabilities reporting from sysfs * Enhancements: parallelized filesystem stat calls, missing link speeds in ethtool, CPU MHz values, qdisc performance, hwmon filtering, rtnetlink for ARP stats * Fixed: netdev 32-bit fallback, btrfs handle leaks, NFSd v4 index * Version 1.6.0: * Deprecated ntp and supervisord collectors * Removed bcache cache_readaheads_totals metrics * Improved offline CPU handling (removed metrics for offline CPUs) * New: softirqs collector * Enhancements: ZFS zpool states and memory metrics, network interface admin state, CPU frequency governor, reduced btrfs privileges * Fixed: perf tracefs detection, thermal zone noise, Linux aarch64 interrupts prometheus-postgres_exporter: * Security Fixes: * CVE-2022-21698: Fixed denial of service using InstrumentHandlerCounter (bsc#1248699) scap-security-guide: * Update the SSG package description * Add SLE16 profiles to the build * Updated to 0.1.79 (jsc#ECO-3319) * Create SLE16 HIPAA profile * Create SLE16 PCI DSS 4 profile * Use Sequoia in RHEL 10 instead of GPG * New Profile for RHEL10: BSI * Move RHEL Control files to product files * Update RHEL 9 CCN profile * Various updates for SLE 12/15 spacecmd: * Version 5.0.16-0 * Update translation strings uyuni-tools: * Version 0.1.39-0 * mgrpxy ssh tuning should happen before crypto policies (bsc#1254619) * Fix default value for helm registry (bsc#1258927). * Use static supportconfig name to avoid dynamic search (bsc#1257941) * Do not nest multiple tarball files and instead collect all files into one tarball (bsc#1252964) * Show where final tarball was generated (bsc#1259208) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 zypper in -t patch SUSE-EL-9-CLIENT-TOOLS-2026-2254=1 ## Package List: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 (aarch64 ppc64le s390x x86_64) * golang-github-QubitProducts-exporter_exporter-debuginfo-0.4.0-1.9.1 * mgrctl-0.1.39-1.32.1 * prometheus-postgres_exporter-0.10.1-1.15.1 * mgrctl-debuginfo-0.1.39-1.32.1 * golang-github-QubitProducts-exporter_exporter-0.4.0-1.9.1 * golang-github-QubitProducts-exporter_exporter-debugsource-0.4.0-1.9.1 * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 (aarch64 ppc64le x86_64) * golang-github-prometheus-node_exporter-1.10.2-1.12.1 * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 (noarch) * mgrctl-zsh-completion-0.1.39-1.32.1 * mgrctl-bash-completion-0.1.39-1.32.1 * scap-security-guide-redhat-0.1.80-1.44.1 * spacecmd-5.0.16-1.61.1 ## References: * https://www.suse.com/security/cve/CVE-2022-21698.html * https://www.suse.com/security/cve/CVE-2023-45288.html * https://www.suse.com/security/cve/CVE-2025-22870.html * https://bugzilla.suse.com/show_bug.cgi?id=1236516 * https://bugzilla.suse.com/show_bug.cgi?id=1238686 * https://bugzilla.suse.com/show_bug.cgi?id=1248699 * https://bugzilla.suse.com/show_bug.cgi?id=1248707 * https://bugzilla.suse.com/show_bug.cgi?id=1252964 * https://bugzilla.suse.com/show_bug.cgi?id=1254619 * https://bugzilla.suse.com/show_bug.cgi?id=1257941 * https://bugzilla.suse.com/show_bug.cgi?id=1258927 * https://bugzilla.suse.com/show_bug.cgi?id=1259208 * https://bugzilla.suse.com/show_bug.cgi?id=1261810 * https://jira.suse.com/browse/ECO-3319 * https://jira.suse.com/browse/MSQA-1052 * https://jira.suse.com/browse/PED-12485 * https://jira.suse.com/browse/PED-7893 * https://jira.suse.com/browse/PED-7928 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 20:32:01 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 20:32:01 -0000 Subject: SUSE-SU-2026:2252-1: important: Security update for salt Message-ID: <178051872150.412.4243354285067434894@04080f4f8216> # Security update for salt Announcement ID: SUSE-SU-2026:2252-1 Release Date: 2026-06-03T14:16:35Z Rating: important References: * bsc#1254629 * bsc#1254900 * bsc#1257583 * bsc#1257831 * bsc#1259554 * bsc#1259700 * jsc#MSQA-1052 Cross-References: * CVE-2026-31958 CVSS scores: * CVE-2026-31958 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31958 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31958 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-31958 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability, contains one feature and has five security fixes can now be installed. ## Description: This update for salt fixes the following issue: Security issues fixed: * CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service (bsc#1259554). Other updates and bugfixes: * Use non vendored Tornado with Python 3.11 (bsc#1257583, bsc#1259700) * Harden Tornado from invalid HTTP reason phrases * Read full URI from ldap pillar config (bsc#1254900) * Make users with backslash work for `salt-ssh` (bsc#1254629). * Fixed `ansible.playbooks` `extra-vars` quoting (bsc#1257831), * Fixed `virtualenv` call in test helper to use proper Python version. ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2252=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2252=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2252=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2252=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2252=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2252=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2252=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2252=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2252=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python3-salt-testsuite-3006.0-150400.8.101.1 * salt-master-3006.0-150400.8.101.1 * salt-transactional-update-3006.0-150400.8.101.1 * salt-api-3006.0-150400.8.101.1 * python3-salt-3006.0-150400.8.101.1 * salt-doc-3006.0-150400.8.101.1 * salt-standalone-formulas-configuration-3006.0-150400.8.101.1 * salt-cloud-3006.0-150400.8.101.1 * python311-salt-testsuite-3006.0-150400.8.101.1 * salt-syndic-3006.0-150400.8.101.1 * python311-salt-3006.0-150400.8.101.1 * salt-ssh-3006.0-150400.8.101.1 * salt-proxy-3006.0-150400.8.101.1 * salt-minion-3006.0-150400.8.101.1 * salt-3006.0-150400.8.101.1 * openSUSE Leap 15.4 (noarch) * salt-fish-completion-3006.0-150400.8.101.1 * salt-bash-completion-3006.0-150400.8.101.1 * salt-zsh-completion-3006.0-150400.8.101.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * salt-minion-3006.0-150400.8.101.1 * salt-3006.0-150400.8.101.1 * salt-transactional-update-3006.0-150400.8.101.1 * python3-salt-3006.0-150400.8.101.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * salt-minion-3006.0-150400.8.101.1 * salt-3006.0-150400.8.101.1 * salt-transactional-update-3006.0-150400.8.101.1 * python3-salt-3006.0-150400.8.101.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * salt-fish-completion-3006.0-150400.8.101.1 * salt-bash-completion-3006.0-150400.8.101.1 * salt-zsh-completion-3006.0-150400.8.101.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * salt-master-3006.0-150400.8.101.1 * salt-transactional-update-3006.0-150400.8.101.1 * salt-api-3006.0-150400.8.101.1 * python3-salt-3006.0-150400.8.101.1 * salt-doc-3006.0-150400.8.101.1 * salt-standalone-formulas-configuration-3006.0-150400.8.101.1 * salt-cloud-3006.0-150400.8.101.1 * salt-syndic-3006.0-150400.8.101.1 * python311-salt-3006.0-150400.8.101.1 * salt-ssh-3006.0-150400.8.101.1 * salt-proxy-3006.0-150400.8.101.1 * salt-minion-3006.0-150400.8.101.1 * salt-3006.0-150400.8.101.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * salt-minion-3006.0-150400.8.101.1 * salt-3006.0-150400.8.101.1 * salt-transactional-update-3006.0-150400.8.101.1 * python3-salt-3006.0-150400.8.101.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * salt-minion-3006.0-150400.8.101.1 * salt-3006.0-150400.8.101.1 * salt-transactional-update-3006.0-150400.8.101.1 * python3-salt-3006.0-150400.8.101.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * salt-master-3006.0-150400.8.101.1 * salt-api-3006.0-150400.8.101.1 * python3-salt-3006.0-150400.8.101.1 * salt-doc-3006.0-150400.8.101.1 * salt-standalone-formulas-configuration-3006.0-150400.8.101.1 * salt-cloud-3006.0-150400.8.101.1 * salt-syndic-3006.0-150400.8.101.1 * python311-salt-3006.0-150400.8.101.1 * salt-ssh-3006.0-150400.8.101.1 * salt-proxy-3006.0-150400.8.101.1 * salt-minion-3006.0-150400.8.101.1 * salt-3006.0-150400.8.101.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * salt-fish-completion-3006.0-150400.8.101.1 * salt-bash-completion-3006.0-150400.8.101.1 * salt-zsh-completion-3006.0-150400.8.101.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * salt-master-3006.0-150400.8.101.1 * salt-api-3006.0-150400.8.101.1 * salt-doc-3006.0-150400.8.101.1 * salt-standalone-formulas-configuration-3006.0-150400.8.101.1 * python3-salt-3006.0-150400.8.101.1 * salt-cloud-3006.0-150400.8.101.1 * salt-syndic-3006.0-150400.8.101.1 * python311-salt-3006.0-150400.8.101.1 * salt-ssh-3006.0-150400.8.101.1 * salt-proxy-3006.0-150400.8.101.1 * salt-minion-3006.0-150400.8.101.1 * salt-3006.0-150400.8.101.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * salt-fish-completion-3006.0-150400.8.101.1 * salt-bash-completion-3006.0-150400.8.101.1 * salt-zsh-completion-3006.0-150400.8.101.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * salt-master-3006.0-150400.8.101.1 * salt-api-3006.0-150400.8.101.1 * python3-salt-3006.0-150400.8.101.1 * salt-doc-3006.0-150400.8.101.1 * salt-standalone-formulas-configuration-3006.0-150400.8.101.1 * salt-cloud-3006.0-150400.8.101.1 * salt-syndic-3006.0-150400.8.101.1 * python311-salt-3006.0-150400.8.101.1 * salt-ssh-3006.0-150400.8.101.1 * salt-proxy-3006.0-150400.8.101.1 * salt-minion-3006.0-150400.8.101.1 * salt-3006.0-150400.8.101.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * salt-fish-completion-3006.0-150400.8.101.1 * salt-bash-completion-3006.0-150400.8.101.1 * salt-zsh-completion-3006.0-150400.8.101.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31958.html * https://bugzilla.suse.com/show_bug.cgi?id=1254629 * https://bugzilla.suse.com/show_bug.cgi?id=1254900 * https://bugzilla.suse.com/show_bug.cgi?id=1257583 * https://bugzilla.suse.com/show_bug.cgi?id=1257831 * https://bugzilla.suse.com/show_bug.cgi?id=1259554 * https://bugzilla.suse.com/show_bug.cgi?id=1259700 * https://jira.suse.com/browse/MSQA-1052 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 20:32:27 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 20:32:27 -0000 Subject: SUSE-SU-202604:15331-1: important: Security update 5.0.8 for Multi-Linux Manager Salt Bundle Message-ID: <178051874713.412.11154147293000748637@04080f4f8216> # Security update 5.0.8 for Multi-Linux Manager Salt Bundle Announcement ID: SUSE-SU-202604:15331-1 Release Date: 2026-06-03T14:15:16Z Rating: important References: * bsc#1254629 * bsc#1254900 * bsc#1257583 * bsc#1257831 * bsc#1258957 * bsc#1259554 * bsc#1259700 * bsc#1259804 * bsc#1259808 * jsc#MSQA-1052 Cross-References: * CVE-2026-27448 * CVE-2026-27459 * CVE-2026-31958 CVSS scores: * CVE-2026-27448 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-27448 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-27448 ( NVD ): 1.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27448 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-27459 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-27459 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-27459 ( NVD ): 7.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27459 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31958 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31958 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31958 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-31958 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Manager Client Tools for Ubuntu 24.04 2404 An update that solves three vulnerabilities, contains one feature and has six security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * Security issues fixed: * CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service (bsc#1259554) * CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow (bsc#1259808) * CVE-2026-27448: pyOpenSSL: Fixed unhandled exception can result in connection not being cancelled (bsc#1259804) * Other updates and bugfixes: * Use non vendored Tornado with Python 3.11 (bsc#1257583, bsc#1259700) * Hardened Tornado from invalid HTTP reason phrases * Read full URI from ldap pillar config (bsc#1254900) * Make users with backslash work for `salt-ssh` (bsc#1254629). * Fixed `ansible.playbooks` `extra-vars` quoting (bsc#1257831), * Fixed `virtualenv` call in test helper to use proper Python version. * Fixed the issue preventing SELinux profile to be loaded on SLES 16 deployed using cloud images (bsc#1258957) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for Ubuntu 24.04 2404 zypper in -t patch suse-ubu244ct-client-tools-202604-15331=1 ## Package List: * SUSE Manager Client Tools for Ubuntu 24.04 2404 (amd64) * venv-salt-minion-3006.0-2.31.2 ## References: * https://www.suse.com/security/cve/CVE-2026-27448.html * https://www.suse.com/security/cve/CVE-2026-27459.html * https://www.suse.com/security/cve/CVE-2026-31958.html * https://bugzilla.suse.com/show_bug.cgi?id=1254629 * https://bugzilla.suse.com/show_bug.cgi?id=1254900 * https://bugzilla.suse.com/show_bug.cgi?id=1257583 * https://bugzilla.suse.com/show_bug.cgi?id=1257831 * https://bugzilla.suse.com/show_bug.cgi?id=1258957 * https://bugzilla.suse.com/show_bug.cgi?id=1259554 * https://bugzilla.suse.com/show_bug.cgi?id=1259700 * https://bugzilla.suse.com/show_bug.cgi?id=1259804 * https://bugzilla.suse.com/show_bug.cgi?id=1259808 * https://jira.suse.com/browse/MSQA-1052 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 20:32:52 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 20:32:52 -0000 Subject: SUSE-SU-202604:15329-1: important: Security update 5.0.8 for Multi-Linux Manager Salt Bundle Message-ID: <178051877200.412.7442024157069942254@04080f4f8216> # Security update 5.0.8 for Multi-Linux Manager Salt Bundle Announcement ID: SUSE-SU-202604:15329-1 Release Date: 2026-06-03T14:14:26Z Rating: important References: * bsc#1254629 * bsc#1254900 * bsc#1257583 * bsc#1257831 * bsc#1258957 * bsc#1259554 * bsc#1259700 * bsc#1259804 * bsc#1259808 * jsc#MSQA-1052 Cross-References: * CVE-2026-27448 * CVE-2026-27459 * CVE-2026-31958 CVSS scores: * CVE-2026-27448 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-27448 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-27448 ( NVD ): 1.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27448 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-27459 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-27459 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-27459 ( NVD ): 7.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27459 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31958 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31958 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31958 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-31958 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Manager Client Tools for Ubuntu 22.04 2204 An update that solves three vulnerabilities, contains one feature and has six security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * Security issues fixed: * CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service (bsc#1259554) * CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow (bsc#1259808) * CVE-2026-27448: pyOpenSSL: Fixed unhandled exception can result in connection not being cancelled (bsc#1259804) * Other updates and bugfixes: * Use non vendored Tornado with Python 3.11 (bsc#1257583, bsc#1259700) * Hardened Tornado from invalid HTTP reason phrases * Read full URI from ldap pillar config (bsc#1254900) * Make users with backslash work for `salt-ssh` (bsc#1254629). * Fixed `ansible.playbooks` `extra-vars` quoting (bsc#1257831), * Fixed `virtualenv` call in test helper to use proper Python version. * Fixed the issue preventing SELinux profile to be loaded on SLES 16 deployed using cloud images (bsc#1258957) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for Ubuntu 22.04 2204 zypper in -t patch suse-ubu224ct-client-tools-202604-15329=1 ## Package List: * SUSE Manager Client Tools for Ubuntu 22.04 2204 (amd64) * venv-salt-minion-3006.0-2.80.1 ## References: * https://www.suse.com/security/cve/CVE-2026-27448.html * https://www.suse.com/security/cve/CVE-2026-27459.html * https://www.suse.com/security/cve/CVE-2026-31958.html * https://bugzilla.suse.com/show_bug.cgi?id=1254629 * https://bugzilla.suse.com/show_bug.cgi?id=1254900 * https://bugzilla.suse.com/show_bug.cgi?id=1257583 * https://bugzilla.suse.com/show_bug.cgi?id=1257831 * https://bugzilla.suse.com/show_bug.cgi?id=1258957 * https://bugzilla.suse.com/show_bug.cgi?id=1259554 * https://bugzilla.suse.com/show_bug.cgi?id=1259700 * https://bugzilla.suse.com/show_bug.cgi?id=1259804 * https://bugzilla.suse.com/show_bug.cgi?id=1259808 * https://jira.suse.com/browse/MSQA-1052 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 20:33:26 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 20:33:26 -0000 Subject: SUSE-SU-2026:2246-1: important: Security update 5.0.8 for Multi-Linux Manager Salt Bundle Message-ID: <178051880631.412.3402954165693121566@04080f4f8216> # Security update 5.0.8 for Multi-Linux Manager Salt Bundle Announcement ID: SUSE-SU-2026:2246-1 Release Date: 2026-06-03T14:13:17Z Rating: important References: * bsc#1254629 * bsc#1254900 * bsc#1257583 * bsc#1257831 * bsc#1258957 * bsc#1259554 * bsc#1259700 * bsc#1259804 * bsc#1259808 * jsc#MSQA-1052 Cross-References: * CVE-2026-27448 * CVE-2026-27459 * CVE-2026-31958 CVSS scores: * CVE-2026-27448 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-27448 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-27448 ( NVD ): 1.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27448 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-27459 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-27459 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-27459 ( NVD ): 7.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27459 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31958 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31958 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31958 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-31958 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Manager Client Tools for Debian 12 An update that solves three vulnerabilities, contains one feature and has six security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * Security issues fixed: * CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service (bsc#1259554) * CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow (bsc#1259808) * CVE-2026-27448: pyOpenSSL: Fixed unhandled exception can result in connection not being cancelled (bsc#1259804) * Other updates and bugfixes: * Use non vendored Tornado with Python 3.11 (bsc#1257583, bsc#1259700) * Hardened Tornado from invalid HTTP reason phrases * Read full URI from ldap pillar config (bsc#1254900) * Make users with backslash work for `salt-ssh` (bsc#1254629). * Fixed `ansible.playbooks` `extra-vars` quoting (bsc#1257831), * Fixed `virtualenv` call in test helper to use proper Python version. * Fixed the issue preventing SELinux profile to be loaded on SLES 16 deployed using cloud images (bsc#1258957) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for Debian 12 zypper in -t patch SUSE-Debian-12-CLIENT-TOOLS-x86_64-2026-2246=1 ## Package List: * SUSE Manager Client Tools for Debian 12 (amd64) * venv-salt-minion-3006.0-2.49.2 ## References: * https://www.suse.com/security/cve/CVE-2026-27448.html * https://www.suse.com/security/cve/CVE-2026-27459.html * https://www.suse.com/security/cve/CVE-2026-31958.html * https://bugzilla.suse.com/show_bug.cgi?id=1254629 * https://bugzilla.suse.com/show_bug.cgi?id=1254900 * https://bugzilla.suse.com/show_bug.cgi?id=1257583 * https://bugzilla.suse.com/show_bug.cgi?id=1257831 * https://bugzilla.suse.com/show_bug.cgi?id=1258957 * https://bugzilla.suse.com/show_bug.cgi?id=1259554 * https://bugzilla.suse.com/show_bug.cgi?id=1259700 * https://bugzilla.suse.com/show_bug.cgi?id=1259804 * https://bugzilla.suse.com/show_bug.cgi?id=1259808 * https://jira.suse.com/browse/MSQA-1052 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 20:33:51 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 20:33:51 -0000 Subject: SUSE-SU-2026:2244-1: important: Security update 5.0.8 for Multi-Linux Manager Salt Bundle Message-ID: <178051883195.412.921820975225002650@04080f4f8216> # Security update 5.0.8 for Multi-Linux Manager Salt Bundle Announcement ID: SUSE-SU-2026:2244-1 Release Date: 2026-06-03T14:11:48Z Rating: important References: * bsc#1254629 * bsc#1254900 * bsc#1257583 * bsc#1257831 * bsc#1258957 * bsc#1259554 * bsc#1259700 * bsc#1259804 * bsc#1259808 * jsc#MSQA-1052 Cross-References: * CVE-2026-27448 * CVE-2026-27459 * CVE-2026-31958 CVSS scores: * CVE-2026-27448 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-27448 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-27448 ( NVD ): 1.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27448 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-27459 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-27459 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-27459 ( NVD ): 7.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27459 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31958 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31958 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31958 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-31958 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 * SUSE Linux Enterprise Desktop 15 SP1 * SUSE Linux Enterprise Desktop 15 SP2 * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.0 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP1 * SUSE Linux Enterprise Real Time 15 SP2 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Client Tools for SLE 15 * SUSE Manager Client Tools for SLE Micro 5 An update that solves three vulnerabilities, contains one feature and has six security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * Security issues fixed: * CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service (bsc#1259554) * CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow (bsc#1259808) * CVE-2026-27448: pyOpenSSL: Fixed unhandled exception can result in connection not being cancelled (bsc#1259804) * Other updates and bugfixes: * Use non vendored Tornado with Python 3.11 (bsc#1257583, bsc#1259700) * Hardened Tornado from invalid HTTP reason phrases * Read full URI from ldap pillar config (bsc#1254900) * Make users with backslash work for `salt-ssh` (bsc#1254629). * Fixed `ansible.playbooks` `extra-vars` quoting (bsc#1257831), * Fixed `virtualenv` call in test helper to use proper Python version. * Fixed the issue preventing SELinux profile to be loaded on SLES 16 deployed using cloud images (bsc#1258957) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE Micro 5 zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2026-2244=1 * SUSE Manager Client Tools for SLE 15 zypper in -t patch SUSE-SLE-Manager-Tools-15-2026-2244=1 ## Package List: * SUSE Manager Client Tools for SLE Micro 5 (aarch64 s390x x86_64) * venv-salt-minion-3006.0-150000.3.95.1 * SUSE Manager Client Tools for SLE 15 (aarch64 ppc64le s390x x86_64) * venv-salt-minion-3006.0-150000.3.95.1 ## References: * https://www.suse.com/security/cve/CVE-2026-27448.html * https://www.suse.com/security/cve/CVE-2026-27459.html * https://www.suse.com/security/cve/CVE-2026-31958.html * https://bugzilla.suse.com/show_bug.cgi?id=1254629 * https://bugzilla.suse.com/show_bug.cgi?id=1254900 * https://bugzilla.suse.com/show_bug.cgi?id=1257583 * https://bugzilla.suse.com/show_bug.cgi?id=1257831 * https://bugzilla.suse.com/show_bug.cgi?id=1258957 * https://bugzilla.suse.com/show_bug.cgi?id=1259554 * https://bugzilla.suse.com/show_bug.cgi?id=1259700 * https://bugzilla.suse.com/show_bug.cgi?id=1259804 * https://bugzilla.suse.com/show_bug.cgi?id=1259808 * https://jira.suse.com/browse/MSQA-1052 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 20:36:12 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 20:36:12 -0000 Subject: SUSE-SU-2026:2243-1: important: Security update 5.0.8 for Multi-Linux Manager Client Tools Message-ID: <178051897244.412.230478392137946872@d406a135977f> # Security update 5.0.8 for Multi-Linux Manager Client Tools Announcement ID: SUSE-SU-2026:2243-1 Release Date: 2026-06-03T14:10:43Z Rating: important References: * bsc#1248699 * bsc#1248707 * bsc#1252964 * bsc#1254619 * bsc#1257941 * bsc#1258595 * bsc#1258873 * bsc#1258893 * bsc#1258927 * bsc#1259208 * bsc#1259999 * bsc#1260263 * bsc#1260267 * bsc#1260878 * bsc#1260881 * bsc#1261025 * bsc#1261026 * bsc#1261027 * bsc#1261029 * bsc#1261810 * bsc#1262222 * bsc#1262950 * bsc#1263501 * bsc#1263986 * bsc#1263987 * jsc#MSQA-1052 * jsc#PED-14816 Cross-References: * CVE-2022-21698 * CVE-2025-29923 * CVE-2026-21724 * CVE-2026-21725 * CVE-2026-26958 * CVE-2026-27606 * CVE-2026-27876 * CVE-2026-27877 * CVE-2026-27879 * CVE-2026-28375 * CVE-2026-33186 * CVE-2026-33375 * CVE-2026-34986 * CVE-2026-40179 * CVE-2026-41602 * CVE-2026-42151 * CVE-2026-42154 CVSS scores: * CVE-2022-21698 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2022-21698 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-29923 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-29923 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-21724 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-21724 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-21724 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2026-21724 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-21725 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-21725 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L * CVE-2026-21725 ( NVD ): 2.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N * CVE-2026-21725 ( NVD ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2026-26958 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2026-26958 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L * CVE-2026-26958 ( NVD ): 1.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27606 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-27606 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-27606 ( NVD ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27606 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-27876 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-27876 ( SUSE ): 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-27876 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-27877 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-27877 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-27877 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-27877 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-27879 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-27879 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-27879 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-28375 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-28375 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-28375 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33186 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-33186 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33186 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33375 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33375 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34986 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34986 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34986 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-40179 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-40179 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-40179 ( NVD ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-40179 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-41602 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-41602 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-41602 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42151 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-42151 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-42154 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42154 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 * SUSE Linux Enterprise Desktop 15 SP1 * SUSE Linux Enterprise Desktop 15 SP2 * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.0 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP1 * SUSE Linux Enterprise Real Time 15 SP2 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Client Tools for SLE 15 * SUSE Manager Client Tools for SLE Micro 5 An update that solves 17 vulnerabilities, contains two features and has eight security fixes can now be installed. ## Description: This update fixes the following issues: golang-github-QubitProducts-exporter_exporter: * Security Fixes: * CVE-2022-21698: Fixed denial of service using InstrumentHandlerCounter (bsc#1248707) golang-github-prometheus-node_exporter: * Backward Compatibility and packaging changes: * Added compatibility for Go 1.22/1.23 needed in older RHEL toolchains * Pinned golang.org/x/net to v0.37.0 for Go 1.22 compatibility * Version 1.10.2: * Fixed typo in Zswap metric name (meminfo) * Version 1.10.1: * Fixed mount points being collected multiple times (filesystem) * Refactored mountinfo parsing (bsc#1261810) * Added Zswap/Zswapped metrics (meminfo) * Version 1.10.0: * New collectors: PCIe devices, swaps * Added systemd virtualization metrics, AIX metrics * WiFi packet metrics, additional PCIe and TLB metrics * Changed mdadm to use sysfs, added erofs to excluded filesystems * Fixed bugs: cpufreq collector, ethtool metrics golang-github-prometheus-prometheus: * Security issues fixed: * CVE-2026-42151: AzureAD remote write: Fixed OAuth client_secret being exposed in plaintext via /-/config endpoint (bsc#1263986) * CVE-2026-42154: Remote-read: Reject snappy-compressed requests whose declared decoded length exceeds the decode limit (bsc#1263987). * CVE-2026-40179: UI: Fixed stored XSS via unescaped le label values in old UI heatmap chart tick labels (bsc#1262222) * CVE-2026-33186: Fixed authorization bypass due to improper validation of the HTTP/2 :path pseudo-header (bsc#1260267) * Bump google.golang.org/grpc to version 1.79.3 * CVE-2026-27606: Fixed arbitrary file write via path traversal in rollup (bsc#1258893) * Bump rollup to version 4.59.0 * Other changes: * Remote-Write: Reject snappy-compressed requests whose declared decoded length exceeds the decode limit. * Use systemd tmpfiles.d to create /var/lib/prometheus hierarchy (jsc#PED-14816) prometheus-postgres_exporter: * Security Fixes: * CVE-2026-42154: Remote-read: Reject snappy-compressed requests whose declared decoded length exceeds the decode limit (bsc#1263987) * CVE-2026-42151: AzureAD remote write: Fixed OAuth client_secret being exposed in plaintext via /-/config endpoint (bsc#1263986) * CVE-2022-21698: Fixed denial of service using InstrumentHandlerCounter (bsc#1248699) * Highlights of other changes and bug fixes: * Use systemd tmpfiles.d to create /var/lib/prometheus hierarchy grafana was updated from version 11.6.11 to 11.6.14+security01: * Security Fixes: * CVE-2026-34986: Fixed unrecoverable error in JWE decryption that could lead to a denial of service (bsc#1262950) * CVE-2026-41602: Fixed Integer Overflow or Wraparound vulnerability in Apache Thrift (bsc#1263501) * CVE-2026-26958: Ensure that MultiScalarMult properly handles initialization and produces correct results (bsc#1258595) * CVE-2026-21725: Fixed missing UID when deleting datasource by name (bsc#1258873) * CVE-2026-33375: Fixed denial of Service via out-of-memory exhaustion in MSSQL data source plugin (bsc#1260881) * CVE-2026-27876: Fixed remote arbitrary code execution via chained SQL Expressions (bsc#1261025) * CVE-2026-27877: Fixed information disclosure of data-source passwords via public dashboards (bsc#1261026) * CVE-2026-28375: Fixed denial of service via testdata data-source (bsc#1261029) * CVE-2026-27879: Fixed denial of service via resample query (bsc#1261027) * CVE-2026-33186: Fixed authorization bypass due to improper validation of the HTTP/2 :path pseudo-header (bsc#1260263) * CVE-2026-21724: Fixed authorization bypass allows modification of protected webhook URLs (bsc#1260878) * Highlights of other changes and bug fixes: * Version 11.6.13: * Wire the public dashboard service to the HTTP server * Version 11.6.12: * Update authentication redirect logic * Fixed single panel render with variable references spacecmd: * Version 5.0.16-0: * Update translation strings uyuni-tools: * Version 0.1.39-0: * mgrpxy ssh tuning should happen before crypto policies (bsc#1254619) * Fixed default value for helm registry (bsc#1258927). * Use static supportconfig name to avoid dynamic search (bsc#1257941) * Do not nest multiple tarball files and instead collect all files into one tarball (bsc#1252964) * Show where final tarball was generated (bsc#1259208) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE 15 zypper in -t patch SUSE-SLE-Manager-Tools-15-2026-2243=1 * SUSE Manager Client Tools for SLE Micro 5 zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2026-2243=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2243=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2243=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2243=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2243=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2243=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2243=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2243=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2243=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2243=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2243=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2243=1 ## Package List: * SUSE Manager Client Tools for SLE 15 (aarch64 ppc64le s390x x86_64) * mgrctl-0.1.39-150000.1.33.2 * golang-github-prometheus-prometheus-3.5.3-150000.3.72.2 * prometheus-postgres_exporter-0.10.1-150000.1.20.2 * grafana-11.6.14+security01-150000.1.95.2 * grafana-debuginfo-11.6.14+security01-150000.1.95.2 * firewalld-prometheus-config-0.1-150000.3.72.2 * golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.24.2 * mgrctl-debuginfo-0.1.39-150000.1.33.2 * SUSE Manager Client Tools for SLE 15 (noarch) * mgrctl-bash-completion-0.1.39-150000.1.33.2 * spacecmd-5.0.16-150000.3.145.1 * mgrctl-zsh-completion-0.1.39-150000.1.33.2 * mgrctl-lang-0.1.39-150000.1.33.2 * SUSE Manager Client Tools for SLE Micro 5 (aarch64 s390x x86_64) * mgrctl-0.1.39-150000.1.33.2 * golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.24.2 * mgrctl-debuginfo-0.1.39-150000.1.33.2 * golang-github-prometheus-node_exporter-1.10.2-150100.3.41.2 * SUSE Manager Client Tools for SLE Micro 5 (noarch) * mgrctl-bash-completion-0.1.39-150000.1.33.2 * mgrctl-zsh-completion-0.1.39-150000.1.33.2 * mgrctl-lang-0.1.39-150000.1.33.2 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-node_exporter-debuginfo-1.10.2-150100.3.41.2 * golang-github-prometheus-node_exporter-1.10.2-150100.3.41.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.41.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.41.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.41.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.41.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.41.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.41.2 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.41.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.41.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.41.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.41.2 ## References: * https://www.suse.com/security/cve/CVE-2022-21698.html * https://www.suse.com/security/cve/CVE-2025-29923.html * https://www.suse.com/security/cve/CVE-2026-21724.html * https://www.suse.com/security/cve/CVE-2026-21725.html * https://www.suse.com/security/cve/CVE-2026-26958.html * https://www.suse.com/security/cve/CVE-2026-27606.html * https://www.suse.com/security/cve/CVE-2026-27876.html * https://www.suse.com/security/cve/CVE-2026-27877.html * https://www.suse.com/security/cve/CVE-2026-27879.html * https://www.suse.com/security/cve/CVE-2026-28375.html * https://www.suse.com/security/cve/CVE-2026-33186.html * https://www.suse.com/security/cve/CVE-2026-33375.html * https://www.suse.com/security/cve/CVE-2026-34986.html * https://www.suse.com/security/cve/CVE-2026-40179.html * https://www.suse.com/security/cve/CVE-2026-41602.html * https://www.suse.com/security/cve/CVE-2026-42151.html * https://www.suse.com/security/cve/CVE-2026-42154.html * https://bugzilla.suse.com/show_bug.cgi?id=1248699 * https://bugzilla.suse.com/show_bug.cgi?id=1248707 * https://bugzilla.suse.com/show_bug.cgi?id=1252964 * https://bugzilla.suse.com/show_bug.cgi?id=1254619 * https://bugzilla.suse.com/show_bug.cgi?id=1257941 * https://bugzilla.suse.com/show_bug.cgi?id=1258595 * https://bugzilla.suse.com/show_bug.cgi?id=1258873 * https://bugzilla.suse.com/show_bug.cgi?id=1258893 * https://bugzilla.suse.com/show_bug.cgi?id=1258927 * https://bugzilla.suse.com/show_bug.cgi?id=1259208 * https://bugzilla.suse.com/show_bug.cgi?id=1259999 * https://bugzilla.suse.com/show_bug.cgi?id=1260263 * https://bugzilla.suse.com/show_bug.cgi?id=1260267 * https://bugzilla.suse.com/show_bug.cgi?id=1260878 * https://bugzilla.suse.com/show_bug.cgi?id=1260881 * https://bugzilla.suse.com/show_bug.cgi?id=1261025 * https://bugzilla.suse.com/show_bug.cgi?id=1261026 * https://bugzilla.suse.com/show_bug.cgi?id=1261027 * https://bugzilla.suse.com/show_bug.cgi?id=1261029 * https://bugzilla.suse.com/show_bug.cgi?id=1261810 * https://bugzilla.suse.com/show_bug.cgi?id=1262222 * https://bugzilla.suse.com/show_bug.cgi?id=1262950 * https://bugzilla.suse.com/show_bug.cgi?id=1263501 * https://bugzilla.suse.com/show_bug.cgi?id=1263986 * https://bugzilla.suse.com/show_bug.cgi?id=1263987 * https://jira.suse.com/browse/MSQA-1052 * https://jira.suse.com/browse/PED-14816 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 20:36:31 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 20:36:31 -0000 Subject: SUSE-SU-2026:2242-1: important: Security update 5.0.8 for Multi-Linux Manager Salt Bundle Message-ID: <178051899171.412.13162128446751267934@d406a135977f> # Security update 5.0.8 for Multi-Linux Manager Salt Bundle Announcement ID: SUSE-SU-2026:2242-1 Release Date: 2026-06-03T14:05:46Z Rating: important References: * bsc#1254629 * bsc#1254900 * bsc#1257583 * bsc#1257831 * bsc#1258957 * bsc#1259554 * bsc#1259700 * bsc#1259804 * bsc#1259808 * jsc#MSQA-1052 Cross-References: * CVE-2026-27448 * CVE-2026-27459 * CVE-2026-31958 CVSS scores: * CVE-2026-27448 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-27448 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-27448 ( NVD ): 1.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27448 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-27459 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-27459 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-27459 ( NVD ): 7.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27459 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31958 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31958 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31958 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-31958 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Desktop 12 * SUSE Linux Enterprise Desktop 12 SP1 * SUSE Linux Enterprise Desktop 12 SP2 * SUSE Linux Enterprise Desktop 12 SP3 * SUSE Linux Enterprise Desktop 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 * SUSE Manager Client Tools for SLE 12 An update that solves three vulnerabilities, contains one feature and has six security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * Security issues fixed: * CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service (bsc#1259554) * CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow (bsc#1259808) * CVE-2026-27448: pyOpenSSL: Fixed unhandled exception can result in connection not being cancelled (bsc#1259804) * Other updates and bugfixes: * Use non vendored Tornado with Python 3.11 (bsc#1257583, bsc#1259700) * Hardened Tornado from invalid HTTP reason phrases * Read full URI from ldap pillar config (bsc#1254900) * Make users with backslash work for `salt-ssh` (bsc#1254629). * Fixed `ansible.playbooks` `extra-vars` quoting (bsc#1257831), * Fixed `virtualenv` call in test helper to use proper Python version. * Fixed the issue preventing SELinux profile to be loaded on SLES 16 deployed using cloud images (bsc#1258957) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE 12 zypper in -t patch SUSE-SLE-Manager-Tools-12-2026-2242=1 ## Package List: * SUSE Manager Client Tools for SLE 12 (aarch64 ppc64le s390x x86_64) * venv-salt-minion-3006.0-3.95.1 ## References: * https://www.suse.com/security/cve/CVE-2026-27448.html * https://www.suse.com/security/cve/CVE-2026-27459.html * https://www.suse.com/security/cve/CVE-2026-31958.html * https://bugzilla.suse.com/show_bug.cgi?id=1254629 * https://bugzilla.suse.com/show_bug.cgi?id=1254900 * https://bugzilla.suse.com/show_bug.cgi?id=1257583 * https://bugzilla.suse.com/show_bug.cgi?id=1257831 * https://bugzilla.suse.com/show_bug.cgi?id=1258957 * https://bugzilla.suse.com/show_bug.cgi?id=1259554 * https://bugzilla.suse.com/show_bug.cgi?id=1259700 * https://bugzilla.suse.com/show_bug.cgi?id=1259804 * https://bugzilla.suse.com/show_bug.cgi?id=1259808 * https://jira.suse.com/browse/MSQA-1052 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 3 20:36:48 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jun 2026 20:36:48 -0000 Subject: SUSE-SU-2026:2241-1: important: Security update 5.0.8 for Multi-Linux Manager Client Tools Message-ID: <178051900847.412.3019241182917378850@d406a135977f> # Security update 5.0.8 for Multi-Linux Manager Client Tools Announcement ID: SUSE-SU-2026:2241-1 Release Date: 2026-06-03T13:58:35Z Rating: important References: * bsc#1248699 * bsc#1248707 * bsc#1252964 * bsc#1254619 * bsc#1257941 * bsc#1258927 * bsc#1259208 * bsc#1261810 * jsc#MSQA-1052 Cross-References: * CVE-2022-21698 CVSS scores: * CVE-2022-21698 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2022-21698 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Desktop 12 * SUSE Linux Enterprise Desktop 12 SP1 * SUSE Linux Enterprise Desktop 12 SP2 * SUSE Linux Enterprise Desktop 12 SP3 * SUSE Linux Enterprise Desktop 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 * SUSE Manager Client Tools for SLE 12 An update that solves one vulnerability, contains one feature and has seven security fixes can now be installed. ## Description: This update fixes the following issues: prometheus-postgres_exporter: * Security Fixes: * CVE-2022-21698: Fixed denial of service using InstrumentHandlerCounter (bsc#1248699) golang-github-QubitProducts-exporter_exporter: * Security Fixes: * CVE-2022-21698: Fixed denial of service using InstrumentHandlerCounter (bsc#1248707) golang-github-prometheus-node_exporter: * Highlights of changes and bug fixes: * Packaging changes: * Pinned golang.org/x/net to v0.37.0 for Go 1.22 compatibility * Version 1.10.2: * Fixed typo in Zswap metric name (meminfo) * Version 1.10.1: * Fixed mount points being collected multiple times (filesystem) * Refactored mountinfo parsing (bsc#1261810) * Added Zswap/Zswapped metrics (meminfo) * Version 1.10.0: * New collectors: PCIe devices, swaps * Added systemd virtualization metrics, AIX metrics * WiFi packet metrics, additional PCIe and TLB metrics * Changed mdadm to use sysfs, added erofs to excluded filesystems * Fixed bugs: cpufreq collector, ethtool metrics spacecmd: * Version 5.0.16-0: * Update translation strings uyuni-tools: * Version 0.1.39-0: * mgrpxy ssh tuning should happen before crypto policies (bsc#1254619) * Fix default value for helm registry (bsc#1258927). * Use static supportconfig name to avoid dynamic search (bsc#1257941) * Do not nest multiple tarball files and instead collect all files into one tarball (bsc#1252964) * Show where final tarball was generated (bsc#1259208) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE 12 zypper in -t patch SUSE-SLE-Manager-Tools-12-2026-2241=1 * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-2241=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2241=1 ## Package List: * SUSE Manager Client Tools for SLE 12 (aarch64 ppc64le s390x x86_64) * mgrctl-0.1.39-1.33.2 * mgrctl-debuginfo-0.1.39-1.33.2 * golang-github-QubitProducts-exporter_exporter-0.4.0-1.18.1 * prometheus-postgres_exporter-0.10.1-1.20.1 * golang-github-prometheus-node_exporter-1.10.2-1.42.3 * SUSE Manager Client Tools for SLE 12 (noarch) * mgrctl-bash-completion-0.1.39-1.33.2 * mgrctl-zsh-completion-0.1.39-1.33.2 * spacecmd-5.0.16-38.168.2 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-node_exporter-1.10.2-1.42.3 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * golang-github-prometheus-node_exporter-1.10.2-1.42.3 ## References: * https://www.suse.com/security/cve/CVE-2022-21698.html * https://bugzilla.suse.com/show_bug.cgi?id=1248699 * https://bugzilla.suse.com/show_bug.cgi?id=1248707 * https://bugzilla.suse.com/show_bug.cgi?id=1252964 * https://bugzilla.suse.com/show_bug.cgi?id=1254619 * https://bugzilla.suse.com/show_bug.cgi?id=1257941 * https://bugzilla.suse.com/show_bug.cgi?id=1258927 * https://bugzilla.suse.com/show_bug.cgi?id=1259208 * https://bugzilla.suse.com/show_bug.cgi?id=1261810 * https://jira.suse.com/browse/MSQA-1052 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jun 4 08:30:38 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 04 Jun 2026 08:30:38 -0000 Subject: SUSE-SU-2026:21986-1: important: Security update 5.0.8 for Multi-Linux Manager Client Tools, Salt Bundle and Salt Message-ID: <178056183826.660.14618105782778342795@b0da085613fb> # Security update 5.0.8 for Multi-Linux Manager Client Tools, Salt Bundle and Salt Announcement ID: SUSE-SU-2026:21986-1 Release Date: 2026-06-03T13:34:00Z Rating: important References: * bsc#1252964 * bsc#1254619 * bsc#1254629 * bsc#1254900 * bsc#1257583 * bsc#1257831 * bsc#1257941 * bsc#1258927 * bsc#1258957 * bsc#1259208 * bsc#1259554 * bsc#1259700 * bsc#1259804 * bsc#1259808 * bsc#1261810 Cross-References: * CVE-2026-27448 * CVE-2026-27459 * CVE-2026-31958 CVSS scores: * CVE-2026-27448 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-27448 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-27448 ( NVD ): 1.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27448 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-27459 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-27459 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-27459 ( NVD ): 7.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27459 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31958 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31958 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31958 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-31958 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 * SUSE Linux Micro 6.1 * SUSE Manager Client Tools for SUSE Linux Micro 6 An update that solves three vulnerabilities and has 12 fixes can now be installed. ## Description: This update fixes the following issues: golang-github-prometheus-node_exporter: * Version 1.10.2: * meminfo: Fix typo in Zswap metric name * Version 1.10.1: * filesystem: Fix mount points being collected multiple times * filesystem: Refactor mountinfo parsing (bsc#1261810) * meminfo: Add Zswap/Zswapped metrics * Version 1.10.0: * Changes: * mdadm: Use sysfs for RAID metrics * filesystem: Add erofs in default excluded fs * tcpstat: Use std lib binary.NativeEndian * New Features: * pcidevice: Add new collector for PCIe devices * AIX: Add more metrics * systemd: Add Virtualization metrics * swaps: Add new collector * Enhancements: * wifi: Add packet received and transmitted metrics * filesystem: Take super options into account for read-only * pcidevice: Add additional metrics * perf: Add tlb_data metrics * Bugs fixed: * interrupts: Fix OpenBSD interrupt device parsing * diskstats: Simplify condition * thermal: Sanitize darwin thermal strings * filesystem: Fix Darwin collector cgo memory leak * cpufreq: Fix: collector enable * ethtool: Fix returning 0 for sanitized metrics * netdev: Fix Darwin netdev i/o bytes metric * systemd: Fix logging race * filesystem: Fix duplicate Darwin CGO import salt: * Security issues fixed: * CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service (bsc#1259554) * Other updates and bugfixes: * Use non vendored Tornado with Python 3.11 (bsc#1257583, bsc#1259700) * Hardened Tornado from invalid HTTP reason phrases * Read full URI from ldap pillar config (bsc#1254900) * Fixed testsuite failures * Make users with backslash working for salt-ssh (bsc#1254629) * Fixed ansible.playbooks extra-vars quoting (bsc#1257831) * Fixed virtualenv call in test helper to use proper python version uyuni-tools: * Version 0.1.39-0: * mgrpxy ssh tuning should happen before crypto policies (bsc#1254619) * Fixed default value for helm registry (bsc#1258927). * Use static supportconfig name to avoid dynamic search (bsc#1257941) * Do not nest multiple tarball files and instead collect all files into one tarball (bsc#1252964) * Show where final tarball was generated (bsc#1259208) venv-salt-minion: * Security issues fixed: * CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service (bsc#1259554) * CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow (bsc#1259808) * CVE-2026-27448: pyOpenSSL: Fixed unhandled exception can result in connection not being cancelled (bsc#1259804) * Other updates and bugfixes: * Use non vendored Tornado with Python 3.11 (bsc#1257583, bsc#1259700) * Hardened Tornado from invalid HTTP reason phrases * Read full URI from ldap pillar config (bsc#1254900) * Make users with backslash work for `salt-ssh` (bsc#1254629). * Fixed `ansible.playbooks` `extra-vars` quoting (bsc#1257831), * Fixed `virtualenv` call in test helper to use proper Python version. * Fixed the issue preventing SELinux profile to be loaded on SLES 16 deployed using cloud images (bsc#1258957) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SUSE Linux Micro 6 zypper in -t patch SUSE-Manager-Tools-For-SL-Micro-6-740=1 ## Package List: * SUSE Manager Client Tools for SUSE Linux Micro 6 (aarch64 ppc64le s390x) * mgrctl-0.1.39-1.1 * golang-github-prometheus-node_exporter-debuginfo-1.10.2-1.1 * golang-github-prometheus-node_exporter-1.10.2-1.1 * venv-salt-minion-3006.0-11.1 * mgrctl-debuginfo-0.1.39-1.1 * SUSE Manager Client Tools for SUSE Linux Micro 6 (noarch) * mgrctl-zsh-completion-0.1.39-1.1 * mgrctl-bash-completion-0.1.39-1.1 * mgrctl-lang-0.1.39-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-27448.html * https://www.suse.com/security/cve/CVE-2026-27459.html * https://www.suse.com/security/cve/CVE-2026-31958.html * https://bugzilla.suse.com/show_bug.cgi?id=1252964 * https://bugzilla.suse.com/show_bug.cgi?id=1254619 * https://bugzilla.suse.com/show_bug.cgi?id=1254629 * https://bugzilla.suse.com/show_bug.cgi?id=1254900 * https://bugzilla.suse.com/show_bug.cgi?id=1257583 * https://bugzilla.suse.com/show_bug.cgi?id=1257831 * https://bugzilla.suse.com/show_bug.cgi?id=1257941 * https://bugzilla.suse.com/show_bug.cgi?id=1258927 * https://bugzilla.suse.com/show_bug.cgi?id=1258957 * https://bugzilla.suse.com/show_bug.cgi?id=1259208 * https://bugzilla.suse.com/show_bug.cgi?id=1259554 * https://bugzilla.suse.com/show_bug.cgi?id=1259700 * https://bugzilla.suse.com/show_bug.cgi?id=1259804 * https://bugzilla.suse.com/show_bug.cgi?id=1259808 * https://bugzilla.suse.com/show_bug.cgi?id=1261810 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jun 4 08:30:51 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 04 Jun 2026 08:30:51 -0000 Subject: SUSE-SU-2026:2267-1: important: Security update for golang-github-prometheus-prometheus Message-ID: <178056185123.660.17048258786446752365@b0da085613fb> # Security update for golang-github-prometheus-prometheus Announcement ID: SUSE-SU-2026:2267-1 Release Date: 2026-06-03T18:06:35Z Rating: important References: * bsc#1258893 * bsc#1260267 * bsc#1262222 * bsc#1263986 * bsc#1263987 * jsc#MSQA-1052 * jsc#PED-14816 Cross-References: * CVE-2026-27606 * CVE-2026-33186 * CVE-2026-40179 * CVE-2026-42151 * CVE-2026-42154 CVSS scores: * CVE-2026-27606 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-27606 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-27606 ( NVD ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27606 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-33186 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-33186 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33186 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-40179 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-40179 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-40179 ( NVD ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-40179 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-42151 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-42151 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-42154 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42154 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.0 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Client Tools for SLE Micro 5 * SUSE Package Hub 15 15-SP7 An update that solves five vulnerabilities and contains two features can now be installed. ## Description: This update for golang-github-prometheus-prometheus to version 3.5.3 fixes the following issues: * Security issues fixed: * CVE-2026-42151: AzureAD remote write: Fixed OAuth client_secret being exposed in plaintext via /-/config endpoint (bsc#1263986) * CVE-2026-42154: Remote-read: Reject snappy-compressed requests whose declared decoded length exceeds the decode limit (bsc#1263987). * CVE-2026-40179: UI: Fixed stored XSS via unescaped le label values in old UI heatmap chart tick labels (bsc#1262222) * CVE-2026-33186: Fixed authorization bypass due to improper validation of the HTTP/2 :path pseudo-header (bsc#1260267) * Bump google.golang.org/grpc to version 1.79.3 * CVE-2026-27606: Fixed arbitrary file write via path traversal in rollup (bsc#1258893) * Bump rollup to version 4.59.0 * Other changes: * Remote-Write: Reject snappy-compressed requests whose declared decoded length exceeds the decode limit. * Use systemd tmpfiles.d to create /var/lib/prometheus hierarchy (jsc#PED-14816) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE Micro 5 zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2026-2267=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2267=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2267=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2267=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2267=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2267=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2267=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2267=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2267=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2267=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2267=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2267=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2267=1 ## Package List: * SUSE Manager Client Tools for SLE Micro 5 (aarch64 s390x x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.42.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.42.1 * golang-github-prometheus-node_exporter-debuginfo-1.10.2-150100.3.42.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-prometheus-debuginfo-3.5.3-150100.4.34.1 * golang-github-prometheus-prometheus-3.5.3-150100.4.34.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.42.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.42.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.42.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.42.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.42.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.42.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.42.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.42.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.42.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * golang-github-prometheus-node_exporter-1.10.2-150100.3.42.1 ## References: * https://www.suse.com/security/cve/CVE-2026-27606.html * https://www.suse.com/security/cve/CVE-2026-33186.html * https://www.suse.com/security/cve/CVE-2026-40179.html * https://www.suse.com/security/cve/CVE-2026-42151.html * https://www.suse.com/security/cve/CVE-2026-42154.html * https://bugzilla.suse.com/show_bug.cgi?id=1258893 * https://bugzilla.suse.com/show_bug.cgi?id=1260267 * https://bugzilla.suse.com/show_bug.cgi?id=1262222 * https://bugzilla.suse.com/show_bug.cgi?id=1263986 * https://bugzilla.suse.com/show_bug.cgi?id=1263987 * https://jira.suse.com/browse/MSQA-1052 * https://jira.suse.com/browse/PED-14816 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jun 4 08:30:57 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 04 Jun 2026 08:30:57 -0000 Subject: SUSE-SU-2026:2265-1: moderate: Maintenance update for Multi-Linux Manager 4.3 Release Notes Release Notes Message-ID: <178056185716.660.4590341765239262256@b0da085613fb> # Maintenance update for Multi-Linux Manager 4.3 Release Notes Release Notes Announcement ID: SUSE-SU-2026:2265-1 Release Date: 2026-06-03T18:03:00Z Rating: moderate References: * bsc#1249675 * bsc#1259554 * jsc#MSQA-1052 Cross-References: * CVE-2022-21698 * CVE-2026-21724 * CVE-2026-27606 * CVE-2026-27876 * CVE-2026-27877 * CVE-2026-27879 * CVE-2026-28375 * CVE-2026-31958 * CVE-2026-33186 * CVE-2026-33375 * CVE-2026-34986 * CVE-2026-40179 * CVE-2026-42151 * CVE-2026-42154 CVSS scores: * CVE-2022-21698 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2022-21698 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-21724 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-21724 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-21724 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-21724 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2026-27606 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-27606 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-27606 ( NVD ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27606 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-27876 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-27876 ( SUSE ): 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-27876 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-27877 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-27877 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-27877 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-27877 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-27879 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-27879 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-27879 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-28375 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-28375 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-28375 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31958 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31958 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31958 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-31958 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33186 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-33186 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33186 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33375 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33375 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34986 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34986 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34986 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-40179 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-40179 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-40179 ( NVD ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-40179 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-42151 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-42151 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-42154 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42154 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 An update that solves 14 vulnerabilities and contains one feature can now be installed. ## Recommended update 4.3.18 for Multi-Linux Manager Proxy and Retail Branch LTS ### Description: This update fixes the following issues: release-notes-susemanager-proxy: * Update to SUSE Manager 4.3.18 * Bugs mentioned bsc#1249675, bsc#1259554 ## Security update 4.3.18 for Multi-Linux Manager Server LTS ### Description: This update fixes the following issues: release-notes-susemanager: * Update to SUSE Manager 4.3.18 * Open Enterprise Server (OES) 25.4 Support * CVEs Fixed: CVE-2022-21698, CVE-2026-21724, CVE-2026-27606, CVE-2026-27876 CVE-2026-27877, CVE-2026-27879, CVE-2026-28375, CVE-2026-33186 CVE-2026-33375, CVE-2026-34986, CVE-2026-40179, CVE-2026-42151 CVE-2026-42154, CVE-2026-31958, BDSA-2025-60810 * Bugs mentioned: bsc#1249675, bsc#1259554 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2265=1 ## Package List: * openSUSE Leap 15.4 (noarch) * release-notes-susemanager-4.3.18-150400.3.154.2 * release-notes-susemanager-proxy-4.3.18-150400.3.110.2 ## References: * https://www.suse.com/security/cve/CVE-2022-21698.html * https://www.suse.com/security/cve/CVE-2026-21724.html * https://www.suse.com/security/cve/CVE-2026-27606.html * https://www.suse.com/security/cve/CVE-2026-27876.html * https://www.suse.com/security/cve/CVE-2026-27877.html * https://www.suse.com/security/cve/CVE-2026-27879.html * https://www.suse.com/security/cve/CVE-2026-28375.html * https://www.suse.com/security/cve/CVE-2026-31958.html * https://www.suse.com/security/cve/CVE-2026-33186.html * https://www.suse.com/security/cve/CVE-2026-33375.html * https://www.suse.com/security/cve/CVE-2026-34986.html * https://www.suse.com/security/cve/CVE-2026-40179.html * https://www.suse.com/security/cve/CVE-2026-42151.html * https://www.suse.com/security/cve/CVE-2026-42154.html * https://bugzilla.suse.com/show_bug.cgi?id=1249675 * https://bugzilla.suse.com/show_bug.cgi?id=1259554 * https://jira.suse.com/browse/MSQA-1052 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jun 4 16:37:36 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 04 Jun 2026 16:37:36 -0000 Subject: SUSE-SU-2026:2236-1: important: Security update for vim Message-ID: <178059105675.33.5567457723275267937@4a60935d78bd> # Security update for vim Announcement ID: SUSE-SU-2026:2236-1 Release Date: 2026-06-03T11:01:09Z Rating: important References: * bsc#1262395 * bsc#1264706 * bsc#1264707 * bsc#1264708 * bsc#1265349 * bsc#1265360 Cross-References: * CVE-2026-42307 * CVE-2026-43961 * CVE-2026-44656 * CVE-2026-45130 * CVE-2026-46483 CVSS scores: * CVE-2026-42307 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-43961 ( SUSE ): 5.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43961 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2026-44656 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-44656 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-44656 ( NVD ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-44656 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-45130 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2026-45130 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2026-45130 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-46483 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46483 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-46483 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-46483 ( NVD ): 3.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP7 * Desktop Applications Module 15-SP7 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for vim fixes the following issues * CVE-2026-42307: Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim (bsc#1264706). * CVE-2026-43961: Vimscript Code Injection in netrw NetrwMarkFile() via crafted filename (bsc#1265349). * CVE-2026-44656: Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's: find command-line completion (bsc#1264707). * CVE-2026-45130: Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 encoding active (bsc#1264708). * CVE-2026-46483: command injection via `tar#Vimuntar()` in `runtime/autoload/tar.vim` when decompressing `.tgz` archives on Unix-like systems (bsc#1265360). Changes for vim: * Update to v9.2.0530. * Fix for incorrectly detecting scientific parameter files as bitbake recipies. (bsc#1262395) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2236=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2236=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2236=1 * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2026-2236=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2236=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2236=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2236=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2236=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2236=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2236=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * gvim-debuginfo-9.2.0530-150500.20.52.1 * vim-small-9.2.0530-150500.20.52.1 * gvim-9.2.0530-150500.20.52.1 * vim-debugsource-9.2.0530-150500.20.52.1 * vim-debuginfo-9.2.0530-150500.20.52.1 * vim-small-debuginfo-9.2.0530-150500.20.52.1 * vim-9.2.0530-150500.20.52.1 * openSUSE Leap 15.5 (noarch) * vim-data-common-9.2.0530-150500.20.52.1 * vim-data-9.2.0530-150500.20.52.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * vim-data-common-9.2.0530-150500.20.52.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * vim-small-9.2.0530-150500.20.52.1 * vim-debugsource-9.2.0530-150500.20.52.1 * vim-debuginfo-9.2.0530-150500.20.52.1 * vim-small-debuginfo-9.2.0530-150500.20.52.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * vim-small-9.2.0530-150500.20.52.1 * vim-debugsource-9.2.0530-150500.20.52.1 * vim-debuginfo-9.2.0530-150500.20.52.1 * vim-small-debuginfo-9.2.0530-150500.20.52.1 * vim-9.2.0530-150500.20.52.1 * Basesystem Module 15-SP7 (noarch) * vim-data-common-9.2.0530-150500.20.52.1 * vim-data-9.2.0530-150500.20.52.1 * Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * gvim-debuginfo-9.2.0530-150500.20.52.1 * vim-debugsource-9.2.0530-150500.20.52.1 * vim-debuginfo-9.2.0530-150500.20.52.1 * gvim-9.2.0530-150500.20.52.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * gvim-debuginfo-9.2.0530-150500.20.52.1 * vim-small-9.2.0530-150500.20.52.1 * gvim-9.2.0530-150500.20.52.1 * vim-debugsource-9.2.0530-150500.20.52.1 * vim-debuginfo-9.2.0530-150500.20.52.1 * vim-small-debuginfo-9.2.0530-150500.20.52.1 * vim-9.2.0530-150500.20.52.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * vim-data-common-9.2.0530-150500.20.52.1 * vim-data-9.2.0530-150500.20.52.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * gvim-debuginfo-9.2.0530-150500.20.52.1 * vim-small-9.2.0530-150500.20.52.1 * gvim-9.2.0530-150500.20.52.1 * vim-debugsource-9.2.0530-150500.20.52.1 * vim-debuginfo-9.2.0530-150500.20.52.1 * vim-small-debuginfo-9.2.0530-150500.20.52.1 * vim-9.2.0530-150500.20.52.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * vim-data-common-9.2.0530-150500.20.52.1 * vim-data-9.2.0530-150500.20.52.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * gvim-debuginfo-9.2.0530-150500.20.52.1 * vim-small-9.2.0530-150500.20.52.1 * gvim-9.2.0530-150500.20.52.1 * vim-debugsource-9.2.0530-150500.20.52.1 * vim-debuginfo-9.2.0530-150500.20.52.1 * vim-small-debuginfo-9.2.0530-150500.20.52.1 * vim-9.2.0530-150500.20.52.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * vim-data-common-9.2.0530-150500.20.52.1 * vim-data-9.2.0530-150500.20.52.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * gvim-debuginfo-9.2.0530-150500.20.52.1 * vim-small-9.2.0530-150500.20.52.1 * gvim-9.2.0530-150500.20.52.1 * vim-debugsource-9.2.0530-150500.20.52.1 * vim-debuginfo-9.2.0530-150500.20.52.1 * vim-small-debuginfo-9.2.0530-150500.20.52.1 * vim-9.2.0530-150500.20.52.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * vim-data-common-9.2.0530-150500.20.52.1 * vim-data-9.2.0530-150500.20.52.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * gvim-debuginfo-9.2.0530-150500.20.52.1 * vim-small-9.2.0530-150500.20.52.1 * gvim-9.2.0530-150500.20.52.1 * vim-debugsource-9.2.0530-150500.20.52.1 * vim-debuginfo-9.2.0530-150500.20.52.1 * vim-small-debuginfo-9.2.0530-150500.20.52.1 * vim-9.2.0530-150500.20.52.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * vim-data-common-9.2.0530-150500.20.52.1 * vim-data-9.2.0530-150500.20.52.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * gvim-debuginfo-9.2.0530-150500.20.52.1 * vim-small-9.2.0530-150500.20.52.1 * gvim-9.2.0530-150500.20.52.1 * vim-debugsource-9.2.0530-150500.20.52.1 * vim-debuginfo-9.2.0530-150500.20.52.1 * vim-small-debuginfo-9.2.0530-150500.20.52.1 * vim-9.2.0530-150500.20.52.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * vim-data-common-9.2.0530-150500.20.52.1 * vim-data-9.2.0530-150500.20.52.1 ## References: * https://www.suse.com/security/cve/CVE-2026-42307.html * https://www.suse.com/security/cve/CVE-2026-43961.html * https://www.suse.com/security/cve/CVE-2026-44656.html * https://www.suse.com/security/cve/CVE-2026-45130.html * https://www.suse.com/security/cve/CVE-2026-46483.html * https://bugzilla.suse.com/show_bug.cgi?id=1262395 * https://bugzilla.suse.com/show_bug.cgi?id=1264706 * https://bugzilla.suse.com/show_bug.cgi?id=1264707 * https://bugzilla.suse.com/show_bug.cgi?id=1264708 * https://bugzilla.suse.com/show_bug.cgi?id=1265349 * https://bugzilla.suse.com/show_bug.cgi?id=1265360 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jun 4 16:37:40 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 04 Jun 2026 16:37:40 -0000 Subject: SUSE-SU-2026:2235-1: important: Security update for evince Message-ID: <178059106093.33.17411140963973319006@4a60935d78bd> # Security update for evince Announcement ID: SUSE-SU-2026:2235-1 Release Date: 2026-06-03T11:00:13Z Rating: important References: * bsc#1265880 Cross-References: * CVE-2026-46529 CVSS scores: * CVE-2026-46529 ( SUSE ): 7.5 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46529 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Desktop Applications Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for evince fixes the following issue * CVE-2026-46529: improper argument sanitization can lead to command injection (bsc#1265880). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2235=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2235=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2235=1 * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2026-2235=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * evince-plugin-psdocument-debuginfo-45.0-150600.3.3.1 * libevdocument3-4-debuginfo-45.0-150600.3.3.1 * evince-plugin-djvudocument-45.0-150600.3.3.1 * evince-plugin-pdfdocument-45.0-150600.3.3.1 * evince-devel-45.0-150600.3.3.1 * evince-plugin-comicsdocument-debuginfo-45.0-150600.3.3.1 * evince-plugin-xpsdocument-debuginfo-45.0-150600.3.3.1 * evince-45.0-150600.3.3.1 * evince-plugin-comicsdocument-45.0-150600.3.3.1 * evince-plugin-pdfdocument-debuginfo-45.0-150600.3.3.1 * evince-plugin-tiffdocument-45.0-150600.3.3.1 * evince-plugin-psdocument-45.0-150600.3.3.1 * libevview3-3-debuginfo-45.0-150600.3.3.1 * evince-plugin-djvudocument-debuginfo-45.0-150600.3.3.1 * typelib-1_0-EvinceView-3_0-45.0-150600.3.3.1 * evince-plugin-dvidocument-debuginfo-45.0-150600.3.3.1 * evince-debuginfo-45.0-150600.3.3.1 * typelib-1_0-EvinceDocument-3_0-45.0-150600.3.3.1 * evince-debugsource-45.0-150600.3.3.1 * libevview3-3-45.0-150600.3.3.1 * evince-plugin-tiffdocument-debuginfo-45.0-150600.3.3.1 * libevdocument3-4-45.0-150600.3.3.1 * evince-plugin-dvidocument-45.0-150600.3.3.1 * evince-plugin-xpsdocument-45.0-150600.3.3.1 * openSUSE Leap 15.6 (noarch) * evince-lang-45.0-150600.3.3.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * evince-plugin-psdocument-debuginfo-45.0-150600.3.3.1 * libevdocument3-4-debuginfo-45.0-150600.3.3.1 * evince-plugin-djvudocument-45.0-150600.3.3.1 * evince-plugin-pdfdocument-45.0-150600.3.3.1 * evince-devel-45.0-150600.3.3.1 * evince-plugin-xpsdocument-debuginfo-45.0-150600.3.3.1 * evince-45.0-150600.3.3.1 * evince-plugin-pdfdocument-debuginfo-45.0-150600.3.3.1 * evince-plugin-tiffdocument-45.0-150600.3.3.1 * evince-plugin-psdocument-45.0-150600.3.3.1 * libevview3-3-debuginfo-45.0-150600.3.3.1 * evince-plugin-djvudocument-debuginfo-45.0-150600.3.3.1 * typelib-1_0-EvinceView-3_0-45.0-150600.3.3.1 * evince-plugin-dvidocument-debuginfo-45.0-150600.3.3.1 * evince-debuginfo-45.0-150600.3.3.1 * typelib-1_0-EvinceDocument-3_0-45.0-150600.3.3.1 * evince-debugsource-45.0-150600.3.3.1 * libevview3-3-45.0-150600.3.3.1 * evince-plugin-tiffdocument-debuginfo-45.0-150600.3.3.1 * evince-plugin-dvidocument-45.0-150600.3.3.1 * libevdocument3-4-45.0-150600.3.3.1 * evince-plugin-xpsdocument-45.0-150600.3.3.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * evince-lang-45.0-150600.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * evince-plugin-psdocument-debuginfo-45.0-150600.3.3.1 * libevdocument3-4-debuginfo-45.0-150600.3.3.1 * evince-plugin-djvudocument-45.0-150600.3.3.1 * evince-plugin-pdfdocument-45.0-150600.3.3.1 * evince-devel-45.0-150600.3.3.1 * evince-plugin-xpsdocument-debuginfo-45.0-150600.3.3.1 * evince-45.0-150600.3.3.1 * evince-plugin-pdfdocument-debuginfo-45.0-150600.3.3.1 * evince-plugin-tiffdocument-45.0-150600.3.3.1 * evince-plugin-psdocument-45.0-150600.3.3.1 * libevview3-3-debuginfo-45.0-150600.3.3.1 * evince-plugin-djvudocument-debuginfo-45.0-150600.3.3.1 * typelib-1_0-EvinceView-3_0-45.0-150600.3.3.1 * evince-plugin-dvidocument-debuginfo-45.0-150600.3.3.1 * evince-debuginfo-45.0-150600.3.3.1 * typelib-1_0-EvinceDocument-3_0-45.0-150600.3.3.1 * evince-debugsource-45.0-150600.3.3.1 * libevview3-3-45.0-150600.3.3.1 * evince-plugin-tiffdocument-debuginfo-45.0-150600.3.3.1 * evince-plugin-dvidocument-45.0-150600.3.3.1 * libevdocument3-4-45.0-150600.3.3.1 * evince-plugin-xpsdocument-45.0-150600.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * evince-lang-45.0-150600.3.3.1 * Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * evince-plugin-psdocument-debuginfo-45.0-150600.3.3.1 * libevdocument3-4-debuginfo-45.0-150600.3.3.1 * evince-plugin-djvudocument-45.0-150600.3.3.1 * evince-plugin-pdfdocument-45.0-150600.3.3.1 * evince-devel-45.0-150600.3.3.1 * evince-plugin-xpsdocument-debuginfo-45.0-150600.3.3.1 * evince-45.0-150600.3.3.1 * evince-plugin-pdfdocument-debuginfo-45.0-150600.3.3.1 * evince-plugin-tiffdocument-45.0-150600.3.3.1 * evince-plugin-psdocument-45.0-150600.3.3.1 * libevview3-3-debuginfo-45.0-150600.3.3.1 * evince-plugin-djvudocument-debuginfo-45.0-150600.3.3.1 * typelib-1_0-EvinceView-3_0-45.0-150600.3.3.1 * evince-plugin-dvidocument-debuginfo-45.0-150600.3.3.1 * evince-debuginfo-45.0-150600.3.3.1 * typelib-1_0-EvinceDocument-3_0-45.0-150600.3.3.1 * evince-debugsource-45.0-150600.3.3.1 * libevview3-3-45.0-150600.3.3.1 * evince-plugin-tiffdocument-debuginfo-45.0-150600.3.3.1 * evince-plugin-dvidocument-45.0-150600.3.3.1 * libevdocument3-4-45.0-150600.3.3.1 * evince-plugin-xpsdocument-45.0-150600.3.3.1 * Desktop Applications Module 15-SP7 (noarch) * evince-lang-45.0-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-46529.html * https://bugzilla.suse.com/show_bug.cgi?id=1265880 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jun 4 16:37:46 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 04 Jun 2026 16:37:46 -0000 Subject: SUSE-SU-2026:2234-1: important: Security update for python-Pillow Message-ID: <178059106670.33.9945780452066228008@4a60935d78bd> # Security update for python-Pillow Announcement ID: SUSE-SU-2026:2234-1 Release Date: 2026-06-03T10:59:44Z Rating: important References: * bsc#1265154 * bsc#1265359 Cross-References: * CVE-2026-42308 * CVE-2026-42310 CVSS scores: * CVE-2026-42308 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-42308 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42308 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-42308 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42310 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42310 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-42310 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for python-Pillow fixes the following issues * CVE-2026-42308: integer overflow in font processing can lead to denial of service (bsc#1265359). * CVE-2026-42310: infinite loop and resource exhaustion when processing specially crafted PDFs (bsc#1265154). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2234=1 * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-2234=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2234=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2234=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2234=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2234=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2234=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2234=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2234=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2234=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2234=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2234=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python-Pillow-debuginfo-9.5.0-150400.5.20.1 * python311-Pillow-tk-9.5.0-150400.5.20.1 * python-Pillow-debugsource-9.5.0-150400.5.20.1 * python311-Pillow-9.5.0-150400.5.20.1 * python311-Pillow-debuginfo-9.5.0-150400.5.20.1 * python311-Pillow-tk-debuginfo-9.5.0-150400.5.20.1 * Python 3 Module 15-SP7 (aarch64 ppc64le s390x x86_64) * python-Pillow-debuginfo-9.5.0-150400.5.20.1 * python311-Pillow-tk-9.5.0-150400.5.20.1 * python-Pillow-debugsource-9.5.0-150400.5.20.1 * python311-Pillow-9.5.0-150400.5.20.1 * python311-Pillow-debuginfo-9.5.0-150400.5.20.1 * python311-Pillow-tk-debuginfo-9.5.0-150400.5.20.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * python-Pillow-debuginfo-9.5.0-150400.5.20.1 * python311-Pillow-tk-9.5.0-150400.5.20.1 * python-Pillow-debugsource-9.5.0-150400.5.20.1 * python311-Pillow-9.5.0-150400.5.20.1 * python311-Pillow-debuginfo-9.5.0-150400.5.20.1 * python311-Pillow-tk-debuginfo-9.5.0-150400.5.20.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * python-Pillow-debuginfo-9.5.0-150400.5.20.1 * python311-Pillow-tk-9.5.0-150400.5.20.1 * python-Pillow-debugsource-9.5.0-150400.5.20.1 * python311-Pillow-9.5.0-150400.5.20.1 * python311-Pillow-debuginfo-9.5.0-150400.5.20.1 * python311-Pillow-tk-debuginfo-9.5.0-150400.5.20.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * python-Pillow-debuginfo-9.5.0-150400.5.20.1 * python311-Pillow-tk-9.5.0-150400.5.20.1 * python-Pillow-debugsource-9.5.0-150400.5.20.1 * python311-Pillow-9.5.0-150400.5.20.1 * python311-Pillow-debuginfo-9.5.0-150400.5.20.1 * python311-Pillow-tk-debuginfo-9.5.0-150400.5.20.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * python-Pillow-debuginfo-9.5.0-150400.5.20.1 * python311-Pillow-tk-9.5.0-150400.5.20.1 * python-Pillow-debugsource-9.5.0-150400.5.20.1 * python311-Pillow-9.5.0-150400.5.20.1 * python311-Pillow-debuginfo-9.5.0-150400.5.20.1 * python311-Pillow-tk-debuginfo-9.5.0-150400.5.20.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * python-Pillow-debuginfo-9.5.0-150400.5.20.1 * python311-Pillow-tk-9.5.0-150400.5.20.1 * python-Pillow-debugsource-9.5.0-150400.5.20.1 * python311-Pillow-9.5.0-150400.5.20.1 * python311-Pillow-debuginfo-9.5.0-150400.5.20.1 * python311-Pillow-tk-debuginfo-9.5.0-150400.5.20.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * python-Pillow-debuginfo-9.5.0-150400.5.20.1 * python311-Pillow-tk-9.5.0-150400.5.20.1 * python-Pillow-debugsource-9.5.0-150400.5.20.1 * python311-Pillow-9.5.0-150400.5.20.1 * python311-Pillow-debuginfo-9.5.0-150400.5.20.1 * python311-Pillow-tk-debuginfo-9.5.0-150400.5.20.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * python-Pillow-debuginfo-9.5.0-150400.5.20.1 * python311-Pillow-tk-9.5.0-150400.5.20.1 * python-Pillow-debugsource-9.5.0-150400.5.20.1 * python311-Pillow-9.5.0-150400.5.20.1 * python311-Pillow-debuginfo-9.5.0-150400.5.20.1 * python311-Pillow-tk-debuginfo-9.5.0-150400.5.20.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * python-Pillow-debuginfo-9.5.0-150400.5.20.1 * python311-Pillow-tk-9.5.0-150400.5.20.1 * python-Pillow-debugsource-9.5.0-150400.5.20.1 * python311-Pillow-9.5.0-150400.5.20.1 * python311-Pillow-debuginfo-9.5.0-150400.5.20.1 * python311-Pillow-tk-debuginfo-9.5.0-150400.5.20.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * python-Pillow-debuginfo-9.5.0-150400.5.20.1 * python311-Pillow-tk-9.5.0-150400.5.20.1 * python-Pillow-debugsource-9.5.0-150400.5.20.1 * python311-Pillow-9.5.0-150400.5.20.1 * python311-Pillow-debuginfo-9.5.0-150400.5.20.1 * python311-Pillow-tk-debuginfo-9.5.0-150400.5.20.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * python-Pillow-debuginfo-9.5.0-150400.5.20.1 * python311-Pillow-tk-9.5.0-150400.5.20.1 * python-Pillow-debugsource-9.5.0-150400.5.20.1 * python311-Pillow-9.5.0-150400.5.20.1 * python311-Pillow-debuginfo-9.5.0-150400.5.20.1 * python311-Pillow-tk-debuginfo-9.5.0-150400.5.20.1 ## References: * https://www.suse.com/security/cve/CVE-2026-42308.html * https://www.suse.com/security/cve/CVE-2026-42310.html * https://bugzilla.suse.com/show_bug.cgi?id=1265154 * https://bugzilla.suse.com/show_bug.cgi?id=1265359 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jun 4 16:37:58 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 04 Jun 2026 16:37:58 -0000 Subject: SUSE-SU-2026:2233-1: important: Security update for vim Message-ID: <178059107822.33.4250476049835268409@4a60935d78bd> # Security update for vim Announcement ID: SUSE-SU-2026:2233-1 Release Date: 2026-06-03T10:58:45Z Rating: important References: * bsc#1262395 * bsc#1264706 * bsc#1264707 * bsc#1264708 * bsc#1265349 * bsc#1265360 Cross-References: * CVE-2026-42307 * CVE-2026-43961 * CVE-2026-44656 * CVE-2026-45130 * CVE-2026-46483 CVSS scores: * CVE-2026-42307 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-43961 ( SUSE ): 5.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43961 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2026-44656 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-44656 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-44656 ( NVD ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-44656 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-45130 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2026-45130 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2026-45130 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-46483 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46483 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-46483 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-46483 ( NVD ): 3.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for vim fixes the following issues * CVE-2026-42307: Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim (bsc#1264706). * CVE-2026-43961: Vimscript Code Injection in netrw NetrwMarkFile() via crafted filename (bsc#1265349). * CVE-2026-44656: Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's: find command-line completion (bsc#1264707). * CVE-2026-45130: Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 encoding active (bsc#1264708). * CVE-2026-46483: command injection via `tar#Vimuntar()` in `runtime/autoload/tar.vim` when decompressing `.tgz` archives on Unix-like systems (bsc#1265360). Changes for vim: * Update to v9.2.0530. * Fix for incorrectly detecting scientific parameter files as bitbake recipies. (bsc#1262395) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-2233=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2233=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * vim-debuginfo-9.2.0530-17.68.1 * gvim-debuginfo-9.2.0530-17.68.1 * vim-debugsource-9.2.0530-17.68.1 * vim-9.2.0530-17.68.1 * gvim-9.2.0530-17.68.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * vim-data-9.2.0530-17.68.1 * vim-data-common-9.2.0530-17.68.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * vim-debuginfo-9.2.0530-17.68.1 * gvim-debuginfo-9.2.0530-17.68.1 * vim-debugsource-9.2.0530-17.68.1 * vim-9.2.0530-17.68.1 * gvim-9.2.0530-17.68.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * vim-data-9.2.0530-17.68.1 * vim-data-common-9.2.0530-17.68.1 ## References: * https://www.suse.com/security/cve/CVE-2026-42307.html * https://www.suse.com/security/cve/CVE-2026-43961.html * https://www.suse.com/security/cve/CVE-2026-44656.html * https://www.suse.com/security/cve/CVE-2026-45130.html * https://www.suse.com/security/cve/CVE-2026-46483.html * https://bugzilla.suse.com/show_bug.cgi?id=1262395 * https://bugzilla.suse.com/show_bug.cgi?id=1264706 * https://bugzilla.suse.com/show_bug.cgi?id=1264707 * https://bugzilla.suse.com/show_bug.cgi?id=1264708 * https://bugzilla.suse.com/show_bug.cgi?id=1265349 * https://bugzilla.suse.com/show_bug.cgi?id=1265360 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jun 4 16:38:02 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 04 Jun 2026 16:38:02 -0000 Subject: SUSE-SU-2026:2232-1: important: Security update for evince Message-ID: <178059108285.33.16926143476561464863@4a60935d78bd> # Security update for evince Announcement ID: SUSE-SU-2026:2232-1 Release Date: 2026-06-03T10:58:32Z Rating: important References: * bsc#1265880 Cross-References: * CVE-2026-46529 CVSS scores: * CVE-2026-46529 ( SUSE ): 7.5 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46529 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for evince fixes the following issue * CVE-2026-46529: improper argument sanitization can lead to command injection (bsc#1265880). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2232=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2232=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2232=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2232=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2232=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2232=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2232=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2232=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2232=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * evince-plugin-psdocument-41.4-150400.3.6.1 * typelib-1_0-EvinceDocument-3_0-41.4-150400.3.6.1 * evince-devel-41.4-150400.3.6.1 * evince-plugin-dvidocument-41.4-150400.3.6.1 * libevview3-3-41.4-150400.3.6.1 * nautilus-evince-41.4-150400.3.6.1 * evince-debugsource-41.4-150400.3.6.1 * evince-plugin-djvudocument-41.4-150400.3.6.1 * evince-plugin-tiffdocument-41.4-150400.3.6.1 * evince-plugin-xpsdocument-41.4-150400.3.6.1 * evince-plugin-xpsdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-tiffdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-dvidocument-debuginfo-41.4-150400.3.6.1 * libevview3-3-debuginfo-41.4-150400.3.6.1 * libevdocument3-4-41.4-150400.3.6.1 * evince-plugin-djvudocument-debuginfo-41.4-150400.3.6.1 * libevdocument3-4-debuginfo-41.4-150400.3.6.1 * evince-41.4-150400.3.6.1 * evince-plugin-pdfdocument-41.4-150400.3.6.1 * nautilus-evince-debuginfo-41.4-150400.3.6.1 * typelib-1_0-EvinceView-3_0-41.4-150400.3.6.1 * evince-debuginfo-41.4-150400.3.6.1 * evince-plugin-pdfdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-psdocument-debuginfo-41.4-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * evince-lang-41.4-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * evince-plugin-psdocument-41.4-150400.3.6.1 * typelib-1_0-EvinceDocument-3_0-41.4-150400.3.6.1 * evince-devel-41.4-150400.3.6.1 * evince-plugin-dvidocument-41.4-150400.3.6.1 * libevview3-3-41.4-150400.3.6.1 * nautilus-evince-41.4-150400.3.6.1 * evince-debugsource-41.4-150400.3.6.1 * evince-plugin-djvudocument-41.4-150400.3.6.1 * evince-plugin-tiffdocument-41.4-150400.3.6.1 * evince-plugin-xpsdocument-41.4-150400.3.6.1 * evince-plugin-xpsdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-tiffdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-dvidocument-debuginfo-41.4-150400.3.6.1 * libevview3-3-debuginfo-41.4-150400.3.6.1 * libevdocument3-4-41.4-150400.3.6.1 * evince-plugin-djvudocument-debuginfo-41.4-150400.3.6.1 * evince-41.4-150400.3.6.1 * libevdocument3-4-debuginfo-41.4-150400.3.6.1 * evince-plugin-pdfdocument-41.4-150400.3.6.1 * nautilus-evince-debuginfo-41.4-150400.3.6.1 * typelib-1_0-EvinceView-3_0-41.4-150400.3.6.1 * evince-debuginfo-41.4-150400.3.6.1 * evince-plugin-pdfdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-psdocument-debuginfo-41.4-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * evince-lang-41.4-150400.3.6.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * evince-plugin-psdocument-41.4-150400.3.6.1 * typelib-1_0-EvinceDocument-3_0-41.4-150400.3.6.1 * evince-devel-41.4-150400.3.6.1 * evince-plugin-dvidocument-41.4-150400.3.6.1 * libevview3-3-41.4-150400.3.6.1 * evince-plugin-comicsdocument-41.4-150400.3.6.1 * nautilus-evince-41.4-150400.3.6.1 * evince-plugin-comicsdocument-debuginfo-41.4-150400.3.6.1 * evince-debugsource-41.4-150400.3.6.1 * evince-plugin-djvudocument-41.4-150400.3.6.1 * evince-plugin-tiffdocument-41.4-150400.3.6.1 * evince-plugin-xpsdocument-41.4-150400.3.6.1 * evince-plugin-xpsdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-tiffdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-dvidocument-debuginfo-41.4-150400.3.6.1 * libevview3-3-debuginfo-41.4-150400.3.6.1 * libevdocument3-4-41.4-150400.3.6.1 * evince-plugin-djvudocument-debuginfo-41.4-150400.3.6.1 * evince-41.4-150400.3.6.1 * libevdocument3-4-debuginfo-41.4-150400.3.6.1 * evince-plugin-pdfdocument-41.4-150400.3.6.1 * nautilus-evince-debuginfo-41.4-150400.3.6.1 * typelib-1_0-EvinceView-3_0-41.4-150400.3.6.1 * evince-debuginfo-41.4-150400.3.6.1 * evince-plugin-pdfdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-psdocument-debuginfo-41.4-150400.3.6.1 * openSUSE Leap 15.4 (noarch) * evince-lang-41.4-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * evince-plugin-psdocument-41.4-150400.3.6.1 * typelib-1_0-EvinceDocument-3_0-41.4-150400.3.6.1 * evince-plugin-dvidocument-41.4-150400.3.6.1 * evince-devel-41.4-150400.3.6.1 * libevview3-3-41.4-150400.3.6.1 * nautilus-evince-41.4-150400.3.6.1 * evince-debugsource-41.4-150400.3.6.1 * evince-plugin-djvudocument-41.4-150400.3.6.1 * evince-plugin-tiffdocument-41.4-150400.3.6.1 * evince-plugin-xpsdocument-41.4-150400.3.6.1 * evince-plugin-xpsdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-tiffdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-dvidocument-debuginfo-41.4-150400.3.6.1 * libevview3-3-debuginfo-41.4-150400.3.6.1 * libevdocument3-4-41.4-150400.3.6.1 * evince-plugin-djvudocument-debuginfo-41.4-150400.3.6.1 * libevdocument3-4-debuginfo-41.4-150400.3.6.1 * evince-41.4-150400.3.6.1 * evince-plugin-pdfdocument-41.4-150400.3.6.1 * nautilus-evince-debuginfo-41.4-150400.3.6.1 * typelib-1_0-EvinceView-3_0-41.4-150400.3.6.1 * evince-debuginfo-41.4-150400.3.6.1 * evince-plugin-pdfdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-psdocument-debuginfo-41.4-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * evince-lang-41.4-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * evince-plugin-psdocument-41.4-150400.3.6.1 * typelib-1_0-EvinceDocument-3_0-41.4-150400.3.6.1 * evince-devel-41.4-150400.3.6.1 * evince-plugin-dvidocument-41.4-150400.3.6.1 * libevview3-3-41.4-150400.3.6.1 * nautilus-evince-41.4-150400.3.6.1 * evince-debugsource-41.4-150400.3.6.1 * evince-plugin-djvudocument-41.4-150400.3.6.1 * evince-plugin-tiffdocument-41.4-150400.3.6.1 * evince-plugin-xpsdocument-41.4-150400.3.6.1 * evince-plugin-xpsdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-tiffdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-dvidocument-debuginfo-41.4-150400.3.6.1 * libevview3-3-debuginfo-41.4-150400.3.6.1 * libevdocument3-4-41.4-150400.3.6.1 * evince-plugin-djvudocument-debuginfo-41.4-150400.3.6.1 * evince-41.4-150400.3.6.1 * libevdocument3-4-debuginfo-41.4-150400.3.6.1 * evince-plugin-pdfdocument-41.4-150400.3.6.1 * nautilus-evince-debuginfo-41.4-150400.3.6.1 * typelib-1_0-EvinceView-3_0-41.4-150400.3.6.1 * evince-debuginfo-41.4-150400.3.6.1 * evince-plugin-pdfdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-psdocument-debuginfo-41.4-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * evince-lang-41.4-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * typelib-1_0-EvinceDocument-3_0-41.4-150400.3.6.1 * evince-plugin-psdocument-41.4-150400.3.6.1 * evince-devel-41.4-150400.3.6.1 * evince-plugin-dvidocument-41.4-150400.3.6.1 * libevview3-3-41.4-150400.3.6.1 * nautilus-evince-41.4-150400.3.6.1 * evince-debugsource-41.4-150400.3.6.1 * evince-plugin-djvudocument-41.4-150400.3.6.1 * evince-plugin-tiffdocument-41.4-150400.3.6.1 * evince-plugin-xpsdocument-41.4-150400.3.6.1 * evince-plugin-xpsdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-tiffdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-dvidocument-debuginfo-41.4-150400.3.6.1 * libevview3-3-debuginfo-41.4-150400.3.6.1 * libevdocument3-4-41.4-150400.3.6.1 * evince-plugin-djvudocument-debuginfo-41.4-150400.3.6.1 * evince-41.4-150400.3.6.1 * libevdocument3-4-debuginfo-41.4-150400.3.6.1 * evince-plugin-pdfdocument-41.4-150400.3.6.1 * nautilus-evince-debuginfo-41.4-150400.3.6.1 * typelib-1_0-EvinceView-3_0-41.4-150400.3.6.1 * evince-debuginfo-41.4-150400.3.6.1 * evince-plugin-pdfdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-psdocument-debuginfo-41.4-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * evince-lang-41.4-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * evince-plugin-psdocument-41.4-150400.3.6.1 * typelib-1_0-EvinceDocument-3_0-41.4-150400.3.6.1 * evince-devel-41.4-150400.3.6.1 * evince-plugin-dvidocument-41.4-150400.3.6.1 * libevview3-3-41.4-150400.3.6.1 * nautilus-evince-41.4-150400.3.6.1 * evince-debugsource-41.4-150400.3.6.1 * evince-plugin-djvudocument-41.4-150400.3.6.1 * evince-plugin-tiffdocument-41.4-150400.3.6.1 * evince-plugin-xpsdocument-41.4-150400.3.6.1 * evince-plugin-xpsdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-tiffdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-dvidocument-debuginfo-41.4-150400.3.6.1 * libevview3-3-debuginfo-41.4-150400.3.6.1 * libevdocument3-4-41.4-150400.3.6.1 * evince-plugin-djvudocument-debuginfo-41.4-150400.3.6.1 * evince-41.4-150400.3.6.1 * libevdocument3-4-debuginfo-41.4-150400.3.6.1 * evince-plugin-pdfdocument-41.4-150400.3.6.1 * nautilus-evince-debuginfo-41.4-150400.3.6.1 * typelib-1_0-EvinceView-3_0-41.4-150400.3.6.1 * evince-debuginfo-41.4-150400.3.6.1 * evince-plugin-pdfdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-psdocument-debuginfo-41.4-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * evince-lang-41.4-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * evince-plugin-psdocument-41.4-150400.3.6.1 * typelib-1_0-EvinceDocument-3_0-41.4-150400.3.6.1 * evince-devel-41.4-150400.3.6.1 * evince-plugin-dvidocument-41.4-150400.3.6.1 * libevview3-3-41.4-150400.3.6.1 * nautilus-evince-41.4-150400.3.6.1 * evince-debugsource-41.4-150400.3.6.1 * evince-plugin-djvudocument-41.4-150400.3.6.1 * evince-plugin-tiffdocument-41.4-150400.3.6.1 * evince-plugin-xpsdocument-41.4-150400.3.6.1 * evince-plugin-xpsdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-tiffdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-dvidocument-debuginfo-41.4-150400.3.6.1 * libevview3-3-debuginfo-41.4-150400.3.6.1 * libevdocument3-4-41.4-150400.3.6.1 * evince-plugin-djvudocument-debuginfo-41.4-150400.3.6.1 * evince-41.4-150400.3.6.1 * libevdocument3-4-debuginfo-41.4-150400.3.6.1 * evince-plugin-pdfdocument-41.4-150400.3.6.1 * nautilus-evince-debuginfo-41.4-150400.3.6.1 * typelib-1_0-EvinceView-3_0-41.4-150400.3.6.1 * evince-debuginfo-41.4-150400.3.6.1 * evince-plugin-pdfdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-psdocument-debuginfo-41.4-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * evince-lang-41.4-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * evince-plugin-psdocument-41.4-150400.3.6.1 * typelib-1_0-EvinceDocument-3_0-41.4-150400.3.6.1 * evince-devel-41.4-150400.3.6.1 * evince-plugin-dvidocument-41.4-150400.3.6.1 * libevview3-3-41.4-150400.3.6.1 * nautilus-evince-41.4-150400.3.6.1 * evince-debugsource-41.4-150400.3.6.1 * evince-plugin-djvudocument-41.4-150400.3.6.1 * evince-plugin-tiffdocument-41.4-150400.3.6.1 * evince-plugin-xpsdocument-41.4-150400.3.6.1 * evince-plugin-xpsdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-tiffdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-dvidocument-debuginfo-41.4-150400.3.6.1 * libevview3-3-debuginfo-41.4-150400.3.6.1 * libevdocument3-4-41.4-150400.3.6.1 * evince-plugin-djvudocument-debuginfo-41.4-150400.3.6.1 * evince-41.4-150400.3.6.1 * libevdocument3-4-debuginfo-41.4-150400.3.6.1 * evince-plugin-pdfdocument-41.4-150400.3.6.1 * nautilus-evince-debuginfo-41.4-150400.3.6.1 * typelib-1_0-EvinceView-3_0-41.4-150400.3.6.1 * evince-debuginfo-41.4-150400.3.6.1 * evince-plugin-pdfdocument-debuginfo-41.4-150400.3.6.1 * evince-plugin-psdocument-debuginfo-41.4-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * evince-lang-41.4-150400.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2026-46529.html * https://bugzilla.suse.com/show_bug.cgi?id=1265880 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jun 4 16:38:14 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 04 Jun 2026 16:38:14 -0000 Subject: SUSE-SU-2026:2231-1: important: Security update for glibc Message-ID: <178059109481.33.16570742241441933857@4a60935d78bd> # Security update for glibc Announcement ID: SUSE-SU-2026:2231-1 Release Date: 2026-06-03T10:57:32Z Rating: important References: * bsc#1261206 * bsc#1262464 * bsc#1262465 Cross-References: * CVE-2026-4046 * CVE-2026-5450 * CVE-2026-5928 CVSS scores: * CVE-2026-4046 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-4046 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-4046 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-5450 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-5450 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-5450 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-5928 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-5928 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-5928 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * Development Tools Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities can now be installed. ## Description: This update for glibc fixes the following issues * CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an application (bsc#1261206). * CVE-2026-5450: stdio-common: scanf %mc pattern will cause heap overflow when width > 1024 (bsc#1262465). * CVE-2026-5928: libio: ungetwc could be used to leak data on special conditions (bsc#1262464). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2231=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2231=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2231=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2026-2231=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2231=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586 i686) * glibc-debuginfo-2.38-150600.14.49.1 * glibc-profile-2.38-150600.14.49.1 * glibc-2.38-150600.14.49.1 * glibc-locale-base-debuginfo-2.38-150600.14.49.1 * glibc-debugsource-2.38-150600.14.49.1 * glibc-devel-2.38-150600.14.49.1 * glibc-locale-base-2.38-150600.14.49.1 * libnsl1-2.38-150600.14.49.1 * glibc-devel-static-2.38-150600.14.49.1 * glibc-locale-2.38-150600.14.49.1 * libnsl1-debuginfo-2.38-150600.14.49.1 * glibc-devel-debuginfo-2.38-150600.14.49.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * glibc-extra-debuginfo-2.38-150600.14.49.1 * glibc-utils-src-debugsource-2.38-150600.14.49.1 * glibc-utils-debuginfo-2.38-150600.14.49.1 * glibc-utils-2.38-150600.14.49.1 * glibc-extra-2.38-150600.14.49.1 * nscd-debuginfo-2.38-150600.14.49.1 * nscd-2.38-150600.14.49.1 * openSUSE Leap 15.6 (noarch) * glibc-lang-2.38-150600.14.49.1 * glibc-html-2.38-150600.14.49.1 * glibc-i18ndata-2.38-150600.14.49.1 * glibc-info-2.38-150600.14.49.1 * openSUSE Leap 15.6 (x86_64) * glibc-devel-32bit-debuginfo-2.38-150600.14.49.1 * glibc-32bit-debuginfo-2.38-150600.14.49.1 * glibc-locale-base-32bit-debuginfo-2.38-150600.14.49.1 * glibc-devel-static-32bit-2.38-150600.14.49.1 * glibc-utils-32bit-2.38-150600.14.49.1 * glibc-locale-base-32bit-2.38-150600.14.49.1 * glibc-devel-32bit-2.38-150600.14.49.1 * libnsl1-32bit-2.38-150600.14.49.1 * glibc-profile-32bit-2.38-150600.14.49.1 * glibc-utils-32bit-debuginfo-2.38-150600.14.49.1 * libnsl1-32bit-debuginfo-2.38-150600.14.49.1 * glibc-32bit-2.38-150600.14.49.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libnsl1-64bit-debuginfo-2.38-150600.14.49.1 * libnsl1-64bit-2.38-150600.14.49.1 * glibc-utils-64bit-debuginfo-2.38-150600.14.49.1 * glibc-devel-64bit-debuginfo-2.38-150600.14.49.1 * glibc-locale-base-64bit-debuginfo-2.38-150600.14.49.1 * glibc-locale-base-64bit-2.38-150600.14.49.1 * glibc-utils-64bit-2.38-150600.14.49.1 * glibc-devel-static-64bit-2.38-150600.14.49.1 * glibc-64bit-2.38-150600.14.49.1 * glibc-devel-64bit-2.38-150600.14.49.1 * glibc-64bit-debuginfo-2.38-150600.14.49.1 * glibc-profile-64bit-2.38-150600.14.49.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * glibc-2.38-150600.14.49.1 * glibc-locale-base-2.38-150600.14.49.1 * nscd-debuginfo-2.38-150600.14.49.1 * libnsl1-debuginfo-2.38-150600.14.49.1 * nscd-2.38-150600.14.49.1 * glibc-extra-debuginfo-2.38-150600.14.49.1 * glibc-utils-src-debugsource-2.38-150600.14.49.1 * glibc-locale-base-debuginfo-2.38-150600.14.49.1 * libnsl1-2.38-150600.14.49.1 * glibc-debugsource-2.38-150600.14.49.1 * glibc-devel-static-2.38-150600.14.49.1 * glibc-utils-2.38-150600.14.49.1 * glibc-locale-2.38-150600.14.49.1 * glibc-debuginfo-2.38-150600.14.49.1 * glibc-profile-2.38-150600.14.49.1 * glibc-extra-2.38-150600.14.49.1 * glibc-utils-debuginfo-2.38-150600.14.49.1 * glibc-devel-2.38-150600.14.49.1 * glibc-devel-debuginfo-2.38-150600.14.49.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * glibc-lang-2.38-150600.14.49.1 * glibc-i18ndata-2.38-150600.14.49.1 * glibc-info-2.38-150600.14.49.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64) * glibc-devel-32bit-debuginfo-2.38-150600.14.49.1 * glibc-32bit-debuginfo-2.38-150600.14.49.1 * glibc-locale-base-32bit-debuginfo-2.38-150600.14.49.1 * glibc-locale-base-32bit-2.38-150600.14.49.1 * glibc-devel-32bit-2.38-150600.14.49.1 * libnsl1-32bit-2.38-150600.14.49.1 * libnsl1-32bit-debuginfo-2.38-150600.14.49.1 * glibc-32bit-2.38-150600.14.49.1 * Basesystem Module 15-SP7 (noarch) * glibc-lang-2.38-150600.14.49.1 * glibc-i18ndata-2.38-150600.14.49.1 * glibc-info-2.38-150600.14.49.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * glibc-debuginfo-2.38-150600.14.49.1 * glibc-profile-2.38-150600.14.49.1 * glibc-extra-debuginfo-2.38-150600.14.49.1 * glibc-2.38-150600.14.49.1 * glibc-locale-base-debuginfo-2.38-150600.14.49.1 * libnsl1-2.38-150600.14.49.1 * glibc-debugsource-2.38-150600.14.49.1 * glibc-locale-base-2.38-150600.14.49.1 * glibc-devel-2.38-150600.14.49.1 * glibc-devel-debuginfo-2.38-150600.14.49.1 * glibc-locale-2.38-150600.14.49.1 * glibc-extra-2.38-150600.14.49.1 * nscd-debuginfo-2.38-150600.14.49.1 * libnsl1-debuginfo-2.38-150600.14.49.1 * nscd-2.38-150600.14.49.1 * Basesystem Module 15-SP7 (x86_64) * glibc-32bit-debuginfo-2.38-150600.14.49.1 * glibc-locale-base-32bit-2.38-150600.14.49.1 * libnsl1-32bit-2.38-150600.14.49.1 * libnsl1-32bit-debuginfo-2.38-150600.14.49.1 * glibc-32bit-2.38-150600.14.49.1 * glibc-locale-base-32bit-debuginfo-2.38-150600.14.49.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * glibc-debuginfo-2.38-150600.14.49.1 * glibc-utils-src-debugsource-2.38-150600.14.49.1 * glibc-utils-debuginfo-2.38-150600.14.49.1 * glibc-debugsource-2.38-150600.14.49.1 * glibc-devel-static-2.38-150600.14.49.1 * glibc-utils-2.38-150600.14.49.1 * Development Tools Module 15-SP7 (x86_64) * glibc-devel-32bit-2.38-150600.14.49.1 * glibc-32bit-debuginfo-2.38-150600.14.49.1 * glibc-devel-32bit-debuginfo-2.38-150600.14.49.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * glibc-2.38-150600.14.49.1 * glibc-locale-base-2.38-150600.14.49.1 * nscd-debuginfo-2.38-150600.14.49.1 * libnsl1-debuginfo-2.38-150600.14.49.1 * nscd-2.38-150600.14.49.1 * glibc-extra-debuginfo-2.38-150600.14.49.1 * glibc-utils-src-debugsource-2.38-150600.14.49.1 * glibc-locale-base-debuginfo-2.38-150600.14.49.1 * glibc-debugsource-2.38-150600.14.49.1 * libnsl1-2.38-150600.14.49.1 * glibc-devel-static-2.38-150600.14.49.1 * glibc-utils-2.38-150600.14.49.1 * glibc-locale-2.38-150600.14.49.1 * glibc-debuginfo-2.38-150600.14.49.1 * glibc-profile-2.38-150600.14.49.1 * glibc-extra-2.38-150600.14.49.1 * glibc-utils-debuginfo-2.38-150600.14.49.1 * glibc-devel-2.38-150600.14.49.1 * glibc-devel-debuginfo-2.38-150600.14.49.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * glibc-lang-2.38-150600.14.49.1 * glibc-i18ndata-2.38-150600.14.49.1 * glibc-info-2.38-150600.14.49.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (x86_64) * glibc-devel-32bit-debuginfo-2.38-150600.14.49.1 * glibc-32bit-debuginfo-2.38-150600.14.49.1 * glibc-locale-base-32bit-debuginfo-2.38-150600.14.49.1 * glibc-locale-base-32bit-2.38-150600.14.49.1 * glibc-devel-32bit-2.38-150600.14.49.1 * libnsl1-32bit-2.38-150600.14.49.1 * libnsl1-32bit-debuginfo-2.38-150600.14.49.1 * glibc-32bit-2.38-150600.14.49.1 ## References: * https://www.suse.com/security/cve/CVE-2026-4046.html * https://www.suse.com/security/cve/CVE-2026-5450.html * https://www.suse.com/security/cve/CVE-2026-5928.html * https://bugzilla.suse.com/show_bug.cgi?id=1261206 * https://bugzilla.suse.com/show_bug.cgi?id=1262464 * https://bugzilla.suse.com/show_bug.cgi?id=1262465 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jun 4 16:38:32 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 04 Jun 2026 16:38:32 -0000 Subject: SUSE-SU-2026:2229-1: critical: Security update for hplip Message-ID: <178059111246.33.7345576395726778635@4a60935d78bd> # Security update for hplip Announcement ID: SUSE-SU-2026:2229-1 Release Date: 2026-06-03T08:07:21Z Rating: critical References: * bsc#1209401 * bsc#1245358 * bsc#1250481 * bsc#1257529 * bsc#1266023 * bsc#1266024 * bsc#1266031 * jsc#PED-11978 Cross-References: * CVE-2025-43023 * CVE-2026-8631 * CVE-2026-8632 CVSS scores: * CVE-2025-43023 ( SUSE ): 7.5 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-43023 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-43023 ( NVD ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-43023 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-8631 ( SUSE ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-8631 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-8631 ( NVD ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-8631 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-8632 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-8632 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-8632 ( NVD ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-8632 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP7 * Desktop Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities, contains one feature and has four security fixes can now be installed. ## Description: This update for hplip fixes the following issues Security issues: * CVE-2025-43023: weak code signing DSA key used to generate package signatures can lead to key spoofing and malicious software installation (bsc#1266031). * CVE-2026-8631: escalation of privileges and/or arbitrary code execution via an integer overflow in the hpcups processing path (bsc#1266023). * CVE-2026-8632: escalation of privileges and/or arbitrary code execution via operating system command injection (bsc#1266024). * Unauthenticated remote (LAN) denial-of-service in the SLP parser (ReDoS). (bsc#1245358) * URI parameter injection via unsanitized USB serial number. (bsc#1209401) Non security issues: * Can't set up fax for HP OfficeJet 3830 (bsc#1257529). * hplip requires foomatic-filters which does not exist in Leap 16 (bsc#1250481). * Update to HPLIP 3.26.4 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2229=1 * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2026-2229=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * hplip-hpijs-3.26.4-150700.4.3.1 * hplip-sane-3.26.4-150700.4.3.1 * hplip-devel-3.26.4-150700.4.3.1 * hplip-debuginfo-3.26.4-150700.4.3.1 * hplip-debugsource-3.26.4-150700.4.3.1 * hplip-sane-debuginfo-3.26.4-150700.4.3.1 * hplip-udev-rules-3.26.4-150700.4.3.1 * hplip-hpijs-debuginfo-3.26.4-150700.4.3.1 * Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * hplip-3.26.4-150700.4.3.1 * hplip-debuginfo-3.26.4-150700.4.3.1 * hplip-debugsource-3.26.4-150700.4.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43023.html * https://www.suse.com/security/cve/CVE-2026-8631.html * https://www.suse.com/security/cve/CVE-2026-8632.html * https://bugzilla.suse.com/show_bug.cgi?id=1209401 * https://bugzilla.suse.com/show_bug.cgi?id=1245358 * https://bugzilla.suse.com/show_bug.cgi?id=1250481 * https://bugzilla.suse.com/show_bug.cgi?id=1257529 * https://bugzilla.suse.com/show_bug.cgi?id=1266023 * https://bugzilla.suse.com/show_bug.cgi?id=1266024 * https://bugzilla.suse.com/show_bug.cgi?id=1266031 * https://jira.suse.com/browse/PED-11978 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jun 4 16:38:43 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 04 Jun 2026 16:38:43 -0000 Subject: SUSE-SU-2026:2228-1: critical: Security update for hplip Message-ID: <178059112337.33.13025767167752287973@4a60935d78bd> # Security update for hplip Announcement ID: SUSE-SU-2026:2228-1 Release Date: 2026-06-03T08:07:01Z Rating: critical References: * bsc#1245358 * bsc#1250481 * bsc#1257529 * bsc#1266023 * bsc#1266024 * bsc#1266031 Cross-References: * CVE-2025-43023 * CVE-2026-8631 * CVE-2026-8632 CVSS scores: * CVE-2025-43023 ( SUSE ): 7.5 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-43023 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-43023 ( NVD ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-43023 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-8631 ( SUSE ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-8631 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-8631 ( NVD ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-8631 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-8632 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-8632 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-8632 ( NVD ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-8632 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities and has three security fixes can now be installed. ## Description: This update for hplip fixes the following issues Security issues: * CVE-2025-43023: weak code signing DSA key used to generate package signatures can lead to key spoofing and malicious software installation (bsc#1266031). * CVE-2026-8631: escalation of privileges and/or arbitrary code execution via an integer overflow in the hpcups processing path (bsc#1266023). * CVE-2026-8632: escalation of privileges and/or arbitrary code execution via operating system command injection (bsc#1266024). * hplip: unauthenticated remote (LAN) denial-of-service in the SLP parser (ReDoS) (bsc#1245358). Non security issues: * Can't set up fax for HP OfficeJet 3830 (bsc#1257529). * hplip requires foomatic-filters which does not exist in Leap 16 (bsc#1250481). * Update to HPLIP 3.26.4. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-2228=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2228=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * hplip-hpijs-3.26.4-3.8.1 * hplip-3.26.4-3.8.1 * hplip-hpijs-debuginfo-3.26.4-3.8.1 * hplip-sane-3.26.4-3.8.1 * hplip-udev-rules-3.26.4-3.8.1 * hplip-debuginfo-3.26.4-3.8.1 * hplip-devel-3.26.4-3.8.1 * hplip-debugsource-3.26.4-3.8.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64) * hplip-sane-debuginfo-3.26.4-3.8.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * hplip-hpijs-3.26.4-3.8.1 * hplip-3.26.4-3.8.1 * hplip-hpijs-debuginfo-3.26.4-3.8.1 * hplip-sane-3.26.4-3.8.1 * hplip-sane-debuginfo-3.26.4-3.8.1 * hplip-udev-rules-3.26.4-3.8.1 * hplip-debuginfo-3.26.4-3.8.1 * hplip-devel-3.26.4-3.8.1 * hplip-debugsource-3.26.4-3.8.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43023.html * https://www.suse.com/security/cve/CVE-2026-8631.html * https://www.suse.com/security/cve/CVE-2026-8632.html * https://bugzilla.suse.com/show_bug.cgi?id=1245358 * https://bugzilla.suse.com/show_bug.cgi?id=1250481 * https://bugzilla.suse.com/show_bug.cgi?id=1257529 * https://bugzilla.suse.com/show_bug.cgi?id=1266023 * https://bugzilla.suse.com/show_bug.cgi?id=1266024 * https://bugzilla.suse.com/show_bug.cgi?id=1266031 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jun 4 16:38:47 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 04 Jun 2026 16:38:47 -0000 Subject: SUSE-SU-2026:2227-1: important: Security update for LibVNCServer Message-ID: <178059112735.33.12310684484413138348@4a60935d78bd> # Security update for LibVNCServer Announcement ID: SUSE-SU-2026:2227-1 Release Date: 2026-06-03T08:06:48Z Rating: important References: * bsc#1266459 Cross-References: * CVE-2026-44988 CVSS scores: * CVE-2026-44988 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-44988 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-44988 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for LibVNCServer fixes the following issues: * CVE-2026-44988: Fixed missing validation of rectangle width in tight gradient decoding can lead to server-triggered out-of-bounds write (bsc#1266459). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2227=1 ## Package List: * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * libvncserver0-debuginfo-0.9.10-150000.4.38.1 * LibVNCServer-debugsource-0.9.10-150000.4.38.1 * libvncserver0-0.9.10-150000.4.38.1 ## References: * https://www.suse.com/security/cve/CVE-2026-44988.html * https://bugzilla.suse.com/show_bug.cgi?id=1266459 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jun 5 12:30:19 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Jun 2026 12:30:19 -0000 Subject: SUSE-SU-2026:21993-1: important: Security update for salt Message-ID: <178066261954.258.11850221712344854414@f34fc15423e2> # Security update for salt Announcement ID: SUSE-SU-2026:21993-1 Release Date: 2026-06-03T12:58:39Z Rating: important References: * bsc#1254629 * bsc#1254900 * bsc#1257583 * bsc#1257831 * bsc#1259554 * bsc#1259700 Cross-References: * CVE-2026-31958 CVSS scores: * CVE-2026-31958 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31958 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31958 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-31958 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability and has five fixes can now be installed. ## Description: This update for salt fixes the following issues: * Security issues fixed: * CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service (bsc#1259554) * Other updates and bugfixes: * Use non vendored Tornado with Python 3.11 (bsc#1257583, bsc#1259700) * Hardened Tornado from invalid HTTP reason phrases * Read full URI from ldap pillar config (bsc#1254900) * Fixed testsuite failures * Make users with backslash working for salt-ssh (bsc#1254629) * Fixed ansible.playbooks extra-vars quoting (bsc#1257831) * Fixed virtualenv call in test helper to use proper python version ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-561=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * salt-transactional-update-3006.0-slfo.1.1_7.1 * python311-salt-3006.0-slfo.1.1_7.1 * salt-minion-3006.0-slfo.1.1_7.1 * salt-3006.0-slfo.1.1_7.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31958.html * https://bugzilla.suse.com/show_bug.cgi?id=1254629 * https://bugzilla.suse.com/show_bug.cgi?id=1254900 * https://bugzilla.suse.com/show_bug.cgi?id=1257583 * https://bugzilla.suse.com/show_bug.cgi?id=1257831 * https://bugzilla.suse.com/show_bug.cgi?id=1259554 * https://bugzilla.suse.com/show_bug.cgi?id=1259700 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jun 5 12:30:31 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Jun 2026 12:30:31 -0000 Subject: SUSE-SU-2026:21992-1: important: Security update for libzypp, libsolv Message-ID: <178066263185.258.18117460079582581605@f34fc15423e2> # Security update for libzypp, libsolv Announcement ID: SUSE-SU-2026:21992-1 Release Date: 2026-06-02T16:20:17Z Rating: important References: * bsc#1259802 * bsc#1265935 * bsc#1265938 * bsc#1266039 Cross-References: * CVE-2026-25707 * CVE-2026-48863 * CVE-2026-9149 * CVE-2026-9150 CVSS scores: * CVE-2026-25707 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-48863 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-48863 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-9149 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-9149 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-9149 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-9150 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-9150 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves four vulnerabilities can now be installed. ## Description: This update for libzypp, libsolv fixes the following issues: libsolv was updated to 0.7.39. * fix solv_chksum_free segfault when called with a NULL pointer * made repo_add_solv more robust against corrupt files [bsc#1265935] [CVE-2026-9149] * fix potential buffer overflow when verifying EdDSA signatures [bsc#1266039] [CVE-2026-48863] * added limit checks in multiple places to catch overflows * reduce the size of the language id cache * fixed Debian canon selection * fixed dbpath detection in repo_rpmdb_librpm * reduced stack usage in repo page compression (needed for musl) * fixed in earlier release: [bsc#1265938] [CVE-2026-9150] * fix parsing of recommends in the old Mandriva synthesis format libzypp was updated to 17.38.11: * Fix potential crash on malformed or malicious repository metadata (fixes #740) * Repo metadata: discard entries referring to a location outside the repo (bsc#1259802, CVE-2026-25707) Mirroring those data locally would refer to a location outside the repo's local cache directory. Those data entries are reported and discarded. * zypp.conf: Allow [env] section to add environment variables. This feature is designed to enable environment-specific settings or debugging options over an extended period. See zypp.conf(5). ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-560=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * libzypp-debuginfo-17.38.11-slfo.1.1_1.1 * libsolv-tools-base-debuginfo-0.7.39-slfo.1.1_1.1 * libsolv-debugsource-0.7.39-slfo.1.1_1.1 * libsolv-tools-base-0.7.39-slfo.1.1_1.1 * libzypp-debugsource-17.38.11-slfo.1.1_1.1 * libzypp-17.38.11-slfo.1.1_1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25707.html * https://www.suse.com/security/cve/CVE-2026-48863.html * https://www.suse.com/security/cve/CVE-2026-9149.html * https://www.suse.com/security/cve/CVE-2026-9150.html * https://bugzilla.suse.com/show_bug.cgi?id=1259802 * https://bugzilla.suse.com/show_bug.cgi?id=1265935 * https://bugzilla.suse.com/show_bug.cgi?id=1265938 * https://bugzilla.suse.com/show_bug.cgi?id=1266039 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jun 5 12:30:36 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Jun 2026 12:30:36 -0000 Subject: SUSE-SU-2026:21991-1: important: Security update for ignition Message-ID: <178066263623.258.4561621774630002766@f34fc15423e2> # Security update for ignition Announcement ID: SUSE-SU-2026:21991-1 Release Date: 2026-06-02T15:05:59Z Rating: important References: * bsc#1265751 Cross-References: * CVE-2026-33814 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for ignition fixes the following issue * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265751). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-559=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * ignition-debuginfo-2.19.0-slfo.1.1_4.1 * ignition-2.19.0-slfo.1.1_4.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://bugzilla.suse.com/show_bug.cgi?id=1265751 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jun 5 12:31:05 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Jun 2026 12:31:05 -0000 Subject: SUSE-SU-2026:21990-1: important: Security update 5.0.8 for Multi-Linux Manager Client Tools, Salt Bundle and Salt Message-ID: <178066266511.258.1852927278539129758@f34fc15423e2> # Security update 5.0.8 for Multi-Linux Manager Client Tools, Salt Bundle and Salt Announcement ID: SUSE-SU-2026:21990-1 Release Date: 2026-06-03T13:34:00Z Rating: important References: * bsc#1252964 * bsc#1254619 * bsc#1254629 * bsc#1254900 * bsc#1257583 * bsc#1257831 * bsc#1257941 * bsc#1258927 * bsc#1258957 * bsc#1259208 * bsc#1259554 * bsc#1259700 * bsc#1259804 * bsc#1259808 * bsc#1261810 Cross-References: * CVE-2026-27448 * CVE-2026-27459 * CVE-2026-31958 CVSS scores: * CVE-2026-27448 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-27448 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-27448 ( NVD ): 1.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27448 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-27459 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-27459 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-27459 ( NVD ): 7.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27459 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31958 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31958 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31958 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-31958 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves three vulnerabilities and has 12 fixes can now be installed. ## Description: This update fixes the following issues: golang-github-prometheus-node_exporter: * Version 1.10.2: * meminfo: Fix typo in Zswap metric name * Version 1.10.1: * filesystem: Fix mount points being collected multiple times * filesystem: Refactor mountinfo parsing (bsc#1261810) * meminfo: Add Zswap/Zswapped metrics * Version 1.10.0: * Changes: * mdadm: Use sysfs for RAID metrics * filesystem: Add erofs in default excluded fs * tcpstat: Use std lib binary.NativeEndian * New Features: * pcidevice: Add new collector for PCIe devices * AIX: Add more metrics * systemd: Add Virtualization metrics * swaps: Add new collector * Enhancements: * wifi: Add packet received and transmitted metrics * filesystem: Take super options into account for read-only * pcidevice: Add additional metrics * perf: Add tlb_data metrics * Bugs fixed: * interrupts: Fix OpenBSD interrupt device parsing * diskstats: Simplify condition * thermal: Sanitize darwin thermal strings * filesystem: Fix Darwin collector cgo memory leak * cpufreq: Fix: collector enable * ethtool: Fix returning 0 for sanitized metrics * netdev: Fix Darwin netdev i/o bytes metric * systemd: Fix logging race * filesystem: Fix duplicate Darwin CGO import salt: * Security issues fixed: * CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service (bsc#1259554) * Other updates and bugfixes: * Use non vendored Tornado with Python 3.11 (bsc#1257583, bsc#1259700) * Hardened Tornado from invalid HTTP reason phrases * Read full URI from ldap pillar config (bsc#1254900) * Fixed testsuite failures * Make users with backslash working for salt-ssh (bsc#1254629) * Fixed ansible.playbooks extra-vars quoting (bsc#1257831) * Fixed virtualenv call in test helper to use proper python version uyuni-tools: * Version 0.1.39-0: * mgrpxy ssh tuning should happen before crypto policies (bsc#1254619) * Fixed default value for helm registry (bsc#1258927). * Use static supportconfig name to avoid dynamic search (bsc#1257941) * Do not nest multiple tarball files and instead collect all files into one tarball (bsc#1252964) * Show where final tarball was generated (bsc#1259208) venv-salt-minion: * Security issues fixed: * CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service (bsc#1259554) * CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow (bsc#1259808) * CVE-2026-27448: pyOpenSSL: Fixed unhandled exception can result in connection not being cancelled (bsc#1259804) * Other updates and bugfixes: * Use non vendored Tornado with Python 3.11 (bsc#1257583, bsc#1259700) * Hardened Tornado from invalid HTTP reason phrases * Read full URI from ldap pillar config (bsc#1254900) * Make users with backslash work for `salt-ssh` (bsc#1254629). * Fixed `ansible.playbooks` `extra-vars` quoting (bsc#1257831), * Fixed `virtualenv` call in test helper to use proper Python version. * Fixed the issue preventing SELinux profile to be loaded on SLES 16 deployed using cloud images (bsc#1258957) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-740=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x) * salt-master-3006.0-16.1 * salt-transactional-update-3006.0-16.1 * python311-salt-3006.0-16.1 * salt-minion-3006.0-16.1 * salt-3006.0-16.1 ## References: * https://www.suse.com/security/cve/CVE-2026-27448.html * https://www.suse.com/security/cve/CVE-2026-27459.html * https://www.suse.com/security/cve/CVE-2026-31958.html * https://bugzilla.suse.com/show_bug.cgi?id=1252964 * https://bugzilla.suse.com/show_bug.cgi?id=1254619 * https://bugzilla.suse.com/show_bug.cgi?id=1254629 * https://bugzilla.suse.com/show_bug.cgi?id=1254900 * https://bugzilla.suse.com/show_bug.cgi?id=1257583 * https://bugzilla.suse.com/show_bug.cgi?id=1257831 * https://bugzilla.suse.com/show_bug.cgi?id=1257941 * https://bugzilla.suse.com/show_bug.cgi?id=1258927 * https://bugzilla.suse.com/show_bug.cgi?id=1258957 * https://bugzilla.suse.com/show_bug.cgi?id=1259208 * https://bugzilla.suse.com/show_bug.cgi?id=1259554 * https://bugzilla.suse.com/show_bug.cgi?id=1259700 * https://bugzilla.suse.com/show_bug.cgi?id=1259804 * https://bugzilla.suse.com/show_bug.cgi?id=1259808 * https://bugzilla.suse.com/show_bug.cgi?id=1261810 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jun 5 12:31:23 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Jun 2026 12:31:23 -0000 Subject: SUSE-SU-2026:21989-1: important: Security update for google-guest-agent Message-ID: <178066268366.258.7949901751124676589@f34fc15423e2> # Security update for google-guest-agent Announcement ID: SUSE-SU-2026:21989-1 Release Date: 2026-06-03T12:28:02Z Rating: important References: * bsc#1210938 * bsc#1239334 * bsc#1239944 * bsc#1243254 * bsc#1243505 * bsc#1245759 * bsc#1253889 * bsc#1257010 * bsc#1260264 * bsc#1262926 * bsc#1265762 Cross-References: * CVE-2025-22868 * CVE-2025-22869 * CVE-2025-58181 * CVE-2026-33186 * CVE-2026-33814 * CVE-2026-34986 CVSS scores: * CVE-2025-22868 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22868 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22868 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22869 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22869 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22869 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-58181 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-58181 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-58181 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-33186 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-33186 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33186 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34986 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34986 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34986 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities and has five fixes can now be installed. ## Description: This update for google-guest-agent fixes the following issues: Update to version 20260430.00 * Update THIRD_PARTY_LICENSES to be package specific location. (#608) * Update dependencies and go version to 1.26.2 (#607) (bsc#1265762, CVE-2026-33814) * Bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4 (#604) (bsc#1260264, CVE-2026-33186) * Backport oslogin changes for sles16 to legacy agent (#603) * Bump go.opentelemetry.io/otel/sdk from 1.37.0 to 1.40.0 (#596) * Bump google.golang.org/grpc from 1.75.0 to 1.79.3 (#602) * Actually finally fix the RPM spec (#601) * Correct guest telemetry build target (#600) * Add packaging for new telemetry extension (#599) * Implement new scheduled job for routes monitor (#598) * Add packaging changes for locally bundled extensions feature support (#593) * Ensure the uninstall script handles GCE metadata endpoint unavailability. (#591) * Disable certificates when security keys are enabled (#588) * Move sourcing of per-user configs to the end of sshd_config, fixing 2FA logins. (#590) * Source the contents of /var/google-users.d config files. (#586) * Force remove core plugin configuration for windows (#587) * network: force address manager to always consolidate the OS state (#585) * Bump golang.org/x/crypto from 0.41.0 to 0.45.0 (#583) (bsc#1239334, CVE-2025-22869, bsc#1253889, CVE-2025-58181) * Don't delete the authorized_keys file when an empty key list is passed to updateAuthorizedKeysFile (#582) * Add Tyler, Saswat, Hank to OWNERS (#577) * Honor core plugin setting on windows package update (#576) * Restart agent if core plugin is disabled (#575) * Add extra debug logging around toggling OS Login (#572) * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20260424.00 * Bring topic-stable up to latest point. (#606) * Bring stable branch up to 822ad49fd52b4d29869604af836a33cb22a667ba (#592) * fix start mode for windows on stable release (#584) * Update agent_uninstall.ps1 (#558) (#580) * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20260423.01 * Update THIRD_PARTY_LICENSES to be package specific location. (#608) * from version 20260423.00 * Update dependencies and go version to 1.26.2 (#607) * Bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4 (#604) * Backport oslogin changes for sles16 to legacy agent (#603) * Bump go.opentelemetry.io/otel/sdk from 1.37.0 to 1.40.0 (#596) * Bump google.golang.org/grpc from 1.75.0 to 1.79.3 (#602) * Actually finally fix the RPM spec (#601) * Correct guest telemetry build target (#600) * Add packaging for new telemetry extension (#599) * Implement new scheduled job for routes monitor (#598) * Add packaging changes for locally bundled extensions feature support (#593) * Ensure the uninstall script handles GCE metadata endpoint unavailability. (#591) * Disable certificates when security keys are enabled (#588) * Move sourcing of per-user configs to the end of sshd_config, fixing 2FA logins. (#590) * Source the contents of /var/google-users.d config files. (#586) * Force remove core plugin configuration for windows (#587) * network: force address manager to always consolidate the OS state (#585) * Bump golang.org/x/crypto from 0.41.0 to 0.45.0 (#583) * Don't delete the authorized_keys file when an empty key list is passed to updateAuthorizedKeysFile (#582) * Add Tyler, Saswat, Hank to OWNERS (#577) * Honor core plugin setting on windows package update (#576) * Restart agent if core plugin is disabled (#575) * Add extra debug logging around toggling OS Login (#572) * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20260422.01 * Bring topic-stable up to latest point. (#606) * Bring stable branch up to 822ad49fd52b4d29869604af836a33cb22a667ba (#592) * fix start mode for windows on stable release (#584) * Update agent_uninstall.ps1 (#558) (#580) * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20260422.00 * Update dependencies and go version to 1.26.2 (#607) * Bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4 (#604) * Backport oslogin changes for sles16 to legacy agent (#603) * Bump go.opentelemetry.io/otel/sdk from 1.37.0 to 1.40.0 (#596) * Bump google.golang.org/grpc from 1.75.0 to 1.79.3 (#602) * Actually finally fix the RPM spec (#601) * Correct guest telemetry build target (#600) * Add packaging for new telemetry extension (#599) * Implement new scheduled job for routes monitor (#598) * Add packaging changes for locally bundled extensions feature support (#593) * Ensure the uninstall script handles GCE metadata endpoint unavailability. (#591) * Disable certificates when security keys are enabled (#588) * Move sourcing of per-user configs to the end of sshd_config, fixing 2FA logins. (#590) * Source the contents of /var/google-users.d config files. (#586) * Force remove core plugin configuration for windows (#587) * network: force address manager to always consolidate the OS state (#585) * Bump golang.org/x/crypto from 0.41.0 to 0.45.0 (#583) * Don't delete the authorized_keys file when an empty key list is passed to updateAuthorizedKeysFile (#582) * Add Tyler, Saswat, Hank to OWNERS (#577) * Honor core plugin setting on windows package update (#576) * Restart agent if core plugin is disabled (#575) * Add extra debug logging around toggling OS Login (#572) * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20260421.00 * Bring topic-stable up to latest point. (#606) * Bring stable branch up to 822ad49fd52b4d29869604af836a33cb22a667ba (#592) * fix start mode for windows on stable release (#584) * Update agent_uninstall.ps1 (#558) (#580) * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20260414.00 * Bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4 (#604) * Bump Go API version to 1.26 * Fix crafted JWE input with a missing encrypted key can lead to a denial of service (bsc#1262926, CVE-2026-34986) * Update to version 20260402.00: (bsc#1257010) * Backport oslogin changes for sles16 to legacy agent (#603) * Bump go.opentelemetry.io/otel/sdk from 1.37.0 to 1.40.0 (#596) * Bump google.golang.org/grpc from 1.75.0 to 1.79.3 (#602) * Actually finally fix the RPM spec (#601) * Correct guest telemetry build target (#600) * Add packaging for new telemetry extension (#599) * Implement new scheduled job for routes monitor (#598) * Add packaging changes for locally bundled extensions feature support (#593) * Ensure the uninstall script handles GCE metadata endpoint unavailability. (#591) * Disable certificates when security keys are enabled (#588) * Move sourcing of per-user configs to the end of sshd_config, fixing 2FA logins. (#590) * Update to version 20260108.00 * Source the contents of /var/google-users.d config files. (#586) * Update to version 20251223.00 * Force remove core plugin configuration for windows (#587) * network: force address manager to always consolidate the OS state (#585) * Bump golang.org/x/crypto from 0.41.0 to 0.45.0 (#583) * Don't delete the authorized_keys file when an empty key list is passed to updateAuthorizedKeysFile (#582) * Add Tyler, Saswat, Hank to OWNERS (#577) * Honor core plugin setting on windows package update (#576) * Restart agent if core plugin is disabled (#575) * Add extra debug logging around toggling OS Login (#572) * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20251218.01 * fix start mode for windows on stable release (#584) * Update agent_uninstall.ps1 (#558) (#580) * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20251218.00 * Force remove core plugin configuration for windows (#587) * network: force address manager to always consolidate the OS state (#585) * Bump golang.org/x/crypto from 0.41.0 to 0.45.0 (#583) * Don't delete the authorized_keys file when an empty key list is passed to updateAuthorizedKeysFile (#582) * Add Tyler, Saswat, Hank to OWNERS (#577) * Honor core plugin setting on windows package update (#576) * Restart agent if core plugin is disabled (#575) * Add extra debug logging around toggling OS Login (#572) * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20251216.00 * fix start mode for windows on stable release (#584) * Update agent_uninstall.ps1 (#558) (#580) * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20251215.00 * Force remove core plugin configuration for windows (#587) * network: force address manager to always consolidate the OS state (#585) * Bump golang.org/x/crypto from 0.41.0 to 0.45.0 (#583) * Don't delete the authorized_keys file when an empty key list is passed to updateAuthorizedKeysFile (#582) * Add Tyler, Saswat, Hank to OWNERS (#577) * Honor core plugin setting on windows package update (#576) * Restart agent if core plugin is disabled (#575) * Add extra debug logging around toggling OS Login (#572) * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20251210.00 * fix start mode for windows on stable release (#584) * Update agent_uninstall.ps1 (#558) (#580) * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20251209.00 * Force remove core plugin configuration for windows (#587) * Update to version 20251208.00 * network: force address manager to always consolidate the OS state (#585) * Bump golang.org/x/crypto from 0.41.0 to 0.45.0 (#583) * Don't delete the authorized_keys file when an empty key list is passed to updateAuthorizedKeysFile (#582) * Add Tyler, Saswat, Hank to OWNERS (#577) * Honor core plugin setting on windows package update (#576) * Restart agent if core plugin is disabled (#575) * Add extra debug logging around toggling OS Login (#572) * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20251206.00 * fix start mode for windows on stable release (#584) * Update agent_uninstall.ps1 (#558) (#580) * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20251205.00 * network: force address manager to always consolidate the OS state (#585) * Bump golang.org/x/crypto from 0.41.0 to 0.45.0 (#583) * Don't delete the authorized_keys file when an empty key list is passed to updateAuthorizedKeysFile (#582) * Add Tyler, Saswat, Hank to OWNERS (#577) * Honor core plugin setting on windows package update (#576) * Restart agent if core plugin is disabled (#575) * Add extra debug logging around toggling OS Login (#572) * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * Update to version 20251120.01 * fix start mode for windows on stable release (#584) * Update agent_uninstall.ps1 (#558) (#580) * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20251120.00 * Don't delete the authorized_keys file when an empty key list is passed to updateAuthorizedKeysFile (#582) * Add Tyler, Saswat, Hank to OWNERS (#577) * Honor core plugin setting on windows package update (#576) * Restart agent if core plugin is disabled (#575) * Add extra debug logging around toggling OS Login (#572) * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20251117.00 * Update agent_uninstall.ps1 (#558) (#580) * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20251115.00 * Don't delete the authorized_keys file when an empty key list is passed to updateAuthorizedKeysFile (#582) * Add Tyler, Saswat, Hank to OWNERS (#577) * Honor core plugin setting on windows package update (#576) * Restart agent if core plugin is disabled (#575) * Add extra debug logging around toggling OS Login (#572) * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20251108.00 * Update agent_uninstall.ps1 (#558) (#580) * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20251107.01 * Don't delete the authorized_keys file when an empty key list is passed to updateAuthorizedKeysFile (#582) * Add Tyler, Saswat, Hank to OWNERS (#577) * Honor core plugin setting on windows package update (#576) * Restart agent if core plugin is disabled (#575) * Add extra debug logging around toggling OS Login (#572) * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20251031.00 * Update agent_uninstall.ps1 (#558) (#580) * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20251030.02 * Add Tyler, Saswat, Hank to OWNERS (#577) * Honor core plugin setting on windows package update (#576) * Restart agent if core plugin is disabled (#575) * Add extra debug logging around toggling OS Login (#572) * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20251030.01 * Update agent_uninstall.ps1 (#558) (#580) * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20251030.00 * Add Tyler, Saswat, Hank to OWNERS (#577) * Honor core plugin setting on windows package update (#576) * Restart agent if core plugin is disabled (#575) * Add extra debug logging around toggling OS Login (#572) * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20251011.00 * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20251009.01 * Add Tyler, Saswat, Hank to OWNERS (#577) * Honor core plugin setting on windows package update (#576) * Restart agent if core plugin is disabled (#575) * Add extra debug logging around toggling OS Login (#572) * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20251009.00 * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * Update to version 20251007.00 * Add Tyler, Saswat, Hank to OWNERS (#577) * Honor core plugin setting on windows package update (#576) * Restart agent if core plugin is disabled (#575) * Add extra debug logging around toggling OS Login (#572) * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20251006.01 * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20251006.00 * Honor core plugin setting on windows package update (#576) * Restart agent if core plugin is disabled (#575) * Add extra debug logging around toggling OS Login (#572) * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20251005.00 * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20250930.01 * Honor core plugin setting on windows package update (#576) * from version 20250929.01 * Restart agent if core plugin is disabled (#575) * Add extra debug logging around toggling OS Login (#572) * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20250929.00 * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20250926.00 * Add extra debug logging around toggling OS Login (#572) * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20250924.02 * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20250924.01 * Add extra debug logging around toggling OS Login (#572) * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20250924.00 * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * Update to version 20250923.01 * Add extra debug logging around toggling OS Login (#572) * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20250923.00 * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20250921.00 * Add extra debug logging around toggling OS Login (#572) * from version 20250920.01 * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20250920.00 * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20250918.01 * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20250917.01 * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20250917.00 * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20250916.00 * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20250915.00 * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * Disable missing daemon google_guest_agent_manager referenced by google- startup-scripts.service * Update to version 20250908.00 * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20250907.00 * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20250905.01 * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20250905.00 * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20250902.00 * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * Build and install new gce_workload_cert_refresh binary * Fix installation source of google_metadata_script_runner_adapt script * Install new systemd service file * gce-workload-cert-refresh.service * Update to version 20250901.00 * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20250831.03 * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20250831.02 * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20250831.01 * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20250831.00 * Update go version to 1.25 (#565) * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20250830.02 * Update go version for stable branch to 1.25 (#571) * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20250830.01 * Update go version to 1.25 (#565) * from version 20250830.00 * Add compat adapt script to windows in agent sysprep (#569) * Fix adapt to use more portable shebang line (#567) * Remove routes script from packaging (#566) * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20250828.00 * Add adapt script in stable branch as per #569 (#570) * Backport fix from #567 to stable branch (#568) * from version 20250826.00 * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20250821.01 * Remove routes script from packaging (#566) * Update Go API version to 1.25 * Update to version 20250718.00 * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * Update to version 20250709.02 * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20250709.01 * Update adapt script to run on startup/shutdown both (#561) * Update agent_uninstall.ps1 (#558) * Stop core plugin before removing agent package (#554) * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * from version 20250709.00 * Revert compat behavior and call known binary directly (#560) * Revert compat behavior and call known binary directly (#559) * Build rollforward package to re-enable original agent and disable core plugin (#557) * from version 20250702.00 * Update adapt script to run on startup/shutdown both (#561) * from version 20250701.01 * Update agent_uninstall.ps1 (#558) * from version 20250701.00 * Stop core plugin before removing agent package (#554) * from version 20250628.00 * Startup scripts should start after agent manager instead (#553) * Update presets and install dependencies on systemd units (#552) * Ensure agent service is disabled (#551) * from version 20250626.00 * Disable legacy agent to enable core plugin (#550) * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * startup script: wrap compatibility decision into its own scripts (#538) * Reapply "oslogin: Correctly handle newlines at the end of modified files (#520)" (#523) (#540) * from version 20250625.00 * prepare stable release. * Install google_metadata_script_runner_adapt script (bsc#1245759) * Update to version 20250624.00 * Final fix for RHEL packaging for routes setup (#549) * Fix RHEL packaging for routes scripts (#548) * Packaging changes to include routes script installation (#542) * Update CLI name in packaging (#543) * systemd should manage only the main process (#544) * startup script: wrap compatibility decision into its own scripts (#538) * Reapply "oslogin: Correctly handle newlines at the end of modified files (#520)" (#523) (#540) * from version 20250611.01 * prepare stable release. * from version 20250611.00 * startup script: wrap compatibility decision into its own scripts (#538) * Reapply "oslogin: Correctly handle newlines at the end of modified files (#520)" (#523) (#540) * from version 20250609.00 * prepare stable release. * from version 20250605.00 * startup script: wrap compatibility decision into its own scripts (#538) * Reapply "oslogin: Correctly handle newlines at the end of modified files (#520)" (#523) (#540) * Make sure agent added connections are activated by NM (#534) * wrap NSS cache refresh in a goroutine (#533) * Wicked: Only reload interfaces for which configurations are written or changed. (#524) * Add AuthorizedKeysCompat to windows packaging (#530) * Remove error messages from gce_workload_cert_refresh and metadata script runner (#527) * Update guest-logging-go dependency (#526) * Add 'created-by' metadata, and pass it as option to logging library (#508) * Revert "oslogin: Correctly handle newlines at the end of modified files (#520)" (#523) * Re-enable disabled services if the core plugin was enabled (#522) * Enable guest services on package upgrade (#519) * oslogin: Correctly handle newlines at the end of modified files (#520) * Fix core plugin path (#518) * Fix package build issues (#517) * Fix dependencies ran go mod tidy -v (#515) * Fix debian build path (#514) * Bundle compat metadata script runner binary in package (#513) * Bump golang.org/x/net from 0.27.0 to 0.36.0 (#512) * Update startup/shutdown services to launch compat manager (#503) * Bundle new gce metadata script runner binary in agent package (#502) * Revert "Revert bundling new binaries in the package (#509)" (#511) * Update to version 20250604.00 * Preparing stable build. * from version 20250602.00 * Make sure agent added connections are activated by NM (#534) * wrap NSS cache refresh in a goroutine (#533) * Wicked: Only reload interfaces for which configurations are written or changed. (#524) * Add AuthorizedKeysCompat to windows packaging (#530) * Remove error messages from gce_workload_cert_refresh and metadata script runner (#527) * Update guest-logging-go dependency (#526) * Add 'created-by' metadata, and pass it as option to logging library (#508) * Revert "oslogin: Correctly handle newlines at the end of modified files (#520)" (#523) * Re-enable disabled services if the core plugin was enabled (#522) * Enable guest services on package upgrade (#519) * oslogin: Correctly handle newlines at the end of modified files (#520) * Fix core plugin path (#518) * Fix package build issues (#517) * Fix dependencies ran go mod tidy -v (#515) * Fix debian build path (#514) * Bundle compat metadata script runner binary in package (#513) * Bump golang.org/x/net from 0.27.0 to 0.36.0 (#512) * Update startup/shutdown services to launch compat manager (#503) * Bundle new gce metadata script runner binary in agent package (#502) * Revert "Revert bundling new binaries in the package (#509)" (#511) * from version 20250521.00 * Preparing stable build. * from version 20250515.00 * Make sure agent added connections are activated by NM (#534) * wrap NSS cache refresh in a goroutine (#533) * Wicked: Only reload interfaces for which configurations are written or changed. (#524) * Add AuthorizedKeysCompat to windows packaging (#530) * Remove error messages from gce_workload_cert_refresh and metadata script runner (#527) * Update guest-logging-go dependency (#526) * Add 'created-by' metadata, and pass it as option to logging library (#508) * Revert "oslogin: Correctly handle newlines at the end of modified files (#520)" (#523) * Re-enable disabled services if the core plugin was enabled (#522) * Enable guest services on package upgrade (#519) * oslogin: Correctly handle newlines at the end of modified files (#520) * Fix core plugin path (#518) * Fix package build issues (#517) * Fix dependencies ran go mod tidy -v (#515) * Fix debian build path (#514) * Bundle compat metadata script runner binary in package (#513) * Bump golang.org/x/net from 0.27.0 to 0.36.0 (#512) * Update startup/shutdown services to launch compat manager (#503) * Bundle new gce metadata script runner binary in agent package (#502) * Revert "Revert bundling new binaries in the package (#509)" (#511) * Update to version 20250508.00 * Preparing stable build. * from version 20250506.01 (bsc#1243254, bsc#1243505) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-741=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * google-guest-agent-20260430.00-1.1 * google-guest-agent-debuginfo-20260430.00-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22868.html * https://www.suse.com/security/cve/CVE-2025-22869.html * https://www.suse.com/security/cve/CVE-2025-58181.html * https://www.suse.com/security/cve/CVE-2026-33186.html * https://www.suse.com/security/cve/CVE-2026-33814.html * https://www.suse.com/security/cve/CVE-2026-34986.html * https://bugzilla.suse.com/show_bug.cgi?id=1210938 * https://bugzilla.suse.com/show_bug.cgi?id=1239334 * https://bugzilla.suse.com/show_bug.cgi?id=1239944 * https://bugzilla.suse.com/show_bug.cgi?id=1243254 * https://bugzilla.suse.com/show_bug.cgi?id=1243505 * https://bugzilla.suse.com/show_bug.cgi?id=1245759 * https://bugzilla.suse.com/show_bug.cgi?id=1253889 * https://bugzilla.suse.com/show_bug.cgi?id=1257010 * https://bugzilla.suse.com/show_bug.cgi?id=1260264 * https://bugzilla.suse.com/show_bug.cgi?id=1262926 * https://bugzilla.suse.com/show_bug.cgi?id=1265762 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jun 5 12:31:32 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Jun 2026 12:31:32 -0000 Subject: SUSE-SU-2026:21988-1: important: Security update for libzypp, libsolv Message-ID: <178066269255.258.7030000570264370956@f34fc15423e2> # Security update for libzypp, libsolv Announcement ID: SUSE-SU-2026:21988-1 Release Date: 2026-06-02T15:05:07Z Rating: important References: * bsc#1259802 * bsc#1265935 * bsc#1265938 * bsc#1266039 Cross-References: * CVE-2026-25707 * CVE-2026-48863 * CVE-2026-9149 * CVE-2026-9150 CVSS scores: * CVE-2026-25707 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-48863 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-48863 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-9149 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-9149 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-9149 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-9150 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-9150 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves four vulnerabilities can now be installed. ## Description: This update for libzypp, libsolv fixes the following issues: libsolv was updated to 0.7.39: * fix solv_chksum_free segfault when called with a NULL pointer * made repo_add_solv more robust against corrupt files [bsc#1265935] [CVE-2026-9149] * fix potential buffer overflow when verifying EdDSA signatures [bsc#1266039] [CVE-2026-48863] * added limit checks in multiple places to catch overflows * reduce the size of the language id cache * fixed Debian canon selection * fixed dbpath detection in repo_rpmdb_librpm * reduced stack usage in repo page compression (needed for musl) * Fixed in earlier release: [bsc#1265938] [CVE-2026-9150] * fix parsing of recommends in the old Mandriva synthesis format libzypp was updated to 17.38.11: * Fix potential crash on malformed or malicious repository metadata (fixes #740) * Repo metadata: discard entries referring to a location outside the repo (bsc#1259802, CVE-2026-25707) Mirroring those data locally would refer to a location outside the repo's local cache directory. Those data entries are reported and discarded. * zypp.conf: Allow [env] section to add environment variables. This feature is designed to enable environment-specific settings or debugging options over an extended period. See zypp.conf(5). ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-739=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * libzypp-debuginfo-17.38.11-1.1 * libsolv-tools-debuginfo-0.7.39-1.1 * libsolv-tools-0.7.39-1.1 * libsolv-debugsource-0.7.39-1.1 * libzypp-debugsource-17.38.11-1.1 * libsolv-tools-base-0.7.39-1.1 * libsolv-tools-base-debuginfo-0.7.39-1.1 * libzypp-17.38.11-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25707.html * https://www.suse.com/security/cve/CVE-2026-48863.html * https://www.suse.com/security/cve/CVE-2026-9149.html * https://www.suse.com/security/cve/CVE-2026-9150.html * https://bugzilla.suse.com/show_bug.cgi?id=1259802 * https://bugzilla.suse.com/show_bug.cgi?id=1265935 * https://bugzilla.suse.com/show_bug.cgi?id=1265938 * https://bugzilla.suse.com/show_bug.cgi?id=1266039 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jun 5 12:31:37 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Jun 2026 12:31:37 -0000 Subject: SUSE-SU-2026:21987-1: important: Security update for ignition Message-ID: <178066269791.258.14986535405781741616@f34fc15423e2> # Security update for ignition Announcement ID: SUSE-SU-2026:21987-1 Release Date: 2026-06-02T14:40:11Z Rating: important References: * bsc#1265751 Cross-References: * CVE-2026-33814 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for ignition fixes the following issue * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265751). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-738=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * ignition-debuginfo-2.19.0-4.1 * ignition-2.19.0-4.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://bugzilla.suse.com/show_bug.cgi?id=1265751 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jun 5 12:31:42 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Jun 2026 12:31:42 -0000 Subject: SUSE-SU-2026:2271-1: important: Security update for MozillaThunderbird Message-ID: <178066270219.258.1330160890802377541@f34fc15423e2> # Security update for MozillaThunderbird Announcement ID: SUSE-SU-2026:2271-1 Release Date: 2026-06-05T06:37:08Z Rating: important References: * bsc#1265212 Cross-References: * CVE-2026-8090 * CVE-2026-8092 * CVE-2026-8094 * CVE-2026-8388 * CVE-2026-8391 * CVE-2026-8401 * CVE-2026-8946 * CVE-2026-8947 * CVE-2026-8949 * CVE-2026-8950 * CVE-2026-8953 * CVE-2026-8954 * CVE-2026-8955 * CVE-2026-8956 * CVE-2026-8957 * CVE-2026-8958 * CVE-2026-8959 * CVE-2026-8961 * CVE-2026-8962 * CVE-2026-8968 * CVE-2026-8970 * CVE-2026-8974 * CVE-2026-8975 CVSS scores: * CVE-2026-8090 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8090 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-8092 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8092 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-8094 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8094 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-8388 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-8391 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-8401 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2026-8401 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-8946 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8946 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-8947 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8947 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-8949 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-8949 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-8950 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-8950 ( NVD ): 9.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N * CVE-2026-8953 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L * CVE-2026-8953 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2026-8954 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L * CVE-2026-8954 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-8955 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-8955 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8956 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-8956 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-8957 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-8957 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8958 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2026-8958 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2026-8959 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L * CVE-2026-8959 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2026-8961 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2026-8961 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2026-8962 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-8962 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2026-8968 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-8968 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-8970 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-8970 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8974 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8974 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8975 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8975 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Linux Enterprise Workstation Extension 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves 23 vulnerabilities can now be installed. ## Description: This update for MozillaThunderbird fixes the following issues * Updated to Mozilla Thunderbird 140.11 (bsc#1265212) MFSA 2026-44: * CVE-2026-8090: Use-after-free in the DOM: Networking component. * CVE-2026-8092: Memory safety bugs fixed in Thunderbird ESR 140.10.2 and Thunderbird 150.0.2. * CVE-2026-8094: Other issue in the WebRTC component. MFSA 2026-51: * CVE-2026-8388: Incorrect boundary conditions in the JavaScript Engine: JIT component. * CVE-2026-8391: Other issue in the JavaScript Engine component. * CVE-2026-8401: Sandbox escape in the Profile Backup component. * CVE-2026-8946: Incorrect boundary conditions in the Audio/Video: Web Codecs component. * CVE-2026-8947: Use-after-free in the DOM: Bindings (WebIDL) component. * CVE-2026-8949: Integer overflow in the Widget: Win32 component. * CVE-2026-8950: Same-origin policy bypass in the Networking: HTTP component. * CVE-2026-8953: Sandbox escape due to use-after-free in the Disability Access APIs component. * CVE-2026-8954: Incorrect boundary conditions, integer overflow in the Audio/Video component. * CVE-2026-8955: Privilege escalation in the DOM: Workers component. * CVE-2026-8956: Integer overflow in the Networking: JAR component. * CVE-2026-8957: Privilege escalation in the Enterprise Policies component. * CVE-2026-8958: Information disclosure, sandbox escape in the Security: Process Sandboxing component. * CVE-2026-8959: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component. * CVE-2026-8961: Spoofing issue in the Form Autofill component. * CVE-2026-8962: Mitigation bypass in the DOM: Security component. * CVE-2026-8968: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component. * CVE-2026-8970: Privilege escalation in the Security component. * CVE-2026-8974: Memory safety bugs fixed in Thunderbird 140.11 and Thunderbird 151. * CVE-2026-8975: Memory safety bugs fixed in Thunderbird 140.11 and Thunderbird 151. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2271=1 * SUSE Linux Enterprise Workstation Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2026-2271=1 ## Package List: * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x) * MozillaThunderbird-debugsource-140.11.0-150200.8.274.1 * MozillaThunderbird-140.11.0-150200.8.274.1 * MozillaThunderbird-debuginfo-140.11.0-150200.8.274.1 * MozillaThunderbird-translations-common-140.11.0-150200.8.274.1 * MozillaThunderbird-translations-other-140.11.0-150200.8.274.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64) * MozillaThunderbird-debugsource-140.11.0-150200.8.274.1 * MozillaThunderbird-140.11.0-150200.8.274.1 * MozillaThunderbird-debuginfo-140.11.0-150200.8.274.1 * MozillaThunderbird-translations-common-140.11.0-150200.8.274.1 * MozillaThunderbird-translations-other-140.11.0-150200.8.274.1 ## References: * https://www.suse.com/security/cve/CVE-2026-8090.html * https://www.suse.com/security/cve/CVE-2026-8092.html * https://www.suse.com/security/cve/CVE-2026-8094.html * https://www.suse.com/security/cve/CVE-2026-8388.html * https://www.suse.com/security/cve/CVE-2026-8391.html * https://www.suse.com/security/cve/CVE-2026-8401.html * https://www.suse.com/security/cve/CVE-2026-8946.html * https://www.suse.com/security/cve/CVE-2026-8947.html * https://www.suse.com/security/cve/CVE-2026-8949.html * https://www.suse.com/security/cve/CVE-2026-8950.html * https://www.suse.com/security/cve/CVE-2026-8953.html * https://www.suse.com/security/cve/CVE-2026-8954.html * https://www.suse.com/security/cve/CVE-2026-8955.html * https://www.suse.com/security/cve/CVE-2026-8956.html * https://www.suse.com/security/cve/CVE-2026-8957.html * https://www.suse.com/security/cve/CVE-2026-8958.html * https://www.suse.com/security/cve/CVE-2026-8959.html * https://www.suse.com/security/cve/CVE-2026-8961.html * https://www.suse.com/security/cve/CVE-2026-8962.html * https://www.suse.com/security/cve/CVE-2026-8968.html * https://www.suse.com/security/cve/CVE-2026-8970.html * https://www.suse.com/security/cve/CVE-2026-8974.html * https://www.suse.com/security/cve/CVE-2026-8975.html * https://bugzilla.suse.com/show_bug.cgi?id=1265212 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jun 5 20:30:12 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Jun 2026 20:30:12 -0000 Subject: SUSE-SU-2026:2289-1: important: Security update for bind Message-ID: <178069141299.417.10520219232858832401@8686897f7447> # Security update for bind Announcement ID: SUSE-SU-2026:2289-1 Release Date: 2026-06-05T14:30:08Z Rating: important References: * bsc#1265591 * bsc#1265592 * bsc#1265594 Cross-References: * CVE-2026-3039 * CVE-2026-3592 * CVE-2026-5946 CVSS scores: * CVE-2026-3039 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3039 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3592 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-3592 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-5946 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-5946 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for bind fixes the following issues: * CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation (bsc#1265591). * CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records (bsc#1265592). * CVE-2026-5946: Invalid handling of CLASS != IN (bsc#1265594). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-2289=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2289=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * bind-debuginfo-9.11.22-3.71.1 * bind-utils-debuginfo-9.11.22-3.71.1 * libisccfg163-9.11.22-3.71.1 * bind-utils-9.11.22-3.71.1 * liblwres161-9.11.22-3.71.1 * libdns1110-9.11.22-3.71.1 * liblwres161-debuginfo-9.11.22-3.71.1 * libisccfg163-debuginfo-9.11.22-3.71.1 * bind-chrootenv-9.11.22-3.71.1 * libisccc161-9.11.22-3.71.1 * libirs161-debuginfo-9.11.22-3.71.1 * bind-debugsource-9.11.22-3.71.1 * bind-devel-9.11.22-3.71.1 * libbind9-161-debuginfo-9.11.22-3.71.1 * libdns1110-debuginfo-9.11.22-3.71.1 * libbind9-161-9.11.22-3.71.1 * bind-9.11.22-3.71.1 * libirs161-9.11.22-3.71.1 * libisc1107-debuginfo-9.11.22-3.71.1 * libisc1107-9.11.22-3.71.1 * libisccc161-debuginfo-9.11.22-3.71.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * bind-doc-9.11.22-3.71.1 * python-bind-9.11.22-3.71.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libisc1107-32bit-9.11.22-3.71.1 * libisc1107-debuginfo-32bit-9.11.22-3.71.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * bind-debuginfo-9.11.22-3.71.1 * bind-utils-debuginfo-9.11.22-3.71.1 * libisc1107-debuginfo-32bit-9.11.22-3.71.1 * libisccfg163-9.11.22-3.71.1 * bind-utils-9.11.22-3.71.1 * libdns1110-9.11.22-3.71.1 * liblwres161-9.11.22-3.71.1 * liblwres161-debuginfo-9.11.22-3.71.1 * libisccfg163-debuginfo-9.11.22-3.71.1 * bind-chrootenv-9.11.22-3.71.1 * libisccc161-9.11.22-3.71.1 * libirs161-debuginfo-9.11.22-3.71.1 * bind-debugsource-9.11.22-3.71.1 * bind-devel-9.11.22-3.71.1 * libbind9-161-debuginfo-9.11.22-3.71.1 * libisc1107-32bit-9.11.22-3.71.1 * libdns1110-debuginfo-9.11.22-3.71.1 * libbind9-161-9.11.22-3.71.1 * bind-9.11.22-3.71.1 * libirs161-9.11.22-3.71.1 * libisc1107-debuginfo-9.11.22-3.71.1 * libisc1107-9.11.22-3.71.1 * libisccc161-debuginfo-9.11.22-3.71.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * bind-doc-9.11.22-3.71.1 * python-bind-9.11.22-3.71.1 ## References: * https://www.suse.com/security/cve/CVE-2026-3039.html * https://www.suse.com/security/cve/CVE-2026-3592.html * https://www.suse.com/security/cve/CVE-2026-5946.html * https://bugzilla.suse.com/show_bug.cgi?id=1265591 * https://bugzilla.suse.com/show_bug.cgi?id=1265592 * https://bugzilla.suse.com/show_bug.cgi?id=1265594 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jun 5 20:30:17 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Jun 2026 20:30:17 -0000 Subject: SUSE-SU-2026:2288-1: important: Security update for evince Message-ID: <178069141774.417.10443921389063638667@8686897f7447> # Security update for evince Announcement ID: SUSE-SU-2026:2288-1 Release Date: 2026-06-05T14:04:04Z Rating: important References: * bsc#1265880 Cross-References: * CVE-2026-46529 CVSS scores: * CVE-2026-46529 ( SUSE ): 7.5 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46529 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for evince fixes the following issue * CVE-2026-46529: Evince/Atril/Xreader command injection (bsc#1265880). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-2288=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2288=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * evince-plugin-dvidocument-3.20.2-6.30.1 * evince-plugin-tiffdocument-3.20.2-6.30.1 * libevview3-3-3.20.2-6.30.1 * evince-plugin-psdocument-3.20.2-6.30.1 * libevdocument3-4-debuginfo-3.20.2-6.30.1 * evince-devel-3.20.2-6.30.1 * evince-debugsource-3.20.2-6.30.1 * libevdocument3-4-3.20.2-6.30.1 * evince-plugin-xpsdocument-3.20.2-6.30.1 * evince-plugin-xpsdocument-debuginfo-3.20.2-6.30.1 * evince-plugin-psdocument-debuginfo-3.20.2-6.30.1 * nautilus-evince-3.20.2-6.30.1 * evince-plugin-djvudocument-3.20.2-6.30.1 * evince-plugin-tiffdocument-debuginfo-3.20.2-6.30.1 * evince-browser-plugin-debuginfo-3.20.2-6.30.1 * evince-3.20.2-6.30.1 * evince-plugin-dvidocument-debuginfo-3.20.2-6.30.1 * evince-debuginfo-3.20.2-6.30.1 * nautilus-evince-debuginfo-3.20.2-6.30.1 * evince-browser-plugin-3.20.2-6.30.1 * evince-plugin-pdfdocument-3.20.2-6.30.1 * libevview3-3-debuginfo-3.20.2-6.30.1 * evince-plugin-djvudocument-debuginfo-3.20.2-6.30.1 * evince-plugin-pdfdocument-debuginfo-3.20.2-6.30.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * evince-lang-3.20.2-6.30.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * evince-plugin-dvidocument-3.20.2-6.30.1 * evince-plugin-tiffdocument-3.20.2-6.30.1 * libevview3-3-3.20.2-6.30.1 * evince-plugin-psdocument-3.20.2-6.30.1 * libevdocument3-4-debuginfo-3.20.2-6.30.1 * evince-devel-3.20.2-6.30.1 * evince-debugsource-3.20.2-6.30.1 * libevdocument3-4-3.20.2-6.30.1 * evince-plugin-xpsdocument-3.20.2-6.30.1 * evince-plugin-xpsdocument-debuginfo-3.20.2-6.30.1 * evince-plugin-psdocument-debuginfo-3.20.2-6.30.1 * nautilus-evince-3.20.2-6.30.1 * evince-plugin-djvudocument-3.20.2-6.30.1 * evince-plugin-tiffdocument-debuginfo-3.20.2-6.30.1 * evince-browser-plugin-debuginfo-3.20.2-6.30.1 * evince-3.20.2-6.30.1 * evince-plugin-dvidocument-debuginfo-3.20.2-6.30.1 * evince-debuginfo-3.20.2-6.30.1 * nautilus-evince-debuginfo-3.20.2-6.30.1 * evince-browser-plugin-3.20.2-6.30.1 * evince-plugin-pdfdocument-3.20.2-6.30.1 * libevview3-3-debuginfo-3.20.2-6.30.1 * evince-plugin-djvudocument-debuginfo-3.20.2-6.30.1 * evince-plugin-pdfdocument-debuginfo-3.20.2-6.30.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * evince-lang-3.20.2-6.30.1 ## References: * https://www.suse.com/security/cve/CVE-2026-46529.html * https://bugzilla.suse.com/show_bug.cgi?id=1265880 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jun 5 20:30:22 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Jun 2026 20:30:22 -0000 Subject: SUSE-SU-2026:2286-1: important: Security update for libjxl Message-ID: <178069142220.417.9762162721822815415@8686897f7447> # Security update for libjxl Announcement ID: SUSE-SU-2026:2286-1 Release Date: 2026-06-05T12:16:51Z Rating: important References: * bsc#1266460 Cross-References: * CVE-2025-70103 CVSS scores: * CVE-2025-70103 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-70103 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-70103 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for libjxl fixes the following issues: Security fixes: * CVE-2025-70103: heap buffer overflow when hen processing crafted pbm-images due to insufficient bounds checks (bsc#1266460). Other fixes: * Update to version 0.10.5: * fix tile dimension in low memory rendering pipeline. * fix number of channels for gray-to-gray color transform. * `djxl`: reject decoding JXL files if "packed" representation size overflows. * Changes from version 0.10.4: * Huffman lookup table size fix. * Check height limit in modular trees. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2286=1 ## Package List: * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * libjxl-tools-debuginfo-0.10.5-150700.4.12.1 * libjxl0_10-0.10.5-150700.4.12.1 * libjxl-devel-0.10.5-150700.4.12.1 * libjxl0_10-debuginfo-0.10.5-150700.4.12.1 * libjxl-debugsource-0.10.5-150700.4.12.1 * libjxl-tools-0.10.5-150700.4.12.1 * SUSE Package Hub 15 15-SP7 (x86_64) * libjxl0_10-32bit-0.10.5-150700.4.12.1 * libjxl0_10-32bit-debuginfo-0.10.5-150700.4.12.1 ## References: * https://www.suse.com/security/cve/CVE-2025-70103.html * https://bugzilla.suse.com/show_bug.cgi?id=1266460 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jun 5 20:30:28 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Jun 2026 20:30:28 -0000 Subject: SUSE-SU-2026:2285-1: important: Security update for yq Message-ID: <178069142894.417.7236984384015935308@8686897f7447> # Security update for yq Announcement ID: SUSE-SU-2026:2285-1 Release Date: 2026-06-05T12:16:32Z Rating: important References: * bsc#1267053 * bsc#1267199 Cross-References: * CVE-2026-25680 * CVE-2026-25681 * CVE-2026-27136 * CVE-2026-39821 * CVE-2026-42502 * CVE-2026-42506 CVSS scores: * CVE-2026-25680 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-25680 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25680 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-25681 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2026-25681 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-25681 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-27136 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2026-27136 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-27136 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-39821 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39821 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39821 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N * CVE-2026-42502 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2026-42502 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-42502 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-42506 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2026-42506 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-42506 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves six vulnerabilities can now be installed. ## Description: This update for yq fixes the following issues: * CVE-2026-25680,CVE-2026-25681,CVE-2026-27136,CVE-2026-42502,CVE-2026-42506: golang.org/x/net/html: multiple issues when parsing HTML files (bsc#1267053). * CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation bypass and privilege escalation (bsc#1267199). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2285=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2285=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * yq-4.53.2-150500.3.9.1 * yq-debuginfo-4.53.2-150500.3.9.1 * openSUSE Leap 15.5 (noarch) * yq-fish-completion-4.53.2-150500.3.9.1 * yq-zsh-completion-4.53.2-150500.3.9.1 * yq-bash-completion-4.53.2-150500.3.9.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * yq-4.53.2-150500.3.9.1 * yq-debuginfo-4.53.2-150500.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25680.html * https://www.suse.com/security/cve/CVE-2026-25681.html * https://www.suse.com/security/cve/CVE-2026-27136.html * https://www.suse.com/security/cve/CVE-2026-39821.html * https://www.suse.com/security/cve/CVE-2026-42502.html * https://www.suse.com/security/cve/CVE-2026-42506.html * https://bugzilla.suse.com/show_bug.cgi?id=1267053 * https://bugzilla.suse.com/show_bug.cgi?id=1267199 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jun 5 20:30:46 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Jun 2026 20:30:46 -0000 Subject: SUSE-SU-2026:2284-1: critical: Security update for mariadb Message-ID: <178069144696.417.6091867990665380920@8686897f7447> # Security update for mariadb Announcement ID: SUSE-SU-2026:2284-1 Release Date: 2026-06-05T12:16:05Z Rating: critical References: * bsc#1259176 * bsc#1266435 * bsc#1266437 * bsc#1266438 * bsc#1266439 * bsc#1266440 * bsc#1266442 * bsc#1266814 * bsc#1266815 * bsc#1267542 Cross-References: * CVE-2026-34303 * CVE-2026-3494 * CVE-2026-44168 * CVE-2026-44170 * CVE-2026-44171 * CVE-2026-44172 * CVE-2026-44173 * CVE-2026-48163 * CVE-2026-48165 * CVE-2026-49261 CVSS scores: * CVE-2026-34303 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3494 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-3494 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2026-3494 ( NVD ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-3494 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2026-44168 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-44168 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-44170 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-44171 ( SUSE ): 5.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-44171 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2026-44172 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-44173 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L * CVE-2026-44173 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L * CVE-2026-48163 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-48163 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-48165 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-48165 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-49261 ( SUSE ): 9.4 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-49261 ( SUSE ): 9.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * Galera for Ericsson 15 SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for mariadb fixes the following issues: * CVE-2026-3494: audit plugin comment handling bypass (bsc#1259176). * CVE-2026-34303: mysql: optimizer unspecified vulnerability (bsc#1266435). * CVE-2026-44168: wsrep SST unsafe parameter handling on the donor side (bsc#1266442). * CVE-2026-44170: argument injection in CONNECT REST Xcurl on Windows via unsanitized URL (bsc#1266440). * CVE-2026-44171: path traversal in mbstream (bsc#1266439). * CVE-2026-44172: mysql_real_escape_string() incorrectly handled big5 (bsc#1266438). * CVE-2026-44173: FILE privilege was not checked for subqueries in the FROM clause (bsc#1266437). * CVE-2026-48163: wsrep SST unsafe parameter handling on the donor side (bsc#1266815). * CVE-2026-48165: unsafe usage of `wsrep_sst_receive_address` values on the joiner side (bsc#1266814). * CVE-2026-49261: unsafe parameter handling in `wsrep_notify_cmd` (bsc#1267542). Changes for mariadb: * Update to 10.11.18: https://mariadb.com/docs/release-notes/community- server/10.11/10.11.18 https://mariadb.com/docs/release-notes/community- server/changelogs/10.11/10.11.18 * Update to 10.11.17: https://mariadb.com/docs/release-notes/community- server/10.11/10.11.17 https://mariadb.com/docs/release-notes/community- server/changelogs/10.11/10.11.17 https://mariadb.com/docs/release- notes/community-server/10.11/10.11.16 https://mariadb.com/docs/release- notes/community-server/changelogs/10.11/10.11.16 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Galera for Ericsson 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-ERICSSON-2026-2284=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2284=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2284=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2284=1 ## Package List: * Galera for Ericsson 15 SP6 (x86_64) * mariadb-debugsource-10.11.18-150600.4.20.1 * mariadb-debuginfo-10.11.18-150600.4.20.1 * mariadb-galera-10.11.18-150600.4.20.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * mariadb-debugsource-10.11.18-150600.4.20.1 * mariadb-tools-10.11.18-150600.4.20.1 * libmariadbd19-10.11.18-150600.4.20.1 * mariadb-10.11.18-150600.4.20.1 * libmariadbd19-debuginfo-10.11.18-150600.4.20.1 * mariadb-client-10.11.18-150600.4.20.1 * mariadb-client-debuginfo-10.11.18-150600.4.20.1 * mariadb-tools-debuginfo-10.11.18-150600.4.20.1 * libmariadbd-devel-10.11.18-150600.4.20.1 * mariadb-debuginfo-10.11.18-150600.4.20.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * mariadb-errormessages-10.11.18-150600.4.20.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * mariadb-debugsource-10.11.18-150600.4.20.1 * mariadb-rpm-macros-10.11.18-150600.4.20.1 * mariadb-test-10.11.18-150600.4.20.1 * mariadb-tools-10.11.18-150600.4.20.1 * mariadb-test-debuginfo-10.11.18-150600.4.20.1 * libmariadbd19-10.11.18-150600.4.20.1 * mariadb-10.11.18-150600.4.20.1 * mariadb-bench-debuginfo-10.11.18-150600.4.20.1 * libmariadbd19-debuginfo-10.11.18-150600.4.20.1 * mariadb-client-10.11.18-150600.4.20.1 * mariadb-client-debuginfo-10.11.18-150600.4.20.1 * mariadb-bench-10.11.18-150600.4.20.1 * mariadb-tools-debuginfo-10.11.18-150600.4.20.1 * libmariadbd-devel-10.11.18-150600.4.20.1 * mariadb-debuginfo-10.11.18-150600.4.20.1 * mariadb-galera-10.11.18-150600.4.20.1 * openSUSE Leap 15.6 (noarch) * mariadb-errormessages-10.11.18-150600.4.20.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * mariadb-debugsource-10.11.18-150600.4.20.1 * mariadb-tools-10.11.18-150600.4.20.1 * libmariadbd19-10.11.18-150600.4.20.1 * mariadb-10.11.18-150600.4.20.1 * libmariadbd19-debuginfo-10.11.18-150600.4.20.1 * mariadb-client-10.11.18-150600.4.20.1 * mariadb-client-debuginfo-10.11.18-150600.4.20.1 * mariadb-tools-debuginfo-10.11.18-150600.4.20.1 * libmariadbd-devel-10.11.18-150600.4.20.1 * mariadb-debuginfo-10.11.18-150600.4.20.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * mariadb-errormessages-10.11.18-150600.4.20.1 ## References: * https://www.suse.com/security/cve/CVE-2026-34303.html * https://www.suse.com/security/cve/CVE-2026-3494.html * https://www.suse.com/security/cve/CVE-2026-44168.html * https://www.suse.com/security/cve/CVE-2026-44170.html * https://www.suse.com/security/cve/CVE-2026-44171.html * https://www.suse.com/security/cve/CVE-2026-44172.html * https://www.suse.com/security/cve/CVE-2026-44173.html * https://www.suse.com/security/cve/CVE-2026-48163.html * https://www.suse.com/security/cve/CVE-2026-48165.html * https://www.suse.com/security/cve/CVE-2026-49261.html * https://bugzilla.suse.com/show_bug.cgi?id=1259176 * https://bugzilla.suse.com/show_bug.cgi?id=1266435 * https://bugzilla.suse.com/show_bug.cgi?id=1266437 * https://bugzilla.suse.com/show_bug.cgi?id=1266438 * https://bugzilla.suse.com/show_bug.cgi?id=1266439 * https://bugzilla.suse.com/show_bug.cgi?id=1266440 * https://bugzilla.suse.com/show_bug.cgi?id=1266442 * https://bugzilla.suse.com/show_bug.cgi?id=1266814 * https://bugzilla.suse.com/show_bug.cgi?id=1266815 * https://bugzilla.suse.com/show_bug.cgi?id=1267542 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jun 5 20:30:52 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Jun 2026 20:30:52 -0000 Subject: SUSE-SU-2026:2283-1: moderate: Security update for jq Message-ID: <178069145201.417.5700715208614687174@8686897f7447> # Security update for jq Announcement ID: SUSE-SU-2026:2283-1 Release Date: 2026-06-05T12:15:29Z Rating: moderate References: * bsc#1262043 Cross-References: * CVE-2026-33948 CVSS scores: * CVE-2026-33948 ( SUSE ): 2.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-33948 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-33948 ( NVD ): 2.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-33948 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * Basesystem Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for jq fixes the following issue * CVE-2026-33948: CLI input parsing may allow validation bypass via embedded NUL bytes (bsc#1262043) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2283=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2283=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2283=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2283=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2283=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2283=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * jq-1.6-150000.3.15.1 * libjq-devel-1.6-150000.3.15.1 * libjq1-debuginfo-1.6-150000.3.15.1 * libjq1-1.6-150000.3.15.1 * jq-debugsource-1.6-150000.3.15.1 * jq-debuginfo-1.6-150000.3.15.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * jq-1.6-150000.3.15.1 * libjq1-debuginfo-1.6-150000.3.15.1 * libjq1-1.6-150000.3.15.1 * jq-debugsource-1.6-150000.3.15.1 * jq-debuginfo-1.6-150000.3.15.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * jq-1.6-150000.3.15.1 * libjq1-debuginfo-1.6-150000.3.15.1 * libjq1-1.6-150000.3.15.1 * jq-debugsource-1.6-150000.3.15.1 * jq-debuginfo-1.6-150000.3.15.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * jq-1.6-150000.3.15.1 * libjq1-debuginfo-1.6-150000.3.15.1 * libjq1-1.6-150000.3.15.1 * jq-debugsource-1.6-150000.3.15.1 * jq-debuginfo-1.6-150000.3.15.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * jq-1.6-150000.3.15.1 * libjq1-debuginfo-1.6-150000.3.15.1 * libjq1-1.6-150000.3.15.1 * jq-debugsource-1.6-150000.3.15.1 * jq-debuginfo-1.6-150000.3.15.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * jq-1.6-150000.3.15.1 * libjq1-debuginfo-1.6-150000.3.15.1 * libjq1-1.6-150000.3.15.1 * jq-debugsource-1.6-150000.3.15.1 * jq-debuginfo-1.6-150000.3.15.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33948.html * https://bugzilla.suse.com/show_bug.cgi?id=1262043 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jun 5 20:31:08 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Jun 2026 20:31:08 -0000 Subject: SUSE-SU-2026:2282-1: critical: Security update for mariadb Message-ID: <178069146872.417.6164775458801795534@8686897f7447> # Security update for mariadb Announcement ID: SUSE-SU-2026:2282-1 Release Date: 2026-06-05T12:14:38Z Rating: critical References: * bsc#1259176 * bsc#1266437 * bsc#1266438 * bsc#1266439 * bsc#1266440 * bsc#1266442 * bsc#1266814 * bsc#1266815 * bsc#1267542 Cross-References: * CVE-2026-3494 * CVE-2026-44168 * CVE-2026-44170 * CVE-2026-44171 * CVE-2026-44172 * CVE-2026-44173 * CVE-2026-48163 * CVE-2026-48165 * CVE-2026-49261 CVSS scores: * CVE-2026-3494 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-3494 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2026-3494 ( NVD ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-3494 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2026-44168 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-44168 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-44170 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-44171 ( SUSE ): 5.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-44171 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2026-44172 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-44173 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L * CVE-2026-44173 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L * CVE-2026-48163 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-48163 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-48165 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-48165 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-49261 ( SUSE ): 9.4 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-49261 ( SUSE ): 9.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * Galera for Ericsson 15 SP4 * Galera for Ericsson 15 SP5 * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves nine vulnerabilities can now be installed. ## Description: This update for mariadb fixes the following issues: Security fixes: * CVE-2026-3494: audit plugin comment handling bypass (bsc#1259176). * CVE-2026-44168: wsrep SST unsafe parameter handling on the donor side (bsc#1266442). * CVE-2026-44170: argument injection in CONNECT REST Xcurl on Windows via unsanitized URL (bsc#1266440). * CVE-2026-44171: path traversal in mbstream (bsc#1266439). * CVE-2026-44172: mysql_real_escape_string() incorrectly handled big5 (bsc#1266438). * CVE-2026-44173: FILE privilege was not checked for subqueries in the FROM clause (bsc#1266437). * CVE-2026-48163: wsrep SST unsafe parameter handling on the donor side (bsc#1266815). * CVE-2026-48165: unsafe usage of `wsrep_sst_receive_address` values on the joiner side (bsc#1266814). * CVE-2026-49261: unsafe parameter handling in `wsrep_notify_cmd` (bsc#1267542). Other fixes: * Update to 10.6.27: https://mariadb.com/docs/release-notes/community- server/10.6/10.6.27 https://mariadb.com/docs/release-notes/community- server/changelogs/10.6/10.6.27 * Update to 10.6.26: https://mariadb.com/docs/release-notes/community- server/10.6/10.6.26 https://mariadb.com/docs/release-notes/community- server/changelogs/10.6/10.6.26 https://mariadb.com/docs/release- notes/community-server/10.6/10.6.25 https://mariadb.com/docs/release- notes/community-server/changelogs/10.6/10.6.25 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2282=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2282=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2282=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2282=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2282=1 * Galera for Ericsson 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-ERICSSON-2026-2282=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2282=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2282=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2282=1 * Galera for Ericsson 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-ERICSSON-2026-2282=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2282=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libmariadbd19-debuginfo-10.6.27-150400.3.46.1 * mariadb-bench-debuginfo-10.6.27-150400.3.46.1 * libmariadbd19-10.6.27-150400.3.46.1 * mariadb-test-debuginfo-10.6.27-150400.3.46.1 * mariadb-bench-10.6.27-150400.3.46.1 * mariadb-client-10.6.27-150400.3.46.1 * mariadb-tools-debuginfo-10.6.27-150400.3.46.1 * mariadb-client-debuginfo-10.6.27-150400.3.46.1 * mariadb-10.6.27-150400.3.46.1 * mariadb-debugsource-10.6.27-150400.3.46.1 * mariadb-galera-10.6.27-150400.3.46.1 * mariadb-tools-10.6.27-150400.3.46.1 * mariadb-debuginfo-10.6.27-150400.3.46.1 * libmariadbd-devel-10.6.27-150400.3.46.1 * mariadb-rpm-macros-10.6.27-150400.3.46.1 * mariadb-test-10.6.27-150400.3.46.1 * openSUSE Leap 15.4 (noarch) * mariadb-errormessages-10.6.27-150400.3.46.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libmariadbd19-debuginfo-10.6.27-150400.3.46.1 * libmariadbd19-10.6.27-150400.3.46.1 * mariadb-tools-debuginfo-10.6.27-150400.3.46.1 * mariadb-client-10.6.27-150400.3.46.1 * mariadb-client-debuginfo-10.6.27-150400.3.46.1 * mariadb-10.6.27-150400.3.46.1 * mariadb-debugsource-10.6.27-150400.3.46.1 * mariadb-tools-10.6.27-150400.3.46.1 * mariadb-debuginfo-10.6.27-150400.3.46.1 * libmariadbd-devel-10.6.27-150400.3.46.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * mariadb-errormessages-10.6.27-150400.3.46.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libmariadbd19-debuginfo-10.6.27-150400.3.46.1 * libmariadbd19-10.6.27-150400.3.46.1 * mariadb-tools-debuginfo-10.6.27-150400.3.46.1 * mariadb-client-10.6.27-150400.3.46.1 * mariadb-client-debuginfo-10.6.27-150400.3.46.1 * mariadb-10.6.27-150400.3.46.1 * mariadb-debugsource-10.6.27-150400.3.46.1 * mariadb-tools-10.6.27-150400.3.46.1 * mariadb-debuginfo-10.6.27-150400.3.46.1 * libmariadbd-devel-10.6.27-150400.3.46.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * mariadb-errormessages-10.6.27-150400.3.46.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libmariadbd19-debuginfo-10.6.27-150400.3.46.1 * libmariadbd19-10.6.27-150400.3.46.1 * mariadb-tools-debuginfo-10.6.27-150400.3.46.1 * mariadb-client-10.6.27-150400.3.46.1 * mariadb-client-debuginfo-10.6.27-150400.3.46.1 * mariadb-10.6.27-150400.3.46.1 * mariadb-debugsource-10.6.27-150400.3.46.1 * mariadb-tools-10.6.27-150400.3.46.1 * mariadb-debuginfo-10.6.27-150400.3.46.1 * libmariadbd-devel-10.6.27-150400.3.46.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * mariadb-errormessages-10.6.27-150400.3.46.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libmariadbd19-debuginfo-10.6.27-150400.3.46.1 * libmariadbd19-10.6.27-150400.3.46.1 * mariadb-tools-debuginfo-10.6.27-150400.3.46.1 * mariadb-client-10.6.27-150400.3.46.1 * mariadb-client-debuginfo-10.6.27-150400.3.46.1 * mariadb-10.6.27-150400.3.46.1 * mariadb-debugsource-10.6.27-150400.3.46.1 * mariadb-tools-10.6.27-150400.3.46.1 * mariadb-debuginfo-10.6.27-150400.3.46.1 * libmariadbd-devel-10.6.27-150400.3.46.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * mariadb-errormessages-10.6.27-150400.3.46.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libmariadbd19-debuginfo-10.6.27-150400.3.46.1 * mariadb-tools-debuginfo-10.6.27-150400.3.46.1 * libmariadbd19-10.6.27-150400.3.46.1 * mariadb-client-10.6.27-150400.3.46.1 * mariadb-client-debuginfo-10.6.27-150400.3.46.1 * mariadb-10.6.27-150400.3.46.1 * mariadb-debugsource-10.6.27-150400.3.46.1 * mariadb-tools-10.6.27-150400.3.46.1 * mariadb-debuginfo-10.6.27-150400.3.46.1 * libmariadbd-devel-10.6.27-150400.3.46.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * mariadb-errormessages-10.6.27-150400.3.46.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libmariadbd19-debuginfo-10.6.27-150400.3.46.1 * mariadb-tools-debuginfo-10.6.27-150400.3.46.1 * libmariadbd19-10.6.27-150400.3.46.1 * mariadb-client-10.6.27-150400.3.46.1 * mariadb-client-debuginfo-10.6.27-150400.3.46.1 * mariadb-10.6.27-150400.3.46.1 * mariadb-debugsource-10.6.27-150400.3.46.1 * mariadb-tools-10.6.27-150400.3.46.1 * mariadb-debuginfo-10.6.27-150400.3.46.1 * libmariadbd-devel-10.6.27-150400.3.46.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * mariadb-errormessages-10.6.27-150400.3.46.1 * Galera for Ericsson 15 SP4 (x86_64) * mariadb-galera-10.6.27-150400.3.46.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libmariadbd19-debuginfo-10.6.27-150400.3.46.1 * libmariadbd19-10.6.27-150400.3.46.1 * mariadb-tools-debuginfo-10.6.27-150400.3.46.1 * mariadb-client-10.6.27-150400.3.46.1 * mariadb-client-debuginfo-10.6.27-150400.3.46.1 * mariadb-10.6.27-150400.3.46.1 * mariadb-debugsource-10.6.27-150400.3.46.1 * mariadb-tools-10.6.27-150400.3.46.1 * mariadb-debuginfo-10.6.27-150400.3.46.1 * libmariadbd-devel-10.6.27-150400.3.46.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * mariadb-errormessages-10.6.27-150400.3.46.1 * Galera for Ericsson 15 SP5 (x86_64) * mariadb-debugsource-10.6.27-150400.3.46.1 * mariadb-galera-10.6.27-150400.3.46.1 * mariadb-debuginfo-10.6.27-150400.3.46.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libmariadbd19-debuginfo-10.6.27-150400.3.46.1 * libmariadbd19-10.6.27-150400.3.46.1 * mariadb-tools-debuginfo-10.6.27-150400.3.46.1 * mariadb-client-10.6.27-150400.3.46.1 * mariadb-client-debuginfo-10.6.27-150400.3.46.1 * mariadb-10.6.27-150400.3.46.1 * mariadb-debugsource-10.6.27-150400.3.46.1 * mariadb-tools-10.6.27-150400.3.46.1 * mariadb-debuginfo-10.6.27-150400.3.46.1 * libmariadbd-devel-10.6.27-150400.3.46.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * mariadb-errormessages-10.6.27-150400.3.46.1 ## References: * https://www.suse.com/security/cve/CVE-2026-3494.html * https://www.suse.com/security/cve/CVE-2026-44168.html * https://www.suse.com/security/cve/CVE-2026-44170.html * https://www.suse.com/security/cve/CVE-2026-44171.html * https://www.suse.com/security/cve/CVE-2026-44172.html * https://www.suse.com/security/cve/CVE-2026-44173.html * https://www.suse.com/security/cve/CVE-2026-48163.html * https://www.suse.com/security/cve/CVE-2026-48165.html * https://www.suse.com/security/cve/CVE-2026-49261.html * https://bugzilla.suse.com/show_bug.cgi?id=1259176 * https://bugzilla.suse.com/show_bug.cgi?id=1266437 * https://bugzilla.suse.com/show_bug.cgi?id=1266438 * https://bugzilla.suse.com/show_bug.cgi?id=1266439 * https://bugzilla.suse.com/show_bug.cgi?id=1266440 * https://bugzilla.suse.com/show_bug.cgi?id=1266442 * https://bugzilla.suse.com/show_bug.cgi?id=1266814 * https://bugzilla.suse.com/show_bug.cgi?id=1266815 * https://bugzilla.suse.com/show_bug.cgi?id=1267542 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jun 5 20:31:27 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Jun 2026 20:31:27 -0000 Subject: SUSE-SU-2026:2281-1: important: Security update for unbound Message-ID: <178069148728.417.10015403952508629347@8686897f7447> # Security update for unbound Announcement ID: SUSE-SU-2026:2281-1 Release Date: 2026-06-05T12:12:48Z Rating: important References: * bsc#1265578 * bsc#1265580 * bsc#1265581 * bsc#1265582 * bsc#1265583 * bsc#1265584 * bsc#1265585 * bsc#1265586 * bsc#1265587 * bsc#1265588 * bsc#1265589 Cross-References: * CVE-2026-32792 * CVE-2026-33278 * CVE-2026-40622 * CVE-2026-41292 * CVE-2026-42534 * CVE-2026-42923 * CVE-2026-42944 * CVE-2026-42959 * CVE-2026-42960 * CVE-2026-44390 * CVE-2026-44608 CVSS scores: * CVE-2026-32792 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32792 ( NVD ): 4.6 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green * CVE-2026-32792 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-33278 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-33278 ( NVD ): 9.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red * CVE-2026-33278 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-40622 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-40622 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-40622 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-41292 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-41292 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red * CVE-2026-41292 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42534 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42534 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-42534 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-42923 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42923 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-42923 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-42944 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-42944 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red * CVE-2026-42944 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42959 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42959 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red * CVE-2026-42959 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42960 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-42960 ( NVD ): 5.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-42960 ( NVD ): 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H * CVE-2026-44390 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-44390 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-44390 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-44608 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-44608 ( NVD ): 4.6 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-44608 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves 11 vulnerabilities can now be installed. ## Description: This update for unbound fixes the following issues * CVE-2026-32792: Packet of death with DNSCrypt (bsc#1265583). * CVE-2026-33278: Possible remote code execution during DNSSEC validation (bsc#1265587). * CVE-2026-40622: "Ghost domain name" variant (bsc#1265581). * CVE-2026-41292: Parsing a long list of incoming EDNS options degrades performance (bsc#1265580). * CVE-2026-42534: Jostle logic bypass degrades resolution performance (bsc#1265585). * CVE-2026-42923: Degradation of service with unbounded NSEC3 hash calculations (bsc#1265589). * CVE-2026-42944: Heap overflow and crash with multiple nsid, cookie, padding EDNS options (bsc#1265578). * CVE-2026-42959: Crash during DNSSEC validation of malicious content (bsc#1265586). * CVE-2026-42960: Possible cache poisoning attack while following delegation (bsc#1265588). * CVE-2026-44390: Unbounded name compression in certain cases causes degradation of service (bsc#1265584). * CVE-2026-44608: Use after free and crash in RPZ code (bsc#1265582). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2281=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2281=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2281=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2281=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2281=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * unbound-python-debuginfo-1.20.0-150600.23.16.1 * libunbound-devel-mini-debugsource-1.20.0-150600.23.16.1 * libunbound-devel-mini-1.20.0-150600.23.16.1 * unbound-python-1.20.0-150600.23.16.1 * libunbound-devel-mini-debuginfo-1.20.0-150600.23.16.1 * unbound-debugsource-1.20.0-150600.23.16.1 * unbound-1.20.0-150600.23.16.1 * libunbound8-1.20.0-150600.23.16.1 * unbound-debuginfo-1.20.0-150600.23.16.1 * unbound-anchor-debuginfo-1.20.0-150600.23.16.1 * libunbound8-debuginfo-1.20.0-150600.23.16.1 * unbound-devel-1.20.0-150600.23.16.1 * unbound-anchor-1.20.0-150600.23.16.1 * openSUSE Leap 15.6 (noarch) * unbound-munin-1.20.0-150600.23.16.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * unbound-python-debuginfo-1.20.0-150600.23.16.1 * unbound-python-1.20.0-150600.23.16.1 * unbound-debugsource-1.20.0-150600.23.16.1 * unbound-1.20.0-150600.23.16.1 * unbound-debuginfo-1.20.0-150600.23.16.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * unbound-debugsource-1.20.0-150600.23.16.1 * libunbound8-1.20.0-150600.23.16.1 * unbound-debuginfo-1.20.0-150600.23.16.1 * unbound-anchor-debuginfo-1.20.0-150600.23.16.1 * libunbound8-debuginfo-1.20.0-150600.23.16.1 * unbound-devel-1.20.0-150600.23.16.1 * unbound-anchor-1.20.0-150600.23.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * unbound-debugsource-1.20.0-150600.23.16.1 * libunbound8-1.20.0-150600.23.16.1 * unbound-debuginfo-1.20.0-150600.23.16.1 * unbound-anchor-debuginfo-1.20.0-150600.23.16.1 * libunbound8-debuginfo-1.20.0-150600.23.16.1 * unbound-devel-1.20.0-150600.23.16.1 * unbound-anchor-1.20.0-150600.23.16.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * unbound-debugsource-1.20.0-150600.23.16.1 * libunbound8-1.20.0-150600.23.16.1 * unbound-debuginfo-1.20.0-150600.23.16.1 * unbound-anchor-debuginfo-1.20.0-150600.23.16.1 * libunbound8-debuginfo-1.20.0-150600.23.16.1 * unbound-devel-1.20.0-150600.23.16.1 * unbound-anchor-1.20.0-150600.23.16.1 ## References: * https://www.suse.com/security/cve/CVE-2026-32792.html * https://www.suse.com/security/cve/CVE-2026-33278.html * https://www.suse.com/security/cve/CVE-2026-40622.html * https://www.suse.com/security/cve/CVE-2026-41292.html * https://www.suse.com/security/cve/CVE-2026-42534.html * https://www.suse.com/security/cve/CVE-2026-42923.html * https://www.suse.com/security/cve/CVE-2026-42944.html * https://www.suse.com/security/cve/CVE-2026-42959.html * https://www.suse.com/security/cve/CVE-2026-42960.html * https://www.suse.com/security/cve/CVE-2026-44390.html * https://www.suse.com/security/cve/CVE-2026-44608.html * https://bugzilla.suse.com/show_bug.cgi?id=1265578 * https://bugzilla.suse.com/show_bug.cgi?id=1265580 * https://bugzilla.suse.com/show_bug.cgi?id=1265581 * https://bugzilla.suse.com/show_bug.cgi?id=1265582 * https://bugzilla.suse.com/show_bug.cgi?id=1265583 * https://bugzilla.suse.com/show_bug.cgi?id=1265584 * https://bugzilla.suse.com/show_bug.cgi?id=1265585 * https://bugzilla.suse.com/show_bug.cgi?id=1265586 * https://bugzilla.suse.com/show_bug.cgi?id=1265587 * https://bugzilla.suse.com/show_bug.cgi?id=1265588 * https://bugzilla.suse.com/show_bug.cgi?id=1265589 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jun 5 20:31:31 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Jun 2026 20:31:31 -0000 Subject: SUSE-SU-2026:2280-1: important: Security update for ignition Message-ID: <178069149163.417.8654451345633779458@8686897f7447> # Security update for ignition Announcement ID: SUSE-SU-2026:2280-1 Release Date: 2026-06-05T12:11:42Z Rating: important References: * bsc#1265751 Cross-References: * CVE-2026-33814 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * HPC Module 15-SP7 * openSUSE Leap 15.4 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for ignition fixes the following issue * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265751). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2280=1 * HPC Module 15-SP7 zypper in -t patch SUSE-SLE-Module-HPC-15-SP7-2026-2280=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2280=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * ignition-debuginfo-2.14.0-150400.9.18.1 * ignition-2.14.0-150400.9.18.1 * ignition-dracut-grub2-2.14.0-150400.9.18.1 * HPC Module 15-SP7 (aarch64 x86_64) * ignition-debuginfo-2.14.0-150400.9.18.1 * ignition-2.14.0-150400.9.18.1 * ignition-dracut-grub2-2.14.0-150400.9.18.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 x86_64) * ignition-debuginfo-2.14.0-150400.9.18.1 * ignition-2.14.0-150400.9.18.1 * ignition-dracut-grub2-2.14.0-150400.9.18.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://bugzilla.suse.com/show_bug.cgi?id=1265751 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 16:30:19 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 16:30:19 -0000 Subject: SUSE-SU-2026:2299-1: important: Security update for tomcat Message-ID: <178093621910.1066.3141474085633864169@54e978799e75> # Security update for tomcat Announcement ID: SUSE-SU-2026:2299-1 Release Date: 2026-06-08T10:55:17Z Rating: important References: * bsc#1265145 * bsc#1265162 * bsc#1265163 * bsc#1265165 * bsc#1265166 * bsc#1265167 * bsc#1265168 Cross-References: * CVE-2026-41284 * CVE-2026-41293 * CVE-2026-42498 * CVE-2026-43512 * CVE-2026-43513 * CVE-2026-43514 * CVE-2026-43515 CVSS scores: * CVE-2026-41284 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-41284 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-41284 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-41293 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-41293 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-41293 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-42498 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-42498 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-42498 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-43512 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-43512 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-43512 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43513 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-43513 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-43513 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-43514 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-43514 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-43514 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-43515 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-43515 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-43515 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves seven vulnerabilities can now be installed. ## Description: This update for tomcat fixes the following issues Update to Tomcat 9.0.118: * CVE-2026-41284: Unbounded read in WebDAV LOCK and PROPFIND handling (bsc#1265162). * CVE-2026-41293: HTTP/2 request headers not validated (bsc#1265163). * CVE-2026-42498: WebSocket authentication header exposure (bsc#1265165). * CVE-2026-43512: digest authenticator will authenticate any unknown user (bsc#1265145). * CVE-2026-43513: LockOutRealm treats user names as case-sensitive (bsc#1265166). * CVE-2026-43514: AJP secret compared in non-constant time (bsc#1265167). * CVE-2026-43515: Security constraints not correctly applied (bsc#1265168). Changes: * Catalina * Add: Enhance version.sh and version.bat to display APR, Tomcat Native, and OpenSSL version information (both APR and FFM implementations), along with version compatibility warnings and third-party library version information. (csutherl) * Code: Refactor generation of the remote user element in the access log to remove unnecessary code. (markt) * Fix: Fix a regression in the previous release that meant ?- could appear in the access log rather than ? when the query string was present but empty. (markt) * Fix: Failed precondition should make WebDAV DELETE fail. #982 submitted by Mahmoud Alarby. (remm) * Fix: Align the escaping in ExtendedAccessLogValve with the other AccessLogValve implementations. (markt) * Fix: 70000: fix duplication of special headers in the response after commit, following fix for 69967. (remm) * Fix: Correct the handling of URIs mapped to a security constraint that only specifies the special ** role for all authenticated users. Requests without authentication were receiving 403 responses rather than 401 responses. (markt) * Fix: Fix a race condition in StandardContext.getServletContext() that could cause the jakarta.servlet.context.tempdir attribute to be lost during a context reload. Make the context field volatile and use locking to ensure only one ApplicationContext instance is created. (dsoumis) * Fix: Update the Windows authentication (kerberos) documentation to reflect that both Java and Windows are removing / have removed support for RC4-HMAC. The guide now uses AES256-SHA1. (markt) * Fix: Add a new initialisation parameter for WebDAV, maxRequestBodySize which limits the size of a WebDAV request body for LOCK and PROPFIND. The default value is 4096 bytes. (markt) * Add: Add a new caseSensitive attribute to the LockOutRealm that controls the manner in which user names are treated when making locking decisions. The default is false, meaning user names are treated in a case insensitive manner. (markt) * Fix: Correct the handling of invalid users with DIGEST authentication. (markt) * Fix: Ensure RealmBase finds all matching extension based security constraints. (markt) * Coyote * Fix: Avoid various edge cases if Content-Length is set via setHeader(String,String) or addHeader(String,String) with an invalid value by always clearing the previous value whether the new value is valid or not and ignoring any invalid new value. (markt) * Code: Refactor the calculation of the real index in the HPACK dynamic header table implementation to reduce code duplication. (markt) * Fix: Fix various minor issues with some HTTP/2 stream error messages for HTTP/2. (markt) * Fix: Consistently reject URIs containing NULL bytes when normalizing. * Fix: Fix a few minor memory leaks on error paths reading TLS keys and certificates when using FFM. (markt) * Fix: Refactor clean-up after HTTP/2 headers have been processed to aid GC after a stream reset. (markt) * Fix: Align HTTP/2 trailer fields with HTTP/1.1 and filter out any fields not permitted in trailers. (markt) * Fix: Free private keys after use in FFM based connector configuration. * Fix: Correct an unlikely edge-case parsing bug in the HTTP/2 HPACK header decoding that could result in a valid header triggering an unexpected connection close. (markt) * Fix: Refactor HTTP/2 HPACK encoding so header field names are only converted to lower case once during the encoding process. (markt) * Fix: Refactor HTTP/2 header field validation so it occurs earlier. Extend validation to check for disallowed characters as well as upper case characters. (markt) * Fix: Add TLS 1.3 groups added in OpenSSL 4.0. (remm) * Fix: Add validation that the HTTP/2 :scheme pseudo-header is consistent with the use (or not) of TLS. (markt) * Fix: Correct the validation of pseudo headers and CONNECT requests to align Tomcat's behaviour with RFC 9113, section 8.5. (markt) * Fix: Fix a potential integer overflow when allocating capacity from a connection level window update to individual HTTP/2 streams. Based on #996 by Mike Tingey Jr. (markt) * Fix: Switch AJP secret comparison to a constant time algorithm. (markt) * WebSocket * Fix: Fix the initial connection to a WebSocket end point where the connection is made via a proxy that requires DIGEST authentication. * Other * Fix: 69993: Update the URL to the CDDL 1.0 license. (markt) * Add: Add warning when OpenSSL binary is not found. (csutherl) * Add: Add check for Tomcat Native library, and log warning when it's not found to make it easier to see when it's not used by the suite. (csutherl) * Update: Update Byte Buddy to 1.18.8. (markt) * Update: Update Bouncy Castle to 1.84. (markt) * Update: Improvements to French translations. (remm) * Update: Improvements to Japanese translations provided by tak7iji. (markt) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-2299=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2299=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * tomcat-servlet-4_0-api-9.0.118-3.166.1 * tomcat-admin-webapps-9.0.118-3.166.1 * tomcat-lib-9.0.118-3.166.1 * tomcat-9.0.118-3.166.1 * tomcat-javadoc-9.0.118-3.166.1 * tomcat-el-3_0-api-9.0.118-3.166.1 * tomcat-jsp-2_3-api-9.0.118-3.166.1 * tomcat-docs-webapp-9.0.118-3.166.1 * tomcat-webapps-9.0.118-3.166.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * tomcat-servlet-4_0-api-9.0.118-3.166.1 * tomcat-admin-webapps-9.0.118-3.166.1 * tomcat-lib-9.0.118-3.166.1 * tomcat-9.0.118-3.166.1 * tomcat-javadoc-9.0.118-3.166.1 * tomcat-el-3_0-api-9.0.118-3.166.1 * tomcat-jsp-2_3-api-9.0.118-3.166.1 * tomcat-docs-webapp-9.0.118-3.166.1 * tomcat-webapps-9.0.118-3.166.1 ## References: * https://www.suse.com/security/cve/CVE-2026-41284.html * https://www.suse.com/security/cve/CVE-2026-41293.html * https://www.suse.com/security/cve/CVE-2026-42498.html * https://www.suse.com/security/cve/CVE-2026-43512.html * https://www.suse.com/security/cve/CVE-2026-43513.html * https://www.suse.com/security/cve/CVE-2026-43514.html * https://www.suse.com/security/cve/CVE-2026-43515.html * https://bugzilla.suse.com/show_bug.cgi?id=1265145 * https://bugzilla.suse.com/show_bug.cgi?id=1265162 * https://bugzilla.suse.com/show_bug.cgi?id=1265163 * https://bugzilla.suse.com/show_bug.cgi?id=1265165 * https://bugzilla.suse.com/show_bug.cgi?id=1265166 * https://bugzilla.suse.com/show_bug.cgi?id=1265167 * https://bugzilla.suse.com/show_bug.cgi?id=1265168 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 16:30:24 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 16:30:24 -0000 Subject: SUSE-SU-2026:2298-1: moderate: Security update for python311 Message-ID: <178093622459.1066.18356477370999383595@54e978799e75> # Security update for python311 Announcement ID: SUSE-SU-2026:2298-1 Release Date: 2026-06-08T10:17:21Z Rating: moderate References: * bsc#1258364 * bsc#1261970 Cross-References: * CVE-2026-3446 CVSS scores: * CVE-2026-3446 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-3446 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2026-3446 ( NVD ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for python311 fixes the following issues: * CVE-2026-3446: Base64 decoding stops at first padded quad by default (bsc#1261970). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2298=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2298=1 * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-2298=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * python311-testsuite-3.11.15-150600.3.56.1 * python311-3.11.15-150600.3.56.1 * python311-tk-3.11.15-150600.3.56.1 * python311-base-3.11.15-150600.3.56.1 * python311-tk-debuginfo-3.11.15-150600.3.56.1 * python311-base-debuginfo-3.11.15-150600.3.56.1 * python311-devel-3.11.15-150600.3.56.1 * python311-debuginfo-3.11.15-150600.3.56.1 * python311-dbm-3.11.15-150600.3.56.1 * python311-idle-3.11.15-150600.3.56.1 * python311-testsuite-debuginfo-3.11.15-150600.3.56.1 * python311-core-debugsource-3.11.15-150600.3.56.1 * python311-doc-devhelp-3.11.15-150600.3.56.1 * libpython3_11-1_0-debuginfo-3.11.15-150600.3.56.1 * python311-curses-debuginfo-3.11.15-150600.3.56.1 * python311-debugsource-3.11.15-150600.3.56.1 * python311-dbm-debuginfo-3.11.15-150600.3.56.1 * python311-curses-3.11.15-150600.3.56.1 * python311-doc-3.11.15-150600.3.56.1 * python311-tools-3.11.15-150600.3.56.1 * libpython3_11-1_0-3.11.15-150600.3.56.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libpython3_11-1_0-64bit-3.11.15-150600.3.56.1 * python311-64bit-debuginfo-3.11.15-150600.3.56.1 * libpython3_11-1_0-64bit-debuginfo-3.11.15-150600.3.56.1 * python311-base-64bit-3.11.15-150600.3.56.1 * python311-base-64bit-debuginfo-3.11.15-150600.3.56.1 * python311-64bit-3.11.15-150600.3.56.1 * openSUSE Leap 15.6 (x86_64) * libpython3_11-1_0-32bit-debuginfo-3.11.15-150600.3.56.1 * python311-32bit-debuginfo-3.11.15-150600.3.56.1 * python311-base-32bit-debuginfo-3.11.15-150600.3.56.1 * python311-base-32bit-3.11.15-150600.3.56.1 * python311-32bit-3.11.15-150600.3.56.1 * libpython3_11-1_0-32bit-3.11.15-150600.3.56.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libpython3_11-1_0-debuginfo-3.11.15-150600.3.56.1 * python311-core-debugsource-3.11.15-150600.3.56.1 * python311-base-debuginfo-3.11.15-150600.3.56.1 * python311-base-3.11.15-150600.3.56.1 * libpython3_11-1_0-3.11.15-150600.3.56.1 * Python 3 Module 15-SP7 (aarch64 ppc64le s390x x86_64) * python311-3.11.15-150600.3.56.1 * python311-dbm-debuginfo-3.11.15-150600.3.56.1 * python311-tk-3.11.15-150600.3.56.1 * python311-curses-3.11.15-150600.3.56.1 * python311-tk-debuginfo-3.11.15-150600.3.56.1 * python311-curses-debuginfo-3.11.15-150600.3.56.1 * python311-dbm-3.11.15-150600.3.56.1 * python311-debugsource-3.11.15-150600.3.56.1 * python311-tools-3.11.15-150600.3.56.1 * python311-core-debugsource-3.11.15-150600.3.56.1 * python311-devel-3.11.15-150600.3.56.1 * python311-debuginfo-3.11.15-150600.3.56.1 * python311-idle-3.11.15-150600.3.56.1 ## References: * https://www.suse.com/security/cve/CVE-2026-3446.html * https://bugzilla.suse.com/show_bug.cgi?id=1258364 * https://bugzilla.suse.com/show_bug.cgi?id=1261970 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 16:30:28 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 16:30:28 -0000 Subject: SUSE-SU-2026:2297-1: moderate: Security update for avahi Message-ID: <178093622888.1066.2715533923319097670@54e978799e75> # Security update for avahi Announcement ID: SUSE-SU-2026:2297-1 Release Date: 2026-06-08T10:17:03Z Rating: moderate References: * bsc#1261546 Cross-References: * CVE-2026-34933 CVSS scores: * CVE-2026-34933 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34933 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * Desktop Applications Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for avahi fixes the following issue: * CVE-2026-34933: Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags (bsc#1261546). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2297=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2297=1 * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2026-2297=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2297=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libavahi-gobject-devel-0.8-150600.15.18.1 * libavahi-glib1-debuginfo-0.8-150600.15.18.1 * libhowl0-0.8-150600.15.18.1 * avahi-utils-0.8-150600.15.18.1 * libavahi-devel-0.8-150600.15.18.1 * avahi-utils-gtk-debuginfo-0.8-150600.15.18.1 * python3-avahi-0.8-150600.15.18.1 * libavahi-ui-gtk3-0-0.8-150600.15.18.1 * libavahi-client3-debuginfo-0.8-150600.15.18.1 * libavahi-libevent1-0.8-150600.15.18.1 * libavahi-gobject0-0.8-150600.15.18.1 * avahi-compat-howl-devel-0.8-150600.15.18.1 * avahi-glib2-debugsource-0.8-150600.15.18.1 * avahi-utils-gtk-0.8-150600.15.18.1 * libavahi-libevent1-debuginfo-0.8-150600.15.18.1 * libavahi-qt5-devel-0.8-150600.15.18.1 * libavahi-ui-gtk3-0-debuginfo-0.8-150600.15.18.1 * avahi-utils-debuginfo-0.8-150600.15.18.1 * avahi-debuginfo-0.8-150600.15.18.1 * typelib-1_0-Avahi-0_6-0.8-150600.15.18.1 * libavahi-core7-0.8-150600.15.18.1 * libavahi-common3-0.8-150600.15.18.1 * python3-avahi-gtk-0.8-150600.15.18.1 * avahi-debugsource-0.8-150600.15.18.1 * libhowl0-debuginfo-0.8-150600.15.18.1 * libavahi-qt5-1-0.8-150600.15.18.1 * libavahi-common3-debuginfo-0.8-150600.15.18.1 * libavahi-gobject0-debuginfo-0.8-150600.15.18.1 * libavahi-glib1-0.8-150600.15.18.1 * avahi-compat-mDNSResponder-devel-0.8-150600.15.18.1 * libavahi-core7-debuginfo-0.8-150600.15.18.1 * avahi-qt5-debugsource-0.8-150600.15.18.1 * libavahi-client3-0.8-150600.15.18.1 * libavahi-glib-devel-0.8-150600.15.18.1 * avahi-autoipd-0.8-150600.15.18.1 * libdns_sd-debuginfo-0.8-150600.15.18.1 * libavahi-qt5-1-debuginfo-0.8-150600.15.18.1 * avahi-autoipd-debuginfo-0.8-150600.15.18.1 * avahi-0.8-150600.15.18.1 * libdns_sd-0.8-150600.15.18.1 * openSUSE Leap 15.6 (x86_64) * libavahi-client3-32bit-debuginfo-0.8-150600.15.18.1 * libavahi-glib1-32bit-0.8-150600.15.18.1 * libavahi-glib1-32bit-debuginfo-0.8-150600.15.18.1 * avahi-32bit-debuginfo-0.8-150600.15.18.1 * libavahi-client3-32bit-0.8-150600.15.18.1 * libavahi-common3-32bit-0.8-150600.15.18.1 * libdns_sd-32bit-0.8-150600.15.18.1 * libdns_sd-32bit-debuginfo-0.8-150600.15.18.1 * libavahi-common3-32bit-debuginfo-0.8-150600.15.18.1 * openSUSE Leap 15.6 (noarch) * avahi-lang-0.8-150600.15.18.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libavahi-client3-64bit-0.8-150600.15.18.1 * libavahi-client3-64bit-debuginfo-0.8-150600.15.18.1 * libavahi-glib1-64bit-debuginfo-0.8-150600.15.18.1 * libdns_sd-64bit-debuginfo-0.8-150600.15.18.1 * libdns_sd-64bit-0.8-150600.15.18.1 * libavahi-common3-64bit-debuginfo-0.8-150600.15.18.1 * avahi-64bit-debuginfo-0.8-150600.15.18.1 * libavahi-common3-64bit-0.8-150600.15.18.1 * libavahi-glib1-64bit-0.8-150600.15.18.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libavahi-glib1-debuginfo-0.8-150600.15.18.1 * libhowl0-0.8-150600.15.18.1 * libavahi-devel-0.8-150600.15.18.1 * avahi-utils-0.8-150600.15.18.1 * libavahi-ui-gtk3-0-0.8-150600.15.18.1 * libavahi-client3-debuginfo-0.8-150600.15.18.1 * libavahi-libevent1-0.8-150600.15.18.1 * libavahi-gobject0-0.8-150600.15.18.1 * avahi-compat-howl-devel-0.8-150600.15.18.1 * avahi-glib2-debugsource-0.8-150600.15.18.1 * libavahi-libevent1-debuginfo-0.8-150600.15.18.1 * libavahi-ui-gtk3-0-debuginfo-0.8-150600.15.18.1 * avahi-utils-debuginfo-0.8-150600.15.18.1 * avahi-debuginfo-0.8-150600.15.18.1 * typelib-1_0-Avahi-0_6-0.8-150600.15.18.1 * libavahi-core7-0.8-150600.15.18.1 * libavahi-common3-0.8-150600.15.18.1 * avahi-debugsource-0.8-150600.15.18.1 * libhowl0-debuginfo-0.8-150600.15.18.1 * libavahi-common3-debuginfo-0.8-150600.15.18.1 * libavahi-gobject0-debuginfo-0.8-150600.15.18.1 * libavahi-glib1-0.8-150600.15.18.1 * avahi-compat-mDNSResponder-devel-0.8-150600.15.18.1 * libavahi-core7-debuginfo-0.8-150600.15.18.1 * libavahi-client3-0.8-150600.15.18.1 * libavahi-glib-devel-0.8-150600.15.18.1 * libdns_sd-debuginfo-0.8-150600.15.18.1 * avahi-0.8-150600.15.18.1 * libdns_sd-0.8-150600.15.18.1 * Basesystem Module 15-SP7 (noarch) * avahi-lang-0.8-150600.15.18.1 * Basesystem Module 15-SP7 (x86_64) * libavahi-client3-32bit-debuginfo-0.8-150600.15.18.1 * avahi-32bit-debuginfo-0.8-150600.15.18.1 * libavahi-client3-32bit-0.8-150600.15.18.1 * libavahi-common3-32bit-0.8-150600.15.18.1 * libavahi-common3-32bit-debuginfo-0.8-150600.15.18.1 * Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libavahi-gobject-devel-0.8-150600.15.18.1 * avahi-debugsource-0.8-150600.15.18.1 * avahi-glib2-debugsource-0.8-150600.15.18.1 * avahi-utils-gtk-0.8-150600.15.18.1 * avahi-autoipd-0.8-150600.15.18.1 * avahi-utils-gtk-debuginfo-0.8-150600.15.18.1 * avahi-debuginfo-0.8-150600.15.18.1 * avahi-autoipd-debuginfo-0.8-150600.15.18.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * avahi-debugsource-0.8-150600.15.18.1 * python3-avahi-0.8-150600.15.18.1 * avahi-debuginfo-0.8-150600.15.18.1 ## References: * https://www.suse.com/security/cve/CVE-2026-34933.html * https://bugzilla.suse.com/show_bug.cgi?id=1261546 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 16:30:33 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 16:30:33 -0000 Subject: SUSE-SU-2026:2296-1: moderate: Security update for avahi Message-ID: <178093623312.1066.7567793784631760574@54e978799e75> # Security update for avahi Announcement ID: SUSE-SU-2026:2296-1 Release Date: 2026-06-08T10:16:33Z Rating: moderate References: * bsc#1261546 Cross-References: * CVE-2026-34933 CVSS scores: * CVE-2026-34933 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34933 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for avahi fixes the following issue: * CVE-2026-34933: reachable assertion in `transport_flags_from_domain` can crash the `avahi-daemon` (bsc#1261546). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2296=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * avahi-debugsource-0.6.32-32.42.1 * avahi-utils-debuginfo-0.6.32-32.42.1 * libavahi-common3-debuginfo-0.6.32-32.42.1 * avahi-debuginfo-32bit-0.6.32-32.42.1 * avahi-debuginfo-0.6.32-32.42.1 * libdns_sd-debuginfo-32bit-0.6.32-32.42.1 * avahi-utils-0.6.32-32.42.1 * libavahi-core7-debuginfo-0.6.32-32.42.1 * avahi-compat-mDNSResponder-devel-0.6.32-32.42.1 * libdns_sd-32bit-0.6.32-32.42.1 * libavahi-core7-0.6.32-32.42.1 * libdns_sd-debuginfo-0.6.32-32.42.1 * libavahi-devel-0.6.32-32.42.1 * libavahi-client3-32bit-0.6.32-32.42.1 * libavahi-client3-0.6.32-32.42.1 * avahi-compat-howl-devel-0.6.32-32.42.1 * libavahi-common3-32bit-0.6.32-32.42.1 * libavahi-client3-debuginfo-32bit-0.6.32-32.42.1 * libavahi-client3-debuginfo-0.6.32-32.42.1 * libavahi-common3-debuginfo-32bit-0.6.32-32.42.1 * libdns_sd-0.6.32-32.42.1 * libavahi-common3-0.6.32-32.42.1 * avahi-0.6.32-32.42.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * avahi-lang-0.6.32-32.42.1 ## References: * https://www.suse.com/security/cve/CVE-2026-34933.html * https://bugzilla.suse.com/show_bug.cgi?id=1261546 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 16:30:41 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 16:30:41 -0000 Subject: SUSE-SU-2026:2293-1: important: Security update for memcached Message-ID: <178093624101.1066.6067035568772818816@54e978799e75> # Security update for memcached Announcement ID: SUSE-SU-2026:2293-1 Release Date: 2026-06-08T08:53:01Z Rating: important References: * bsc#1265873 * bsc#1265881 Cross-References: * CVE-2026-47783 * CVE-2026-47784 CVSS scores: * CVE-2026-47783 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-47783 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-47784 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-47784 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 * SUSE Linux Enterprise Desktop 15 SP1 * SUSE Linux Enterprise Desktop 15 SP2 * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP1 * SUSE Linux Enterprise Real Time 15 SP2 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Client Tools for SLE 15 An update that solves two vulnerabilities can now be installed. ## Description: This update for memcached fixes the following issues * CVE-2026-47783: timing side-channel in SASL password database authentication (username) (bsc#1265873). * CVE-2026-47784: timing side-channel in SASL password database authentication (password) (bsc#1265881). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE 15 zypper in -t patch SUSE-SLE-Manager-Tools-15-2026-2293=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-2293=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2293=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2293=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2293=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2293=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2293=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2293=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2293=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2293=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2293=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2293=1 ## Package List: * SUSE Manager Client Tools for SLE 15 (aarch64 ppc64le s390x x86_64) * memcached-1.5.6-150000.4.10.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * memcached-debugsource-1.5.6-150000.4.10.1 * memcached-1.5.6-150000.4.10.1 * memcached-debuginfo-1.5.6-150000.4.10.1 * memcached-devel-1.5.6-150000.4.10.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * memcached-debugsource-1.5.6-150000.4.10.1 * memcached-1.5.6-150000.4.10.1 * memcached-debuginfo-1.5.6-150000.4.10.1 * memcached-devel-1.5.6-150000.4.10.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * memcached-debugsource-1.5.6-150000.4.10.1 * memcached-1.5.6-150000.4.10.1 * memcached-debuginfo-1.5.6-150000.4.10.1 * memcached-devel-1.5.6-150000.4.10.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * memcached-debugsource-1.5.6-150000.4.10.1 * memcached-1.5.6-150000.4.10.1 * memcached-debuginfo-1.5.6-150000.4.10.1 * memcached-devel-1.5.6-150000.4.10.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * memcached-debugsource-1.5.6-150000.4.10.1 * memcached-1.5.6-150000.4.10.1 * memcached-debuginfo-1.5.6-150000.4.10.1 * memcached-devel-1.5.6-150000.4.10.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * memcached-debugsource-1.5.6-150000.4.10.1 * memcached-1.5.6-150000.4.10.1 * memcached-debuginfo-1.5.6-150000.4.10.1 * memcached-devel-1.5.6-150000.4.10.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * memcached-debugsource-1.5.6-150000.4.10.1 * memcached-1.5.6-150000.4.10.1 * memcached-debuginfo-1.5.6-150000.4.10.1 * memcached-devel-1.5.6-150000.4.10.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * memcached-debugsource-1.5.6-150000.4.10.1 * memcached-1.5.6-150000.4.10.1 * memcached-debuginfo-1.5.6-150000.4.10.1 * memcached-devel-1.5.6-150000.4.10.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * memcached-debugsource-1.5.6-150000.4.10.1 * memcached-1.5.6-150000.4.10.1 * memcached-debuginfo-1.5.6-150000.4.10.1 * memcached-devel-1.5.6-150000.4.10.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * memcached-debugsource-1.5.6-150000.4.10.1 * memcached-1.5.6-150000.4.10.1 * memcached-debuginfo-1.5.6-150000.4.10.1 * memcached-devel-1.5.6-150000.4.10.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * memcached-debugsource-1.5.6-150000.4.10.1 * memcached-1.5.6-150000.4.10.1 * memcached-debuginfo-1.5.6-150000.4.10.1 * memcached-devel-1.5.6-150000.4.10.1 ## References: * https://www.suse.com/security/cve/CVE-2026-47783.html * https://www.suse.com/security/cve/CVE-2026-47784.html * https://bugzilla.suse.com/show_bug.cgi?id=1265873 * https://bugzilla.suse.com/show_bug.cgi?id=1265881 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 16:30:47 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 16:30:47 -0000 Subject: SUSE-SU-2026:2292-1: important: Security update for memcached Message-ID: <178093624717.1066.2191510015897160529@54e978799e75> # Security update for memcached Announcement ID: SUSE-SU-2026:2292-1 Release Date: 2026-06-08T08:51:34Z Rating: important References: * bsc#1265873 * bsc#1265881 Cross-References: * CVE-2026-47783 * CVE-2026-47784 CVSS scores: * CVE-2026-47783 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-47783 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-47784 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-47784 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for memcached fixes the following issues * CVE-2026-47783: timing side-channel in SASL password database authentication (username) (bsc#1265873). * CVE-2026-47784: timing side-channel in SASL password database authentication (password) (bsc#1265881). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-2292=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2292=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * memcached-debugsource-1.4.39-4.14.1 * memcached-debuginfo-1.4.39-4.14.1 * memcached-devel-1.4.39-4.14.1 * memcached-1.4.39-4.14.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * memcached-debugsource-1.4.39-4.14.1 * memcached-debuginfo-1.4.39-4.14.1 * memcached-devel-1.4.39-4.14.1 * memcached-1.4.39-4.14.1 ## References: * https://www.suse.com/security/cve/CVE-2026-47783.html * https://www.suse.com/security/cve/CVE-2026-47784.html * https://bugzilla.suse.com/show_bug.cgi?id=1265873 * https://bugzilla.suse.com/show_bug.cgi?id=1265881 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:30:07 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:30:07 -0000 Subject: SUSE-SU-2026:22041-1: moderate: Security update for csync2 Message-ID: <178095060763.27.14196290394726567505@5a3a51eaee51> # Security update for csync2 Announcement ID: SUSE-SU-2026:22041-1 Release Date: 2026-06-03T10:13:42Z Rating: moderate References: * bsc#1262472 * jsc#PED-14855 Cross-References: * CVE-2026-41051 CVSS scores: * CVE-2026-41051 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-41051 ( SUSE ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H * CVE-2026-41051 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-41051 ( NVD ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability and contains one feature can now be installed. ## Description: This update for csync2 fixes the following issues Security issue: * CVE-2026-41051: uses insecure temporary directories when compiled with C99 or later (bsc#1262472). Non security issue: * Fix packages for Immutable Mode (jsc#PED-14855). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-886=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * csync2-2.0+git.1600444747.83b3644-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-41051.html * https://bugzilla.suse.com/show_bug.cgi?id=1262472 * https://jira.suse.com/browse/PED-14855 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:30:26 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:30:26 -0000 Subject: SUSE-SU-2026:22040-1: important: Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 16) Message-ID: <178095062699.27.16950485075804330574@5a3a51eaee51> # Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:22040-1 Release Date: 2026-06-02T18:38:15Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.26.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-879=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-879=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1 * kernel-livepatch-6_12_0-160000_26-default-debuginfo-6-160000.1.1 * kernel-livepatch-SLE16_Update_5-debugsource-6-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1 * kernel-livepatch-6_12_0-160000_26-default-debuginfo-6-160000.1.1 * kernel-livepatch-SLE16_Update_5-debugsource-6-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:30:38 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:30:38 -0000 Subject: SUSE-SU-2026:22039-1: important: Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16) Message-ID: <178095063883.27.6936153484406631989@5a3a51eaee51> # Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:22039-1 Release Date: 2026-06-02T11:43:50Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.5.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-870=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-870=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-livepatch-6_12_0-160000_5-default-13-160000.4.3 * kernel-livepatch-SLE16_Update_0-debugsource-13-160000.4.3 * kernel-livepatch-6_12_0-160000_5-default-debuginfo-13-160000.4.3 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * kernel-livepatch-6_12_0-160000_5-default-13-160000.4.3 * kernel-livepatch-SLE16_Update_0-debugsource-13-160000.4.3 * kernel-livepatch-6_12_0-160000_5-default-debuginfo-13-160000.4.3 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:30:51 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:30:51 -0000 Subject: SUSE-SU-2026:22038-1: important: Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16) Message-ID: <178095065124.27.10233162595984781747@5a3a51eaee51> # Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:22038-1 Release Date: 2026-06-02T11:09:34Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.7.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-869=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-869=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-livepatch-SLE16_Update_2-debugsource-9-160000.1.1 * kernel-livepatch-6_12_0-160000_7-default-9-160000.1.1 * kernel-livepatch-6_12_0-160000_7-default-debuginfo-9-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * kernel-livepatch-SLE16_Update_2-debugsource-9-160000.1.1 * kernel-livepatch-6_12_0-160000_7-default-9-160000.1.1 * kernel-livepatch-6_12_0-160000_7-default-debuginfo-9-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:30:58 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:30:58 -0000 Subject: SUSE-SU-2026:22037-1: important: Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 16) Message-ID: <178095065829.27.16327930161732002650@5a3a51eaee51> # Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:22037-1 Release Date: 2026-06-02T07:41:04Z Rating: important References: * bsc#1261630 * bsc#1261845 * bsc#1265384 Cross-References: * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-46333 CVSS scores: * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.31.1 fixes various security issues The following security issues were fixed: * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-862=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-862=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-livepatch-SLE16_Update_10-debugsource-2-160000.1.1 * kernel-livepatch-6_12_0-160000_31-default-debuginfo-2-160000.1.1 * kernel-livepatch-6_12_0-160000_31-default-2-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * kernel-livepatch-SLE16_Update_10-debugsource-2-160000.1.1 * kernel-livepatch-6_12_0-160000_31-default-debuginfo-2-160000.1.1 * kernel-livepatch-6_12_0-160000_31-default-2-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:31:05 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:31:05 -0000 Subject: SUSE-SU-2026:22036-1: important: Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise 16) Message-ID: <178095066502.27.15493839076080783825@5a3a51eaee51> # Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:22036-1 Release Date: 2026-06-02T07:22:26Z Rating: important References: * bsc#1261630 * bsc#1261845 Cross-References: * CVE-2026-23437 * CVE-2026-31406 CVSS scores: * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.32.1 fixes various security issues The following security issues were fixed: * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-858=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-858=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-livepatch-SLE16_Update_11-debugsource-2-160000.1.1 * kernel-livepatch-6_12_0-160000_32-default-debuginfo-2-160000.1.1 * kernel-livepatch-6_12_0-160000_32-default-2-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * kernel-livepatch-SLE16_Update_11-debugsource-2-160000.1.1 * kernel-livepatch-6_12_0-160000_32-default-debuginfo-2-160000.1.1 * kernel-livepatch-6_12_0-160000_32-default-2-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:31:15 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:31:15 -0000 Subject: SUSE-SU-2026:22035-1: important: Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise 16) Message-ID: <178095067594.27.15243804519523775939@5a3a51eaee51> # Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:22035-1 Release Date: 2026-06-02T04:08:38Z Rating: important References: * bsc#1259798 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.27.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-857=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-857=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-livepatch-6_12_0-160000_27-default-debuginfo-5-160000.1.1 * kernel-livepatch-6_12_0-160000_27-default-5-160000.1.1 * kernel-livepatch-SLE16_Update_6-debugsource-5-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * kernel-livepatch-6_12_0-160000_27-default-debuginfo-5-160000.1.1 * kernel-livepatch-6_12_0-160000_27-default-5-160000.1.1 * kernel-livepatch-SLE16_Update_6-debugsource-5-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:31:26 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:31:26 -0000 Subject: SUSE-SU-2026:22034-1: important: Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise 16) Message-ID: <178095068620.27.1597338193545378258@5a3a51eaee51> # Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:22034-1 Release Date: 2026-06-02T03:39:39Z Rating: important References: * bsc#1261630 * bsc#1261845 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.29.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-856=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-856=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-livepatch-SLE16_Update_8-debugsource-3-160000.1.1 * kernel-livepatch-6_12_0-160000_29-default-debuginfo-3-160000.1.1 * kernel-livepatch-6_12_0-160000_29-default-3-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * kernel-livepatch-SLE16_Update_8-debugsource-3-160000.1.1 * kernel-livepatch-6_12_0-160000_29-default-debuginfo-3-160000.1.1 * kernel-livepatch-6_12_0-160000_29-default-3-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:31:37 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:31:37 -0000 Subject: SUSE-SU-2026:22033-1: important: Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 16) Message-ID: <178095069783.27.7581494006051045593@5a3a51eaee51> # Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:22033-1 Release Date: 2026-06-01T23:41:15Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.9.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-854=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-854=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-livepatch-6_12_0-160000_9-default-debuginfo-7-160000.1.1 * kernel-livepatch-SLE16_Update_4-debugsource-7-160000.1.1 * kernel-livepatch-6_12_0-160000_9-default-7-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * kernel-livepatch-6_12_0-160000_9-default-debuginfo-7-160000.1.1 * kernel-livepatch-SLE16_Update_4-debugsource-7-160000.1.1 * kernel-livepatch-6_12_0-160000_9-default-7-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:31:45 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:31:45 -0000 Subject: SUSE-SU-2026:22032-1: important: Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 16) Message-ID: <178095070511.27.17698493219888948837@5a3a51eaee51> # Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:22032-1 Release Date: 2026-06-01T23:39:59Z Rating: important References: * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.28.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-855=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-855=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-livepatch-6_12_0-160000_28-default-4-160000.1.1 * kernel-livepatch-6_12_0-160000_28-default-debuginfo-4-160000.1.1 * kernel-livepatch-SLE16_Update_7-debugsource-4-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * kernel-livepatch-6_12_0-160000_28-default-4-160000.1.1 * kernel-livepatch-6_12_0-160000_28-default-debuginfo-4-160000.1.1 * kernel-livepatch-SLE16_Update_7-debugsource-4-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:31:56 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:31:56 -0000 Subject: SUSE-SU-2026:22031-1: important: Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16) Message-ID: <178095071657.27.12626012669863189013@5a3a51eaee51> # Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:22031-1 Release Date: 2026-06-01T20:59:02Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.6.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-853=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-853=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-livepatch-SLE16_Update_1-debugsource-11-160000.1.1 * kernel-livepatch-6_12_0-160000_6-default-11-160000.1.1 * kernel-livepatch-6_12_0-160000_6-default-debuginfo-11-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * kernel-livepatch-SLE16_Update_1-debugsource-11-160000.1.1 * kernel-livepatch-6_12_0-160000_6-default-11-160000.1.1 * kernel-livepatch-6_12_0-160000_6-default-debuginfo-11-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:32:08 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:32:08 -0000 Subject: SUSE-SU-2026:22030-1: important: Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 16) Message-ID: <178095072862.27.314756207285883120@5a3a51eaee51> # Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:22030-1 Release Date: 2026-06-01T20:10:13Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.8.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-852=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-852=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-livepatch-SLE16_Update_3-debugsource-8-160000.1.1 * kernel-livepatch-6_12_0-160000_8-default-8-160000.1.1 * kernel-livepatch-6_12_0-160000_8-default-debuginfo-8-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * kernel-livepatch-SLE16_Update_3-debugsource-8-160000.1.1 * kernel-livepatch-6_12_0-160000_8-default-8-160000.1.1 * kernel-livepatch-6_12_0-160000_8-default-debuginfo-8-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:32:19 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:32:19 -0000 Subject: SUSE-SU-2026:22029-1: important: Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise 16) Message-ID: <178095073958.27.12381977048948383682@5a3a51eaee51> # Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:22029-1 Release Date: 2026-06-01T16:45:52Z Rating: important References: * bsc#1261630 * bsc#1261845 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.30.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-849=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-849=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-livepatch-6_12_0-160000_30-default-debuginfo-2-160000.1.1 * kernel-livepatch-SLE16_Update_9-debugsource-2-160000.1.1 * kernel-livepatch-6_12_0-160000_30-default-2-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * kernel-livepatch-6_12_0-160000_30-default-debuginfo-2-160000.1.1 * kernel-livepatch-SLE16_Update_9-debugsource-2-160000.1.1 * kernel-livepatch-6_12_0-160000_30-default-2-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:32:31 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:32:31 -0000 Subject: SUSE-SU-2026:22026-1: important: Security update for frr Message-ID: <178095075184.27.15515223735768794202@5a3a51eaee51> # Security update for frr Announcement ID: SUSE-SU-2026:22026-1 Release Date: 2026-06-03T09:46:09Z Rating: important References: * bsc#1261013 * bsc#1263859 * bsc#1263863 * bsc#1263974 Cross-References: * CVE-2026-28532 * CVE-2026-37457 * CVE-2026-37458 * CVE-2026-5107 CVSS scores: * CVE-2026-28532 ( SUSE ): 6.0 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-28532 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-28532 ( NVD ): 6.0 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-28532 ( NVD ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-37457 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-37457 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-37458 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-37458 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-37458 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-5107 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-5107 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2026-5107 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-5107 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2026-5107 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves four vulnerabilities can now be installed. ## Description: This update for frr fixes the following issues: * CVE-2026-5107: Fixed an improper access controls in EVPN Type-2 Route Handler (bsc#1261013). * CVE-2026-28532: Harden TE/SR TLV iteration against malformed lengths (bsc#1263859). * CVE-2026-37457: Fix off-by-one error in FlowSpec operator array bounds check (bsc#1263863). * CVE-2026-37458: Validate MP_REACH_NLRI attribute against incorrect next-hop (bsc#1263974). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-884=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-884=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * libmgmt_be_nb0-debuginfo-10.2.6-160000.1.1 * libfrr_pb0-debuginfo-10.2.6-160000.1.1 * libfrrospfapiclient0-debuginfo-10.2.6-160000.1.1 * frr-debugsource-10.2.6-160000.1.1 * libfrrcares0-10.2.6-160000.1.1 * libfrrcares0-debuginfo-10.2.6-160000.1.1 * libfrrsnmp0-10.2.6-160000.1.1 * libfrrzmq0-debuginfo-10.2.6-160000.1.1 * libfrrospfapiclient0-10.2.6-160000.1.1 * frr-10.2.6-160000.1.1 * libfrrzmq0-10.2.6-160000.1.1 * libfrr0-debuginfo-10.2.6-160000.1.1 * libfrr0-10.2.6-160000.1.1 * libfrrsnmp0-debuginfo-10.2.6-160000.1.1 * libfrrfpm_pb0-10.2.6-160000.1.1 * frr-debuginfo-10.2.6-160000.1.1 * libfrrfpm_pb0-debuginfo-10.2.6-160000.1.1 * frr-devel-10.2.6-160000.1.1 * libfrr_pb0-10.2.6-160000.1.1 * libmgmt_be_nb0-10.2.6-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * libmgmt_be_nb0-debuginfo-10.2.6-160000.1.1 * libfrr_pb0-debuginfo-10.2.6-160000.1.1 * libfrrospfapiclient0-debuginfo-10.2.6-160000.1.1 * frr-debugsource-10.2.6-160000.1.1 * libfrrcares0-10.2.6-160000.1.1 * libfrrcares0-debuginfo-10.2.6-160000.1.1 * libfrrsnmp0-10.2.6-160000.1.1 * libfrrzmq0-debuginfo-10.2.6-160000.1.1 * libfrrospfapiclient0-10.2.6-160000.1.1 * frr-10.2.6-160000.1.1 * libfrrzmq0-10.2.6-160000.1.1 * libfrr0-debuginfo-10.2.6-160000.1.1 * libfrr0-10.2.6-160000.1.1 * libfrrsnmp0-debuginfo-10.2.6-160000.1.1 * libfrrfpm_pb0-10.2.6-160000.1.1 * frr-debuginfo-10.2.6-160000.1.1 * libfrrfpm_pb0-debuginfo-10.2.6-160000.1.1 * frr-devel-10.2.6-160000.1.1 * libfrr_pb0-10.2.6-160000.1.1 * libmgmt_be_nb0-10.2.6-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-28532.html * https://www.suse.com/security/cve/CVE-2026-37457.html * https://www.suse.com/security/cve/CVE-2026-37458.html * https://www.suse.com/security/cve/CVE-2026-5107.html * https://bugzilla.suse.com/show_bug.cgi?id=1261013 * https://bugzilla.suse.com/show_bug.cgi?id=1263859 * https://bugzilla.suse.com/show_bug.cgi?id=1263863 * https://bugzilla.suse.com/show_bug.cgi?id=1263974 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:32:35 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:32:35 -0000 Subject: SUSE-SU-2026:22025-1: moderate: Security update for python-pyOpenSSL Message-ID: <178095075577.27.14436738906879891359@5a3a51eaee51> # Security update for python-pyOpenSSL Announcement ID: SUSE-SU-2026:22025-1 Release Date: 2026-06-03T09:15:30Z Rating: moderate References: * bsc#1262803 Cross-References: * CVE-2026-40475 CVSS scores: * CVE-2026-40475 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-40475 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for python-pyOpenSSL fixes the following issue * CVE-2026-40475: improper input handling of null bytes can lead to silent data truncation and security-state inconsistency (bsc#1262803). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-883=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-883=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (noarch) * python313-pyOpenSSL-25.0.0-160000.4.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * python313-pyOpenSSL-25.0.0-160000.4.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40475.html * https://bugzilla.suse.com/show_bug.cgi?id=1262803 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:32:39 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:32:39 -0000 Subject: SUSE-SU-2026:22024-1: moderate: Security update for python-CairoSVG Message-ID: <178095075979.27.11168236190214277972@5a3a51eaee51> # Security update for python-CairoSVG Announcement ID: SUSE-SU-2026:22024-1 Release Date: 2026-06-02T22:56:21Z Rating: moderate References: * bsc#1259690 Cross-References: * CVE-2026-31899 CVSS scores: * CVE-2026-31899 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-31899 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for python-CairoSVG fixes the following issue: * CVE-2026-31899: denial of service via recursive element amplification (bsc#1259690). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-880=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-880=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (noarch) * python313-CairoSVG-2.7.1-160000.3.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * python313-CairoSVG-2.7.1-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31899.html * https://bugzilla.suse.com/show_bug.cgi?id=1259690 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:32:44 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:32:44 -0000 Subject: SUSE-SU-2026:22023-1: moderate: Security update for python-Flask Message-ID: <178095076498.27.10398079928574356851@5a3a51eaee51> # Security update for python-Flask Announcement ID: SUSE-SU-2026:22023-1 Release Date: 2026-06-02T17:26:38Z Rating: moderate References: * bsc#1258700 Cross-References: * CVE-2026-27205 CVSS scores: * CVE-2026-27205 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-27205 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-27205 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27205 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for python-Flask fixes the following issue: * CVE-2026-27205: information disclosure due to Flask session not adding the `Vary: Cookie` header (bsc#1258700). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-878=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-878=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (noarch) * python313-Flask-3.1.1-160000.3.1 * python313-Flask-doc-3.1.1-160000.3.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * python313-Flask-3.1.1-160000.3.1 * python313-Flask-doc-3.1.1-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-27205.html * https://bugzilla.suse.com/show_bug.cgi?id=1258700 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:32:51 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:32:51 -0000 Subject: SUSE-SU-2026:22022-1: important: Security update for memcached Message-ID: <178095077103.27.14879324063657354656@5a3a51eaee51> # Security update for memcached Announcement ID: SUSE-SU-2026:22022-1 Release Date: 2026-06-02T13:56:05Z Rating: important References: * bsc#1265873 * bsc#1265881 Cross-References: * CVE-2026-47783 * CVE-2026-47784 CVSS scores: * CVE-2026-47783 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-47783 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-47784 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-47784 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for memcached fixes the following issues * CVE-2026-47783: timing side-channel in SASL password database authentication (username) (bsc#1265873). * CVE-2026-47784: timing side-channel in SASL password database authentication (password) (bsc#1265881). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-877=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-877=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * memcached-debugsource-1.6.38-160000.3.1 * memcached-devel-1.6.38-160000.3.1 * memcached-1.6.38-160000.3.1 * memcached-debuginfo-1.6.38-160000.3.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * memcached-debugsource-1.6.38-160000.3.1 * memcached-devel-1.6.38-160000.3.1 * memcached-1.6.38-160000.3.1 * memcached-debuginfo-1.6.38-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-47783.html * https://www.suse.com/security/cve/CVE-2026-47784.html * https://bugzilla.suse.com/show_bug.cgi?id=1265873 * https://bugzilla.suse.com/show_bug.cgi?id=1265881 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:33:00 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:33:00 -0000 Subject: SUSE-SU-2026:22020-1: important: Security update for busybox Message-ID: <178095078094.27.14177410918709513320@5a3a51eaee51> # Security update for busybox Announcement ID: SUSE-SU-2026:22020-1 Release Date: 2026-06-02T13:49:06Z Rating: important References: * bsc#1263989 Cross-References: * CVE-2026-29004 CVSS scores: * CVE-2026-29004 ( SUSE ): 7.2 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-29004 ( SUSE ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2026-29004 ( NVD ): 7.2 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-29004 ( NVD ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for busybox fixes the following issue * CVE-2026-29004: a crafted DHCPv6 response can lead to a heap buffer overflow in the DHCPv6 client (bsc#1263989). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-876=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-876=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * busybox-static-1.37.0-160000.6.1 * busybox-1.37.0-160000.6.1 * busybox-debuginfo-1.37.0-160000.6.1 * busybox-static-debuginfo-1.37.0-160000.6.1 * busybox-debugsource-1.37.0-160000.6.1 * SUSE Linux Enterprise Server 16.0 (aarch64 x86_64) * busybox-warewulf3-debuginfo-1.37.0-160000.6.1 * busybox-warewulf3-1.37.0-160000.6.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * busybox-static-1.37.0-160000.6.1 * busybox-1.37.0-160000.6.1 * busybox-debuginfo-1.37.0-160000.6.1 * busybox-static-debuginfo-1.37.0-160000.6.1 * busybox-debugsource-1.37.0-160000.6.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (x86_64) * busybox-warewulf3-debuginfo-1.37.0-160000.6.1 * busybox-warewulf3-1.37.0-160000.6.1 ## References: * https://www.suse.com/security/cve/CVE-2026-29004.html * https://bugzilla.suse.com/show_bug.cgi?id=1263989 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:33:09 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:33:09 -0000 Subject: SUSE-SU-2026:22018-1: moderate: Security update for python-pip Message-ID: <178095078920.27.9681453849491922719@5a3a51eaee51> # Security update for python-pip Announcement ID: SUSE-SU-2026:22018-1 Release Date: 2026-06-02T13:37:37Z Rating: moderate References: * bsc#1262429 * bsc#1263442 Cross-References: * CVE-2026-1703 * CVE-2026-3219 * CVE-2026-6357 CVSS scores: * CVE-2026-1703 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-1703 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2026-1703 ( NVD ): 2.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-3219 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-3219 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2026-3219 ( NVD ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-6357 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-6357 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N * CVE-2026-6357 ( NVD ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves three vulnerabilities can now be installed. ## Description: This update for python-pip fixes the following issues: * CVE-2026-3219: concatenated tar and ZIP files are handled as ZIP files, resulting in possibly obfuscated malicious code (bsc#1262429). * CVE-2026-6357: pip self-update functionality can import newly installed modules after wheel installation, resulting in potential arbitrary code execution (bsc#1263442). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-872=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-872=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (noarch) * python313-pip-wheel-25.0.1-160000.4.1 * python313-pip-25.0.1-160000.4.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * python313-pip-wheel-25.0.1-160000.4.1 * python313-pip-25.0.1-160000.4.1 ## References: * https://www.suse.com/security/cve/CVE-2026-1703.html * https://www.suse.com/security/cve/CVE-2026-3219.html * https://www.suse.com/security/cve/CVE-2026-6357.html * https://bugzilla.suse.com/show_bug.cgi?id=1262429 * https://bugzilla.suse.com/show_bug.cgi?id=1263442 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:33:21 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:33:21 -0000 Subject: SUSE-SU-2026:22016-1: important: Security update for ovmf Message-ID: <178095080160.27.3295283023060891027@5a3a51eaee51> # Security update for ovmf Announcement ID: SUSE-SU-2026:22016-1 Release Date: 2026-06-02T09:29:38Z Rating: important References: * bsc#1261469 * bsc#1261476 * bsc#1261477 * bsc#1261478 Cross-References: * CVE-2026-25833 * CVE-2026-25834 * CVE-2026-25835 * CVE-2026-34874 CVSS scores: * CVE-2026-25833 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-25833 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25833 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25834 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-25834 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-25834 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-25835 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-25835 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-25835 ( NVD ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-34874 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34874 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34874 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves four vulnerabilities can now be installed. ## Description: This update for ovmf fixes the following issues: * CVE-2026-25833: mbedtls: buffer overflow in the `x509_inet_pton_ipv6()` function (bsc#1261476). * CVE-2026-25834: mbedtls: client accepts signature algorithm chosen by server even if not advertised in client hello (bsc#1261477). * CVE-2026-25835: mbedtls: no pseudo-random number generator reseed when cloning an application (bsc#1261478). * CVE-2026-34874: mbedtls: NULL pointer dereference in distinguished name parsing (bsc#1261469). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-865=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-865=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (x86_64) * ovmf-tools-202502-160000.5.1 * ovmf-debugsource-202502-160000.5.1 * ovmf-202502-160000.5.1 * ovmf-debuginfo-202502-160000.5.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * qemu-ovmf-x86_64-202502-160000.5.1 * SUSE Linux Enterprise Server 16.0 (aarch64 x86_64) * ovmf-202502-160000.5.1 * ovmf-tools-202502-160000.5.1 * SUSE Linux Enterprise Server 16.0 (x86_64) * ovmf-debugsource-202502-160000.5.1 * ovmf-debuginfo-202502-160000.5.1 * SUSE Linux Enterprise Server 16.0 (noarch) * qemu-uefi-aarch64-202502-160000.5.1 * qemu-ovmf-x86_64-202502-160000.5.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25833.html * https://www.suse.com/security/cve/CVE-2026-25834.html * https://www.suse.com/security/cve/CVE-2026-25835.html * https://www.suse.com/security/cve/CVE-2026-34874.html * https://bugzilla.suse.com/show_bug.cgi?id=1261469 * https://bugzilla.suse.com/show_bug.cgi?id=1261476 * https://bugzilla.suse.com/show_bug.cgi?id=1261477 * https://bugzilla.suse.com/show_bug.cgi?id=1261478 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:33:35 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:33:35 -0000 Subject: SUSE-SU-2026:22015-1: important: Security update for rsync Message-ID: <178095081595.27.10107777950430882752@5a3a51eaee51> # Security update for rsync Announcement ID: SUSE-SU-2026:22015-1 Release Date: 2026-06-02T09:13:41Z Rating: important References: * bsc#1254441 * bsc#1262223 * bsc#1264511 * bsc#1264512 * bsc#1264513 * bsc#1264514 * bsc#1264515 * bsc#1265296 Cross-References: * CVE-2025-10158 * CVE-2026-29518 * CVE-2026-41035 * CVE-2026-43617 * CVE-2026-43618 * CVE-2026-43619 * CVE-2026-43620 * CVE-2026-45232 CVSS scores: * CVE-2025-10158 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2025-10158 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2026-29518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-29518 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-29518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-29518 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-41035 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-41035 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-41035 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-41035 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L * CVE-2026-43617 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-43617 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-43617 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-43617 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-43618 ( SUSE ): 6.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43618 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-43618 ( NVD ): 6.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-43618 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-43619 ( SUSE ): 7.2 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-43619 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-43619 ( NVD ): 7.2 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-43619 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-43620 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43620 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-43620 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-43620 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-43620 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-45232 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-45232 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2026-45232 ( NVD ): 2.1 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-45232 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-45232 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves eight vulnerabilities can now be installed. ## Description: This update for rsync fixes the following issues * CVE-2025-10158: Out of bounds array access via negative index (bsc#1254441). * CVE-2026-29518: Symlink-Race TOCTOU in Daemon (use chroot = no) (bsc#1264511). * CVE-2026-41035: count of entries mismatch can lead to a use-after-free (bsc#1262223). * CVE-2026-43617: Authorization Bypass via Hostname Resolution (bsc#1264515). * CVE-2026-43618: Integer Overflow Information Disclosure (bsc#1264512). * CVE-2026-43619: Symlink Race Condition via Path-Based Syscalls (bsc#1264514). * CVE-2026-43620: Out-of-Bounds Array Read via recv_files() (bsc#1264513). * CVE-2026-45232: Off-by-one stack OOB write in HTTP CONNECT proxy response parsing (bsc#1265296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-867=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-867=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * rsync-debugsource-3.4.1-160000.4.1 * rsync-3.4.1-160000.4.1 * rsync-debuginfo-3.4.1-160000.4.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * rsync-debugsource-3.4.1-160000.4.1 * rsync-3.4.1-160000.4.1 * rsync-debuginfo-3.4.1-160000.4.1 ## References: * https://www.suse.com/security/cve/CVE-2025-10158.html * https://www.suse.com/security/cve/CVE-2026-29518.html * https://www.suse.com/security/cve/CVE-2026-41035.html * https://www.suse.com/security/cve/CVE-2026-43617.html * https://www.suse.com/security/cve/CVE-2026-43618.html * https://www.suse.com/security/cve/CVE-2026-43619.html * https://www.suse.com/security/cve/CVE-2026-43620.html * https://www.suse.com/security/cve/CVE-2026-45232.html * https://bugzilla.suse.com/show_bug.cgi?id=1254441 * https://bugzilla.suse.com/show_bug.cgi?id=1262223 * https://bugzilla.suse.com/show_bug.cgi?id=1264511 * https://bugzilla.suse.com/show_bug.cgi?id=1264512 * https://bugzilla.suse.com/show_bug.cgi?id=1264513 * https://bugzilla.suse.com/show_bug.cgi?id=1264514 * https://bugzilla.suse.com/show_bug.cgi?id=1264515 * https://bugzilla.suse.com/show_bug.cgi?id=1265296 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:33:54 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:33:54 -0000 Subject: SUSE-SU-2026:22011-1: important: Security update for python-urllib3_1 Message-ID: <178095083448.27.10181857363809517277@5a3a51eaee51> # Security update for python-urllib3_1 Announcement ID: SUSE-SU-2026:22011-1 Release Date: 2026-06-02T07:25:25Z Rating: important References: * bsc#1265267 Cross-References: * CVE-2026-44431 CVSS scores: * CVE-2026-44431 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-44431 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-44431 ( NVD ): 8.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-44431 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for python-urllib3_1 fixes the following issue * CVE-2026-44431: sensitive information disclosure due to sensitive headers being forwarded across origins in proxied low-level redirects (bsc#1265267). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-859=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-859=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (noarch) * python313-urllib3_1-1.26.20-160000.4.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * python313-urllib3_1-1.26.20-160000.4.1 ## References: * https://www.suse.com/security/cve/CVE-2026-44431.html * https://bugzilla.suse.com/show_bug.cgi?id=1265267 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:34:18 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:34:18 -0000 Subject: SUSE-SU-2026:22005-1: moderate: Security update for python-uv Message-ID: <178095085820.27.8943516691379096386@5a3a51eaee51> # Security update for python-uv Announcement ID: SUSE-SU-2026:22005-1 Release Date: 2026-06-01T15:03:55Z Rating: moderate References: * bsc#1259624 * bsc#1259966 Cross-References: * CVE-2026-31812 * CVE-2026-32766 CVSS scores: * CVE-2026-31812 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31812 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-31812 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-32766 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-32766 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-32766 ( NVD ): 1.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-32766 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for python-uv fixes the following issues: * CVE-2026-31812: quinn-proto: denial of service via crafted QUIC initial packet (bsc#1259624). * CVE-2026-32766: astral-tokio-tar: malformed PAX extensions can lead to archive misinterpretation (bsc#1259966). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-845=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-845=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * python313-uv-debuginfo-0.7.18-160000.5.1 * python-uv-debugsource-0.7.18-160000.5.1 * python313-uv-0.7.18-160000.5.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * python313-uv-debuginfo-0.7.18-160000.5.1 * python-uv-debugsource-0.7.18-160000.5.1 * python313-uv-0.7.18-160000.5.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31812.html * https://www.suse.com/security/cve/CVE-2026-32766.html * https://bugzilla.suse.com/show_bug.cgi?id=1259624 * https://bugzilla.suse.com/show_bug.cgi?id=1259966 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:34:23 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:34:23 -0000 Subject: SUSE-SU-2026:22004-1: important: Security update for python-Twisted Message-ID: <178095086377.27.3715377695045928026@5a3a51eaee51> # Security update for python-Twisted Announcement ID: SUSE-SU-2026:22004-1 Release Date: 2026-06-01T08:20:36Z Rating: important References: * bsc#1265265 Cross-References: * CVE-2026-42304 CVSS scores: * CVE-2026-42304 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42304 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for python-Twisted fixes the following issue * CVE-2026-42304: Prior to 26.4.0rc2, the twisted.names module is vulnerable to a Denial of Service (DoS) attack via resource exhaustion during DNS name decompression (bsc#1265265). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-833=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-833=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (noarch) * python313-Twisted-http2-24.10.0-160000.3.1 * python313-Twisted-contextvars-24.10.0-160000.3.1 * python313-Twisted-serial-24.10.0-160000.3.1 * python313-Twisted-tls-24.10.0-160000.3.1 * python313-Twisted-all_non_platform-24.10.0-160000.3.1 * python313-Twisted-conch_nacl-24.10.0-160000.3.1 * python313-Twisted-24.10.0-160000.3.1 * python-Twisted-doc-24.10.0-160000.3.1 * python313-Twisted-conch-24.10.0-160000.3.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * python313-Twisted-http2-24.10.0-160000.3.1 * python313-Twisted-contextvars-24.10.0-160000.3.1 * python313-Twisted-serial-24.10.0-160000.3.1 * python313-Twisted-tls-24.10.0-160000.3.1 * python313-Twisted-all_non_platform-24.10.0-160000.3.1 * python313-Twisted-conch_nacl-24.10.0-160000.3.1 * python313-Twisted-24.10.0-160000.3.1 * python-Twisted-doc-24.10.0-160000.3.1 * python313-Twisted-conch-24.10.0-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-42304.html * https://bugzilla.suse.com/show_bug.cgi?id=1265265 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:34:27 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:34:27 -0000 Subject: SUSE-SU-2026:22003-1: important: Security update for python-urllib3 Message-ID: <178095086777.27.13938561291620756275@5a3a51eaee51> # Security update for python-urllib3 Announcement ID: SUSE-SU-2026:22003-1 Release Date: 2026-06-01T08:14:49Z Rating: important References: * bsc#1265267 Cross-References: * CVE-2026-44431 CVSS scores: * CVE-2026-44431 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-44431 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-44431 ( NVD ): 8.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-44431 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for python-urllib3 fixes the following issue * CVE-2026-44431: sensitive information disclosure due to sensitive headers being forwarded across origins in proxied low-level redirects (bsc#1265267). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-832=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-832=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (noarch) * python313-urllib3-2.5.0-160000.6.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * python313-urllib3-2.5.0-160000.6.1 ## References: * https://www.suse.com/security/cve/CVE-2026-44431.html * https://bugzilla.suse.com/show_bug.cgi?id=1265267 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:34:31 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:34:31 -0000 Subject: SUSE-SU-2026:22002-1: important: Security update for tree-sitter Message-ID: <178095087172.27.14671798892014428079@5a3a51eaee51> # Security update for tree-sitter Announcement ID: SUSE-SU-2026:22002-1 Release Date: 2026-06-01T08:10:15Z Rating: important References: * bsc#1265300 Cross-References: * CVE-2026-44216 CVSS scores: * CVE-2026-44216 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-44216 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-44216 ( NVD ): 5.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-44216 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for tree-sitter fixes the following issue * CVE-2026-44216: wasmtime: allocation of a table exceeding the size of the host's address space leads to panic (bsc#1265300). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-834=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-834=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * tree-sitter-devel-0.26.8-160000.2.1 * tree-sitter-debuginfo-0.26.8-160000.2.1 * libtree-sitter0_26-debuginfo-0.26.8-160000.2.1 * libtree-sitter0_26-0.26.8-160000.2.1 * tree-sitter-debugsource-0.26.8-160000.2.1 * SUSE Linux Enterprise Server 16.0 (x86_64) * libtree-sitter0_26-x86-64-v3-debuginfo-0.26.8-160000.2.1 * libtree-sitter0_26-x86-64-v3-0.26.8-160000.2.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * tree-sitter-devel-0.26.8-160000.2.1 * tree-sitter-debuginfo-0.26.8-160000.2.1 * libtree-sitter0_26-debuginfo-0.26.8-160000.2.1 * libtree-sitter0_26-0.26.8-160000.2.1 * tree-sitter-debugsource-0.26.8-160000.2.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (x86_64) * libtree-sitter0_26-x86-64-v3-debuginfo-0.26.8-160000.2.1 * libtree-sitter0_26-x86-64-v3-0.26.8-160000.2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-44216.html * https://bugzilla.suse.com/show_bug.cgi?id=1265300 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:34:37 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:34:37 -0000 Subject: SUSE-SU-2026:22001-1: important: Security update for helm Message-ID: <178095087730.27.3693397910147495791@5a3a51eaee51> # Security update for helm Announcement ID: SUSE-SU-2026:22001-1 Release Date: 2026-05-30T08:15:04Z Rating: important References: * bsc#1265428 * bsc#1265758 * jsc#PED-15794 Cross-References: * CVE-2026-33814 * CVE-2026-41888 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-41888 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-41888 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-41888 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-41888 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves two vulnerabilities and contains one feature can now be installed. ## Description: This update for helm fixes the following issues Security issues: * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265758). * CVE-2026-41888: github.com/distribution/distribution/v3: tag deletion bypasses the storage.delete.enabled configuration (bsc#1265428). Non security issue: * Update to version 3.21.0. * Fix packages for %suse_version bump (jsc#PED-15794) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-829=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-829=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * helm-3.21.0-160000.1.1 * helm-debuginfo-3.21.0-160000.1.1 * SUSE Linux Enterprise Server 16.0 (noarch) * helm-zsh-completion-3.21.0-160000.1.1 * helm-fish-completion-3.21.0-160000.1.1 * helm-bash-completion-3.21.0-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * helm-3.21.0-160000.1.1 * helm-debuginfo-3.21.0-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * helm-zsh-completion-3.21.0-160000.1.1 * helm-fish-completion-3.21.0-160000.1.1 * helm-bash-completion-3.21.0-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://www.suse.com/security/cve/CVE-2026-41888.html * https://bugzilla.suse.com/show_bug.cgi?id=1265428 * https://bugzilla.suse.com/show_bug.cgi?id=1265758 * https://jira.suse.com/browse/PED-15794 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:34:41 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:34:41 -0000 Subject: SUSE-SU-2026:22000-1: important: Security update for postgresql-jdbc Message-ID: <178095088146.27.3856309717413334603@5a3a51eaee51> # Security update for postgresql-jdbc Announcement ID: SUSE-SU-2026:22000-1 Release Date: 2026-05-29T15:58:27Z Rating: important References: * bsc#1264174 Cross-References: * CVE-2026-42198 CVSS scores: * CVE-2026-42198 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42198 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql-jdbc fixes the following issue * CVE-2026-42198: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication (bsc#1264174). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-828=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-828=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (noarch) * postgresql-jdbc-javadoc-42.7.7-160000.3.1 * postgresql-jdbc-42.7.7-160000.3.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * postgresql-jdbc-javadoc-42.7.7-160000.3.1 * postgresql-jdbc-42.7.7-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-42198.html * https://bugzilla.suse.com/show_bug.cgi?id=1264174 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:34:46 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:34:46 -0000 Subject: SUSE-SU-2026:21999-1: important: Security update for python-python-multipart Message-ID: <178095088694.27.15917926752990439991@5a3a51eaee51> # Security update for python-python-multipart Announcement ID: SUSE-SU-2026:21999-1 Release Date: 2026-05-29T14:27:32Z Rating: important References: * bsc#1262403 * bsc#1265250 Cross-References: * CVE-2026-40347 * CVE-2026-42561 CVSS scores: * CVE-2026-40347 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-40347 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-40347 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-42561 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42561 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for python-python-multipart fixes the following issues * CVE-2026-40347: crafted `multipart/form-data` can cause a denial of service (bsc#1262403). * CVE-2026-42561: denial of service vulnerability in multipart part header parsing (bsc#1265250). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-827=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-827=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (noarch) * python313-python-multipart-0.0.20-160000.4.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * python313-python-multipart-0.0.20-160000.4.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40347.html * https://www.suse.com/security/cve/CVE-2026-42561.html * https://bugzilla.suse.com/show_bug.cgi?id=1262403 * https://bugzilla.suse.com/show_bug.cgi?id=1265250 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:34:51 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:34:51 -0000 Subject: SUSE-SU-2026:21998-1: important: Security update for libsoup Message-ID: <178095089110.27.5816578232002837761@5a3a51eaee51> # Security update for libsoup Announcement ID: SUSE-SU-2026:21998-1 Release Date: 2026-05-29T13:40:48Z Rating: important References: * bsc#1259767 Cross-References: * CVE-2026-4271 CVSS scores: * CVE-2026-4271 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-4271 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-4271 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-4271 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for libsoup fixes the following issue * CVE-2026-4271: use-after-free in the HTTP/2 server when user signal handlers disconnect connections during callback execution (bsc#1259767). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-826=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-826=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * libsoup-3_0-0-3.6.6-160000.2.1 * libsoup-3_0-0-debuginfo-3.6.6-160000.2.1 * libsoup-devel-3.6.6-160000.2.1 * libsoup-debugsource-3.6.6-160000.2.1 * typelib-1_0-Soup-3_0-3.6.6-160000.2.1 * SUSE Linux Enterprise Server 16.0 (noarch) * libsoup-lang-3.6.6-160000.2.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * libsoup-3_0-0-3.6.6-160000.2.1 * libsoup-3_0-0-debuginfo-3.6.6-160000.2.1 * libsoup-devel-3.6.6-160000.2.1 * libsoup-debugsource-3.6.6-160000.2.1 * typelib-1_0-Soup-3_0-3.6.6-160000.2.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * libsoup-lang-3.6.6-160000.2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-4271.html * https://bugzilla.suse.com/show_bug.cgi?id=1259767 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:35:03 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:35:03 -0000 Subject: SUSE-SU-2026:21996-1: important: Security update for apache-commons-lang3, apache-commons-text, apache-commons-configuration2, apache-commons-cli, apache-commons-io, apache-commons-codec Message-ID: <178095090319.27.3326506486028084507@5a3a51eaee51> # Security update for apache-commons-lang3, apache-commons-text, apache-commons- configuration2, apache-commons-cli, apache-commons-io, apache-commons-codec Announcement ID: SUSE-SU-2026:21996-1 Release Date: 2026-05-29T08:47:32Z Rating: important References: * bsc#1265299 Cross-References: * CVE-2025-48924 * CVE-2026-45205 CVSS scores: * CVE-2025-48924 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-48924 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-48924 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-45205 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-45205 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-45205 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for apache-commons-lang3, apache-commons-text, apache-commons- configuration2, apache-commons-cli, apache-commons-io, apache-commons-codec fixes the following issues: Changes in apache-commons-lang3: Update to 3.20.0 * New features: * Add SystemProperties.getPath(String, Supplier) * Add JavaVersion.JAVA_25 * Add JavaVersion.JAVA_26 * Add SystemUtils.IS_JAVA_25 * Add SystemUtils.IS_JAVA_26 * Add MutablePair.ofNonNull(Map.Entry) * Add TimedSemaphore.builder(), Builder, and deprecate constructors * LANG-1504: Adding labels and history to split StopWatch * Fixed Bugs: * Optimize ObjectToStringComparator.compare() method * [javadoc] Improve StringUtils Javadoc * Fix internal inverted logic in private isEnum() method and correct its usage in getFirstEnum() * Use accessors in ToStringStyle so subclasses can effectively override them * 'LocaleUtils.toLocale(String)' for a 2 letter country code now returns a value instead of throwing an 'IllegalArgumentException' * Fix typo in StringUtils.trunctate() IllegalArgumentException message and test assertion messages * Fix test fixture in ReflectionDiffBuilderTest.testTransientFieldDifference() * LANG-1789: NullPointerException when generating NoSuchMethodException in MethodUtils * LANG-1786: Map deprecated TimeZone short IDs and avoid JRE WARNINGs to the console * LANG-1792: TypeUtils.toString() skips angle brackets for Class type * Mention JDK 25 LTS as a tested version in the release notes * Changes: * Bump org.apache.commons:commons-parent from 88 to 92 * Update to 3.19.0 * New features: * Add ArrayUtils.SOFT_MAX_ARRAY_LENGTH * Add SystemUtils.IS_OS_NETWARE * Add MethodUtils.getAccessibleMethod(Class, Method) * Add documentation to site for CVE-2025-48924 ClassUtils.getClass(...) can throw a StackOverflowError on very long inputs * Add StringUtils.indexOfAny(CharSequence, int, char...) * Add ConcurrentException.ConcurrentException(String) * Add DateUtils.toLocalDateTime(Date[, TimeZone]) * Add DateUtils.toOffsetDateTime(Date[, TimeZone]) * Add DateUtils.toZonedDateTime(Date[, TimeZone]) * Add ByteConsumer * Add ByteSupplier * Add FailableByteConsumer * Add FailableByteSupplier * LANG-1784: Add Functions methods for null-safe mapping and chaining * LANG-1784: Add Failable methods for null-safe mapping and chaining * Add DoubleRange.fit(double) * Add IntegerRange.fit(int) * Add LongRange.fit(long) * Add DurationUtils.get(String, TemporalUnit, long) * Add DurationUtils.getMillis(String, long) * Add DurationUtils.getSeconds(String, long) * Add SystemProperties.getBoolean(Class, String, boolean) * Add SystemProperties.getInt(Class, String, int) * Add SystemProperties.getLong(Class, String, long) * Fixed Bugs: * LANG-1778: MethodUtils.getMatchingMethod() doesn't respect the hierarchy of methods * MethodUtils.getMethodObject(Class, String, Class...) now returns null instead of throwing a NullPointerException, as it does for other exception types * Reduce spurious failures in ArrayUtilsTest methods that test ArrayUtils.shuffle() methods * MethodUtils cannot find or invoke a public method on a public class implemented in its package-private superclass * AtomicSafeInitializer.get() can spin internally if the FailableSupplier given to AbstractConcurrentInitializer .AbstractBuilder.setInitializer(FailableSupplier) throws a RuntimeException * LANG-1783: WordUtils.containsAllWords?() may throw PatternSyntaxException * LANG-1782: MethodUtils cannot find or invoke vararg methods without providing vararg types or values * MethodUtils cannot find or invoke vararg methods of interface types * MethodUtils cannot find or invoke vararg methods when widening primitive types following the JLS 5.1.2. Widening Primitive Conversion * LANG-1597: Invocation fails because matching varargs method found but then discarded * Don't check accessibility twice in MemberUtils .setAccessibleWorkaround(T) * LANG-1774: Improve handling of ClassUtils .getShortCanonicalName() for invalid input * LANG-1720: Improve Javadocs for Conversion * Fix CalendarUtils.toLocalDate() Javadoc return type description * Fix the method name in Javadoc examples for CharUtils.isHex() * Deprecate NumberUtils.compare(byte, byte) in favor of Byte.compare(byte, byte) * Deprecate NumberUtils.compare(int, int) in favor of Integer.compare(int, int) * Deprecate NumberUtils.compare(long, long) in favor of Long.compare(long, long) * Deprecate NumberUtils.compare(short, short) in favor of Short.compare(short, short) * Deprecate obsolete system property constant SystemProperties.AWT_TOOLKIT * Deprecate obsolete system property constant SystemProperties.JAVA_AWT_FONTS * Deprecate obsolete system property constant SystemProperties.JAVA_AWT_GRAPHICSENV * Deprecate obsolete system property constant SystemProperties.JAVA_AWT_HEADLESS * Deprecate obsolete system property constant SystemProperties.JAVA_AWT_PRINTERJOB * Deprecate obsolete system property constant SystemProperties.JAVA_COMPILER * Deprecate obsolete system property constant SystemProperties.JAVA_ENDORSED_DIRS * Deprecate obsolete system property constant SystemProperties.JAVA_EXT_DIRS * Deprecate method for obsolete system property constant SystemProperties.getAwtToolkit() * Deprecate method for obsolete system property constant SystemProperties.getJavaAwtFonts() * Deprecate method for obsolete system property constant SystemProperties.getJavaAwtGraphicsenv() * Deprecate method for obsolete system property constant SystemProperties.getJavaAwtHeadless() * Deprecate method for obsolete system property constant SystemProperties.getJavaAwtPrinterjob() * Deprecate method for obsolete system property constant SystemProperties.getJavaCompiler() * Deprecate method for obsolete system property constant SystemProperties.getJavaEndorsedDirs() * Deprecate method for obsolete system property constant SystemProperties.getJavaExtDirs() * Deprecate method for obsolete system property constant SystemUtils.isJavaAwtHeadless() * Deprecate constants for obsolete system property SystemUtils.JAVA_AWT_FONTS * Deprecate constants for obsolete system property SystemUtils.JAVA_AWT_GRAPHICSENV * Deprecate constants for obsolete system property SystemUtils.JAVA_AWT_HEADLESS * Deprecate constants for obsolete system property SystemUtils.JAVA_AWT_PRINTERJOB * Deprecate constants for obsolete system property SystemUtils.JAVA_COMPILER * Deprecate constants for obsolete system property SystemUtils.JAVA_ENDORSED_DIRS * Deprecate constants for obsolete system property SystemUtils.JAVA_EXT_DIRS * [javadoc] General improvements * [javadoc] Fix thrown exception documentation for MethodUtils.getMethodObject(Class, String, Class...) * [javadoc] Strings::equalsAny: CI doc string should show it's insensitive * [javadoc] General Javadoc improvements * LANG-1780: [javadoc] Fix Strings Javadoc * [javadoc] Fix typo in Javadoc of Strings instances * [javadoc] Fix Javadocs in ClassUtils * [javadoc] Fix @deprecated link for StringUtils#startsWithAny * Replace old feather logotype with new oak logotype * Changes: * [test] Bump org.apache.commons:commons-text from 1.13.1 to 1.14.0 * Bump org.apache.commons:commons-parent from 85 to 88 * Update to 3.18.0 * Fix component version in default.properties to 3.12 * Add and use LocaleUtils.toLocale(Locale) to avoid NPEs. * Add FailableShortSupplier, handy for JDBC APIs. * Add JavaVersion.JAVA_17. * Add StringUtils.substringBefore(String, int). * Add Range.INTEGER. * Add DurationUtils. * Correct implementation of RandomUtils.nextLong(long, long). * Update maven-surefire-plugin 2.22.2 -> 3.0.0-M5. * Bump junit-bom from 5.7.0 to 5.7.1. * Ignored exception 'ignored', should not be called so. * Change array style from 'int a[]' to 'int[] a'. Changes in apache-commons-text: * Upgrade to version 1.15.0 * New features * Add experimental CycloneDX VEX file * TEXT-235: Add Damerau-Levenshtein distance * Add unit tests to increase coverage * Add new test for CharSequenceTranslator#with() * Add tests and assertions to org.apache.commons.text.similarity to get to 100% code coverage * Fixed Bugs * Fix exception message typo in XmlStringLookup .XmlStringLookup(Map, Path...) * TEXT-236: Inserting at the end of a TextStringBuilder throws a StringIndexOutOfBoundsException * Fix TextStringBuilderTest.testAppendToCharBuffer() to use proper argument type * Fix Apache RAT plugin console warnings * Fix site XML to use version 2.0.0 XML schema * Removed unreachable threshold verification code in src/main/java/org/apache/commons/text/similarity * Enable secure processing for the XML parser in XmlStringLookup in case the underlying JAXP implementation doesn't * Upgrade to version 1.14.0 * New features * Interface StringLookup now extends UnaryOperator * Interface TextRandomProvider extends IntUnaryOperator * Add RandomStringGenerator.Builder .usingRandom(IntUnaryOperator) * Add PMD check to default Maven goal * Add org.apache.commons.text.RandomStringGenerator.Builder .setAccumulate(boolean) * Fixed Bugs * Fix PMD UnnecessaryFullyQualifiedName in StringLookupFactory * Fix PMD UnnecessaryFullyQualifiedName in DefaultStringLookupsHolder * Fix PMD UnnecessaryFullyQualifiedName in PropertiesStringLookup * Fix PMD UnnecessaryFullyQualifiedName in JavaPlatformStringLookup * Fix PMD UnnecessaryFullyQualifiedName in StringSubstitutor * Fix PMD UnnecessaryFullyQualifiedName in StrSubstitutor * Fix PMD UnnecessaryFullyQualifiedName in AlphabetConverter * Fix PMD AvoidBranchingStatementAsLastInLoop in TextStringBuilder * Fix PMD AvoidBranchingStatementAsLastInLoop in StrBuilder * org.apache.commons.text.translate.LookupTranslator .LookupTranslator(Map CharSequence>) now throws NullPointerException instead of java.security.InvalidParameterException * Upgrade to version 1.13.1 * Fixed Bugs * Remove -nouses directive from maven-bundle-plugin. OSGi package imports now state 'uses' definitions for package imports, this doesn't affect JPMS (from org.apache.commons:commons-parent:80) * Deprecate EntityArrays.EntityArrays() * StringLookupFactory.DefaultStringLookupsHolder .createDefaultStringLookups() maps DefaultStringLookup .LOCAL_HOST twice instead of once for LOCAL_HOST and LOOPBACK_ADDRESS * Upgrade to version 1.13.0 * New features * Add StringLookupFactory.loopbackAddressStringLookup() * Add StringLookupFactory.KEY_LOOPBACK_ADDRESS * Add DefaultStringLookup.LOOPBACK_ADDRESS * Add richer inputs in package org.apache.commons.text .similarity with SimilarityInput * Add HammingDistance.apply(SimilarityInput, SimilarityInput) * Add JaccardDistance.apply(SimilarityInput, SimilarityInput) * Add JaccardSimilarity.apply(SimilarityInput, SimilarityInput) * Add JaroWinklerDistance.apply(SimilarityInput, SimilarityInput) * Add JaroWinklerSimilarity.apply(SimilarityInput, SimilarityInput) * Add LevenshteinDetailedDistance.apply(SimilarityInput, SimilarityInput) * Add LevenshteinDistance.apply(SimilarityInput, SimilarityInput) * Fixed Bugs * Fix build on Java 22 * Fix build on Java 23-ea * Make package-private constructor private: StrLookup.MapStrLookup.MapStrLookup(Map) * Make package-private constructor private: StrLookup .SystemPropertiesStrLookup.SystemPropertiesStrLookup() * Make package-private class private and final: MapStrLookup * Make package-private class private: StrMatcher.CharMatcher * Make package-private class private: StrMatcher.CharSetMatcher * Make package-private class private: StrMatcher.NoMatcher * Make package-private class private: StrMatcher.StringMatcher * Make package-private class private: StrMatcher.TrimMatcher * Make package-private class private and final: IntersectionSimilarity.BagCount * Make package-private class private and final: IntersectionSimilarity.TinyCount * Deprecate LevenshteinDistance.LevenshteinDistance() in favor of LevenshteinDistance.getDefaultInstance() * Deprecate LevenshteinDetailedDistance .LevenshteinDetailedDistance() in favor of LevenshteinDetailedDistance.getDefaultInstance() * TEXT-234: Improve StrBuilder documentation for new line text * TEXT-234: Improve TextStringBuilder documentation for new line text * TEXT-233: Required OSGi Import-Package version numbers in MANIFEST.MF * Upgrade to version 1.12.0 * New features * Add StringLookupFactory.fileStringLookup(Path...) and deprecated fileStringLookup() * Add StringLookupFactory.propertiesStringLookup(Path...) and deprecated propertiesStringLookup() * Add StringLookupFactory.xmlStringLookup(Map, Path...) and deprecated xmlStringLookup() and xmlStringLookup(Map) * Add StringLookupFactory.builder() for fencing Path resolution of the file, properties and XML lookups * Add DoubleFormat.Builder.get() as Builder now implements Supplier * Fixed Bugs * TEXT-232: WordUtils.containsAllWords?() may throw PatternSyntaxException * TEXT-175: Fix regression for determining whitespace in WordUtils * Deprecate Builder in favor of Supplier * Upgrade to version 1.11.0 * New features * TEXT-224: Set SecureProcessing feature in XmlStringLookup by default * TEXT-224: Add StringLookupFactory.xmlStringLookup(Map...) * Add @FunctionalInterface to FormatFactory * Add RandomStringGenerator.builder() * TEXT-229: Add XmlEncoderStringLookup/XmlDecoderStringLookup * Add StringSubstitutor.toString() * Fixed Bugs * TEXT-219: Fix StringTokenizer.getTokenList to return an independent modifiable list * Fix Javadoc for StringEscapeUtils.escapeHtml4 * TextStringBuidler#hashCode() allocates a String on each call * TEXT-221: Fix Bundle-SymbolicName to use the package name org.apache.commons.text * Add and use a package-private singleton for RegexTokenizer * Add and use a package-private singleton for CosineSimilarity * Add and use a package-private singleton for LongestCommonSubsequence * Add and use a package-private singleton for JaroWinklerSimilarity * Add and use a package-private singleton for JaccardSimilarity * [StepSecurity] ci: Harden GitHub Actions * Improve AlphabetConverter Javadoc * Fix exception message in IntersectionResult to make set-theoretic sense * Add null-check in RandomStringGenerator#Builder#selectFrom() to avoid NullPointerException * Add null-check in RandomStringGenerator#Builder#withinRange() to avoid NullPointerException * TEXT-228: Fix TextStringBuilder to over-allocate when ensuring capacity * Constructor for ResourceBundleStringLookup should be private instead of package-private * Constructor for UrlDecoderStringLookup should be private instead of package-private * Constructor for UrlEncoderStringLookup should be private instead of package-private * TEXT-230: Javadoc of org.apache.commons.text.lookup .DefaultStringLookup.XML is incorrect * Update DoubleFormat to state it is based on Double.toString * Removed non-existing parameter from Javadocs and spelled out * StringEscapeUtils.unescapeCsv doesn't remove quotes at begin * Refactor TextStringBuilder.readFrom(Readable), extracting * Add org.apache.commons.text.TextStringBuilder.drainChars(int, * Add org.apache.commons.text.TextStringBuilder.wrap(char[], Changes in apache-commons-configuration2: * Upgrade to version 2.15.0 * Changes * Disable include schemes http[s] by default, see AbstractFileLocationStrategy * Detect and avoid processing cycles in YAML input (YAMLConfiguration) (bsc#1265299, CVE-2026-45205) * Extend scheme validation to inner schemes of jar: URLs * Upgrade to version 2.14.0 * New features * Add XMLConfiguration.read(Element) * Add ConfigurationException.ConfigurationException(String, Object...) * Add ConfigurationException.ConfigurationException(Throwable, String, Object...) * Add ConversionException.ConversionException(String, Object...) * Add ConversionException.ConversionException(Throwable, String, Object...) * Add ConfigurationRuntimeException .ConfigurationRuntimeException(Throwable, String, Object...) * Fixed Bugs * Fix Apache RAT plugin console warnings * Migrate from deprecated APIs * Upgrade to version 2.13.0 * New features * Add org.apache.commons.configuration2.ImmutableConfiguration .entrySet() * Add org.apache.commons.configuration2.ImmutableConfiguration .forEach(BiConsumer) * Add VEX entry for CVE-2025-48924 * Fixed Bugs * Shared primitive variable "throwExceptionOnMissing" in one thread may not yield the value of the most recent write from another thread [org.apache.commons.configuration2 .AbstractConfiguration] At AbstractConfiguration.java: [line 1493] AT_STALE_THREAD_WRITE_OF_PRIMITIVE * Shared primitive variable "forceSingleLine" in one thread may not yield the value of the most recent write from another thread [org.apache.commons.configuration2 .PropertiesConfigurationLayout] At PropertiesConfigurationLayout.java:[line 821] AT_STALE_THREAD_WRITE_OF_PRIMITIVE * CONFIGURATION-849: Fix undoubling of strings * CONFIGURATION-852: Mark the package jakarta.servlet.* import as optional in OSGi * Fix build [WARNING] Parameter 'forkMode' is unknown for plugin 'maven-surefire-plugin:3.5.3:test (default-test)' * Upgrade to version 2.12.0 * New features: * Add PrefixedKeysIterator.toString() to package-private PrefixedKeysIterator * CONFIGURATION-836: New web configurations using the jakarta.servlet namespace are now available * CONFIGURATION-836: Add org.apache.commons.configuration2.web .JakartaServletConfiguration * CONFIGURATION-836: Add org.apache.commons.configuration2.web .JakartaServletContextConfiguration * CONFIGURATION-836: Add org.apache.commons.configuration2.web .JakartaServletFilterConfiguration * CONFIGURATION-836: Add org.apache.commons.configuration2.web .JakartaServletRequestConfiguration * Add org.apache.commons.configuration2 .AbstractHierarchicalConfiguration.getKeysInternal(String, String) * Fixed Bugs: * PropertyConverter.to(Class, Object, DefaultConversionHandler) doesn't convert custom java.lang.Number subclasses * DefaultConversionHandler.convertValue(Object, Class, ConfigurationInterpolator) doesn't convert custom java.lang .Number subclasses * DefaultConversionHandler.to(Object, Class, ConfigurationInterpolator) doesn't convert custom java.lang .Number subclasses * CONFIGURATION-848: SubsetConfiguration does not account for delimiters as it did in 2.9.0 * CONFIGURATION-848: CompositeConfiguration does not account for delimiters as it did in 2.9.0 * Describe the security model * De-emphasize the 1.x version line on the website * CONFIGURATION-851: HomeDirectoryLocationStrategy no longer resolves the user HOME directory correctly * Upgrade to version 2.11.0 * New features * CONFIGURATION-844: Add support for empty sections * Add ImmutableConfiguration.containsValue(Object) * Fixed Bugs * Fail-fast with a NullPointerException if DataConfiguration .DataConfiguration(Configuration) is called with null * Fail-fast with a NullPointerException if XMLPropertiesConfiguration.XMLPropertiesConfiguration(Element) is called with null * Fail-fast with a NullPointerException if a SubsetConfiguration constructor is called with a null Configuration * CONFIGURATION-843: Methods should not be empty * Guard MapConfiguration against null maps * Fail-fast with a NullPointerException if AppletConfiguration(Applet) is called with null * Fail-fast with a NullPointerException if ServletConfiguration(Servlet) is called with null * Fail-fast with a NullPointerException if ServletConfiguration(ServletConfig) is called with null * Fail-fast with a NullPointerException if ServletContextConfiguration(Servlet) is called with null * Fail-fast with a NullPointerException if ServletContextConfiguration(ServletContext) is called with null * Fail-fast with a NullPointerException if ServletFilterConfiguration(FilterConfig) is called with null * Fail-fast with a NullPointerException if ServletRequestConfiguration(ServletRequest) is called with null * Deprecate DatabaseConfiguration.getDatasource() in favor of getDataSource() * Fix PMD DynamicCombinedConfiguration in AbstractImmutableNodeHandler * Fix PMD DynamicCombinedConfiguration in AbstractListDelimiterHandler * Fix PMD DynamicCombinedConfiguration in DefaultPrefixLookupsHolder * Fix PMD DynamicCombinedConfiguration in DynamicCombinedConfiguration * Fix PMD DynamicCombinedConfiguration in PropertiesConfiguration * CONFIGURATION-846: Restore previous behavior allowing Spring to inject multiple values * CONFIGURATION-847: Property with an empty string value was not processed Changes in apache-commons-cli: * Update to 1.11.0 * New Features * Add CommandLine.getOptionCount() to measure option repetition * Fixed Bugs * CLI-351: Multiple trailing BREAK_CHAR_SET characters cause infinite loop in HelpFormatter * CLI-351: Fix issue with groups not being reported in help output Changes in apache-commons-io: * Upgrade to 2.22.0 * New features * Add and use IOUtils.closeQuietlySuppress(Closeable, Throwable) * Add ProxyWriter.setReference(Writer) * Add ProxyWriter.unwrap() * Add ProxyReader.setReference(Reader) +Add ProxyReader.unrwap() * IO-883: ByteArraySeekableByteChannel should optionally configure a read-only channel * IO-883: Add ByteArraySeekableByteChannel.Builder and builder() * IO-883: Add AbstractStreamBuilder.getByteArray() * CloseShieldInputStream now supports a custom close shield as a function * Add FlushShieldOutputStream to workaround issues in generic code that ends up calling third parties like like org.tukaani.xz.LZMAOutputStream.flush() * Add filter channels * Fixed Bugs * Fix Apache RAT plugin console warnings * ByteArraySeekableByteChannel.position(long) and truncate(long) shouldn't throw an IllegalArgumentException for a new positive position that's too large * Fix malformed Javadoc comments * ReadAheadInputStream.close() doesn't always close its filtered input stream * ReadAheadInputStream now restores the current thread's interrupt flag when catching InterruptedException * FileAlterationMonitor.stop(long) now restores the current thread's interrupt flag when catching InterruptedException * FileCleaningTracker now restores the current thread's interrupt flag when catching InterruptedException * ThreadMonitor.run() now restores the current thread's interrupt flag when catching InterruptedException * ThrottledInputStream.throttle() now restores the current thread's interrupt flag when catching InterruptedException * ThrottledInputStream.throttle() doesn't preserve the original InterruptedException as the cause of its InterruptedIOException * All thread names are now prefixed with "commons-io-" * IO-639: ReversedLinesFileReader does not read first line if its empty * IO-886: Fixed incorrect regular expression in PathUtils.RelativeSortedPaths.extractKey(String, String) * Fix typos in Javadoc of FileUtils and related test classes * IO-887: WriterOutputStream from a builder fails on malformed or unmappable input bytes * BoundedReader now extends ProxyReader * AbstractStreamBuilder.setOpenOptions(OpenOption...) now makes a defensive copy of its input array * IO-885: Path visits follow links * BOMInputStream fail-fast and tracks its ByteOrderMark as a final * Refactor UnixLineEndingInputStream and WindowsLineEndingInputStream for duplication * IO-857: [Javadoc] PathUtils.cleanDirectory() methods vs FileUtils * Fix JaCoCo report generation (code coverage) * AbstractStreamBuilder.setBufferSizeDefault(int) now resets to default for input less than or equal to zero * Changes * Bump org.apache.commons:commons-parent from 91 to 98 * Bump commons-codec:commons-codec from 1.19.0 to 1.21.0 * Bump commons.bytebuddy.version from 1.17.8 to 1.18.8 * Bump commons-lang3 from 3.19.0 to 3.20.0 Changes in apache-commons-codec: * Update to 1.22.0 * New features * CODEC-326: Add Base58 support * Add BaseNCodecInputStream.AbstracBuilder.setByteArray(byte[]) * CODEC-335: Add GitIdentifiers to compute Git blob and tree object identifiers * Fixed Bugs * CODEC-249: Fix Incorrect transform of CH digraph according Metaphone basic rules #423 * CODEC-317: ColognePhonetic can create duplicate consecutive codes in some cases * Add boundary tests for BinaryCodec.fromAscii partial-bit inputs #425 * CODEC-336: Base64.Builder.setUrlSafe(boolean) Javadoc incorrectly states null is accepted for primitive boolean parameter * Changes * Bump org.apache.commons:commons-parent from 96 to 98 * Update to 1.21.0 * New features * CODEC-333: Add distinct Base64 decoding for standard and URL-safe formats * Fixed Bugs * Fix oak leaf icon references in overview.html when running 'mvn clean javadoc:javadoc' * Fix Apache RAT plugin console warnings * Fix malformed Javadoc comments * Changes * Bump org.apache.commons:commons-parent from 91 to 96 #415, #418 * Bump commons-io:commons-io from 2.20.0 to 2.21.0 * Bump org.apache.commons:commons-lang3 from 3.19.0 to 3.20.0 * Update to 1.20.0 * New features * Add org.apache.commons.codec.digest.Crc16 * Add builders to org.apache.commons.codec.digest streams and deprecate some old constructors * Add builder to Base16 streams and deprecate some old constructors * Add support for SHAKE128-256 and SHAKE256-512 to 'DigestUtils' and 'MessageDigestAlgorithms' on Java 25 and up * Add BaseNCodec.AbstractBuilder.setDecodeTable(byte[]) and refactor subclasses * Changes * Deprecate all but one Base32 constructor in favor of the builder added in version 1.17.0 * Deprecate all but one Base64 constructor in favor of the builder added in version 1.17.0 * BaseNCodecInputStream subclasses are now type-safe to match its matching BaseNCodec * BaseNCodecOutputStream subclasses are now type-safe to match its matching BaseNCodec * Bump org.apache.commons:commons-parent from 85 to 91 * [test] Bump org.apache.commons:commons-lang3 from 3.18.0 to 3.19.0 * Update to 1.19.0 * New features * Add HmacUtils.hmac(Path) * Add HmacUtils.hmacHex(Path) * Add PMD check to the default Maven goal * Add SpotBugs check to the default Maven goal * Fixed Bugs * Remove -nouses directive from maven-bundle-plugin. OSGi package imports now state 'uses' definitions for package imports, this doesn't affect JPMS (from org.apache.commons:commons-parent:80) * Refactor DigestUtils.updateDigest(MessageDigest, File) to use NIO * CODEC-328: Clarify Javadoc for org.apache.commons.codec.digest.UnixCrypt.crypt(byte[],String) * Precompile regular expressions in DaitchMokotoffSoundex.Rule * Precompile regular expressions in DaitchMokotoffSoundex.parseRules(Scanner, String, Map, Map) * Precompile regular expressions in Lang.loadFromResource(String, Languages) * Precompile regular expressions in PhoneticEngine.encode(String, LanguageSet) * Precompile regular expressions in org.apache.commons.codec.language.bm.Rule.parse _(_) * Remove redundant checks for whitespace in DaitchMokotoffSoundex.soundex(String, boolean) * Javadoc typo in Base16.java #380 * Deprecate unused constant org.apache.commons.codec.language.bm .Rule.ALL * CODEC-331: org.apache.commons.codec.language.bm.Rule .parsePhonemeExpr(String) adds duplicate empty phoneme when input ends with | * CODEC-331: org.apache.commons.codec.language .DaitchMokotoffSoundex.cleanup(String) does not remove special characters like punctuation * Fix PMD multiple UnnecessaryFullyQualifiedName in org.apache.commons.codec.binary.StringUtils * Fix PMD UnusedFormalParameter in private constructor in org.apache.commons.codec.binary.Base16 * Fix PMD multiple UnnecessaryFullyQualifiedName in org.apache.commons.codec.digest.Blake3 * Fix PMD UnnecessaryFullyQualifiedName in org.apache.commons.codec.digest.Md5Crypt * Fix PMD EmptyControlStatement in org.apache.commons.codec.language.Metaphone * Fix SpotBugs [ERROR] Medium: org.apache.commons.codec.binary .BaseNCodec$AbstractBuilder.setEncodeTable(byte[]) may expose internal representation by storing an externally mutable object into BaseNCodec$AbstractBuilder.encodeTable [org.apache .commons.codec.binary.BaseNCodec$AbstractBuilder] At BaseNCodec.java:[line 131] EI_EXPOSE_REP2 * The method org.apache.commons.codec.binary.BaseNCodec .AbstractBuilder.setLineSeparator(byte...) now makes a defensive copy * Avoid unnecessary String conversion in org.apache.commons.codec.language.bm.PhoneticEngine .applyFinalRules(PhonemeBuilder, Map) * Fix SpotBugs [ERROR] High: Potentially dangerous use of non-short-circuit logic in org.apache.commons.codec.language .DaitchMokotoffSoundex.cleanup(String) [org.apache.commons.codec.language.DaitchMokotoffSoundex] At DaitchMokotoffSoundex.java:[line 350] NS_DANGEROUS_NON_SHORT_CIRCUIT * Changes * Bump org.apache.commons:commons-parent from 79 to 85 #375 * [test] Bump commons-io:commons-io from 2.18.0 to 2.20.0 * [test] Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 #386 * Update to 1.16.0: * Bump jacoco-maven-plugin from 0.8.7 to 0.8.8. * Support java.nio.ByteBuffer in * Fixed bugs: * Don't condition the maven defines on release version, but on * Add Daitch-Mokotoff Soundex * Make possible to provide padding byte to BaseNCodec in constructor urlSafe parameter is mandatory to call close() * Add support for HMAC Message Authentication Code (MAC) digests * Beider Morse Phonetic Matching producing incorrect tokens using empty strings Issue: CODEC-184. * Fix Javadoc 1.8.0 errors * Fix Java 8 build Javadoc errors Issue: CODEC-189. * Deprecate Charsets Charset constants in favor of Java 7's java.nio.charset.StandardCharsets Issue: CODEC-178. * Update from commons-parent 34 to 35 Issue: CODEC-190. * update to 1.8 * Add DigestUtils.updateDigest(MessageDigest, InputStream) * Add Match Rating Approach (MRA) phonetic algorithm encoder * ColognePhonetic encoder unnecessarily creates many char arrays on every loop run * add junit4 to fix a build fail * update to 1.6, sync with Fedora ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-822=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-822=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (noarch) * apache-commons-io-2.22.0-160000.1.1 * apache-commons-codec-1.22.0-160000.1.1 * apache-commons-cli-javadoc-1.11.0-160000.1.1 * apache-commons-configuration2-javadoc-2.15.0-160000.1.1 * apache-commons-lang3-javadoc-3.20.0-160000.1.1 * apache-commons-text-1.15.0-160000.1.1 * apache-commons-text-javadoc-1.15.0-160000.1.1 * apache-commons-cli-1.11.0-160000.1.1 * apache-commons-codec-javadoc-1.22.0-160000.1.1 * apache-commons-configuration2-2.15.0-160000.1.1 * apache-commons-lang3-3.20.0-160000.1.1 * apache-commons-io-javadoc-2.22.0-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * apache-commons-io-2.22.0-160000.1.1 * apache-commons-codec-1.22.0-160000.1.1 * apache-commons-cli-javadoc-1.11.0-160000.1.1 * apache-commons-configuration2-javadoc-2.15.0-160000.1.1 * apache-commons-lang3-javadoc-3.20.0-160000.1.1 * apache-commons-text-1.15.0-160000.1.1 * apache-commons-text-javadoc-1.15.0-160000.1.1 * apache-commons-cli-1.11.0-160000.1.1 * apache-commons-codec-javadoc-1.22.0-160000.1.1 * apache-commons-configuration2-2.15.0-160000.1.1 * apache-commons-lang3-3.20.0-160000.1.1 * apache-commons-io-javadoc-2.22.0-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-48924.html * https://www.suse.com/security/cve/CVE-2026-45205.html * https://bugzilla.suse.com/show_bug.cgi?id=1265299 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:35:07 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:35:07 -0000 Subject: SUSE-SU-2026:21995-1: important: Security update for openjpeg2 Message-ID: <178095090712.27.11726657412281547717@5a3a51eaee51> # Security update for openjpeg2 Announcement ID: SUSE-SU-2026:21995-1 Release Date: 2026-05-29T08:43:29Z Rating: important References: * bsc#1247650 Cross-References: * CVE-2025-54874 CVSS scores: * CVE-2025-54874 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54874 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-54874 ( NVD ): 6.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-54874 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for openjpeg2 fixes the following issue * CVE-2025-54874: openjpeg: missing error check can lead to the use of an uninitialized pointer and cause an out-of- bounds heap memory write (bsc#1247650). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-823=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-823=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * openjpeg2-debuginfo-2.5.3-160000.4.1 * openjpeg2-devel-2.5.3-160000.4.1 * openjpeg2-debugsource-2.5.3-160000.4.1 * openjpeg2-2.5.3-160000.4.1 * libopenjp2-7-2.5.3-160000.4.1 * libopenjp2-7-debuginfo-2.5.3-160000.4.1 * SUSE Linux Enterprise Server 16.0 (noarch) * openjpeg2-devel-doc-2.5.3-160000.4.1 * SUSE Linux Enterprise Server 16.0 (x86_64) * libopenjp2-7-x86-64-v3-debuginfo-2.5.3-160000.4.1 * libopenjp2-7-x86-64-v3-2.5.3-160000.4.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * openjpeg2-debuginfo-2.5.3-160000.4.1 * openjpeg2-devel-2.5.3-160000.4.1 * openjpeg2-debugsource-2.5.3-160000.4.1 * openjpeg2-2.5.3-160000.4.1 * libopenjp2-7-2.5.3-160000.4.1 * libopenjp2-7-debuginfo-2.5.3-160000.4.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * openjpeg2-devel-doc-2.5.3-160000.4.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (x86_64) * libopenjp2-7-x86-64-v3-debuginfo-2.5.3-160000.4.1 * libopenjp2-7-x86-64-v3-2.5.3-160000.4.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54874.html * https://bugzilla.suse.com/show_bug.cgi?id=1247650 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:35:11 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:35:11 -0000 Subject: SUSE-SU-2026:21994-1: moderate: Security update for csync2 Message-ID: <178095091122.27.1092005192404731764@5a3a51eaee51> # Security update for csync2 Announcement ID: SUSE-SU-2026:21994-1 Release Date: 2026-06-03T10:13:39Z Rating: moderate References: * bsc#1262472 * jsc#PED-14855 Cross-References: * CVE-2026-41051 CVSS scores: * CVE-2026-41051 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-41051 ( SUSE ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H * CVE-2026-41051 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-41051 ( NVD ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server High Availability Extension 16.0 An update that solves one vulnerability and contains one feature can now be installed. ## Description: This update for csync2 fixes the following issues Security issue: * CVE-2026-41051: uses insecure temporary directories when compiled with C99 or later (bsc#1262472). Non security issue: * Fix packages for Immutable Mode (jsc#PED-14855). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server High Availability Extension 16.0 zypper in -t patch SUSE-SLES-HA-16.0-886=1 ## Package List: * SUSE Linux Enterprise Server High Availability Extension 16.0 (ppc64le s390x x86_64) * csync2-2.0+git.1600444747.83b3644-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-41051.html * https://bugzilla.suse.com/show_bug.cgi?id=1262472 * https://jira.suse.com/browse/PED-14855 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:35:33 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:35:33 -0000 Subject: SUSE-SU-2026:2303-1: important: Security update for postgresql17 Message-ID: <178095093390.27.9789376921987451762@5a3a51eaee51> # Security update for postgresql17 Announcement ID: SUSE-SU-2026:2303-1 Release Date: 2026-06-08T15:27:52Z Rating: important References: * bsc#1245875 * bsc#1263804 * bsc#1265172 * bsc#1265173 * bsc#1265174 * bsc#1265175 * bsc#1265176 * bsc#1265177 * bsc#1265178 * bsc#1265179 * bsc#1265181 * bsc#1265182 * jsc#PED-14825 Cross-References: * CVE-2026-6472 * CVE-2026-6473 * CVE-2026-6474 * CVE-2026-6475 * CVE-2026-6476 * CVE-2026-6477 * CVE-2026-6478 * CVE-2026-6479 * CVE-2026-6637 * CVE-2026-6638 CVSS scores: * CVE-2026-6472 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6472 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6473 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6473 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6474 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6474 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6475 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6475 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6476 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6476 ( NVD ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6477 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6477 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6478 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6478 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6479 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6479 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6637 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6637 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6638 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N * CVE-2026-6638 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N * CVE-2026-6638 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 10 vulnerabilities, contains one feature and has two security fixes can now be installed. ## Description: This update for postgresql17 fixes the following issues Update to version 17.10. Security issues: * CVE-2026-6472: ensure the user has CREATE privilege on the schema specified (bsc#1265172). * CVE-2026-6473: integer overflows in memory-allocation calculations (bsc#1265173). * CVE-2026-6474: Guard against malicious time zone names (bsc#1265174). * CVE-2026-6475: Prevent path traversal in pg_basebackup and pg_rewind (bsc#1265175). * CVE-2026-6476: Properly quote subscription names in pg_createsubscriber (bsc#1265176). * CVE-2026-6477: Mark PQfn() as unsafe, and avoid using it within libpq (bsc#1265177). * CVE-2026-6478: Use timing-safe string comparisons in authentication code (bsc#1265178). * CVE-2026-6479: Prevent unbounded recursion while processing startup packets (bsc#1265179). * CVE-2026-6637: Prevent SQL injection and buffer overruns in contrib/spi (bsc#1265181). * CVE-2026-6638: Properly quote object names in logical replication origin checks (bsc#1265182). Non security issue: * Get rid of update-alternatives for openSUSE/SLE 16.0 and newer to support immutable systems and transactional updates (jsc#PED-14825 bsc#1245875). * /usr/bin/pg_config is missing after migrating away from update-alternatives (bsc#1263804). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2303=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2303=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2303=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2303=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2303=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2303=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2303=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2303=1 ## Package List: * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql17-devel-debuginfo-17.10-150200.5.28.1 * postgresql17-server-devel-17.10-150200.5.28.1 * postgresql17-contrib-17.10-150200.5.28.1 * postgresql17-server-debuginfo-17.10-150200.5.28.1 * postgresql17-llvmjit-17.10-150200.5.28.1 * postgresql17-plperl-17.10-150200.5.28.1 * postgresql17-17.10-150200.5.28.1 * postgresql17-contrib-debuginfo-17.10-150200.5.28.1 * postgresql17-debuginfo-17.10-150200.5.28.1 * postgresql17-pltcl-17.10-150200.5.28.1 * postgresql17-pltcl-debuginfo-17.10-150200.5.28.1 * postgresql17-server-devel-debuginfo-17.10-150200.5.28.1 * postgresql17-debugsource-17.10-150200.5.28.1 * postgresql17-plpython-17.10-150200.5.28.1 * postgresql17-devel-17.10-150200.5.28.1 * postgresql17-llvmjit-devel-17.10-150200.5.28.1 * postgresql17-plpython-debuginfo-17.10-150200.5.28.1 * postgresql17-plperl-debuginfo-17.10-150200.5.28.1 * postgresql17-server-17.10-150200.5.28.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * postgresql17-docs-17.10-150200.5.28.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * postgresql17-devel-debuginfo-17.10-150200.5.28.1 * postgresql17-plperl-17.10-150200.5.28.1 * postgresql17-pltcl-debuginfo-17.10-150200.5.28.1 * postgresql17-devel-17.10-150200.5.28.1 * postgresql17-server-devel-17.10-150200.5.28.1 * postgresql17-plpython-debuginfo-17.10-150200.5.28.1 * postgresql17-server-devel-debuginfo-17.10-150200.5.28.1 * postgresql17-17.10-150200.5.28.1 * postgresql17-debugsource-17.10-150200.5.28.1 * postgresql17-debuginfo-17.10-150200.5.28.1 * postgresql17-contrib-17.10-150200.5.28.1 * postgresql17-contrib-debuginfo-17.10-150200.5.28.1 * postgresql17-plpython-17.10-150200.5.28.1 * postgresql17-plperl-debuginfo-17.10-150200.5.28.1 * postgresql17-server-debuginfo-17.10-150200.5.28.1 * postgresql17-server-17.10-150200.5.28.1 * postgresql17-pltcl-17.10-150200.5.28.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * postgresql17-docs-17.10-150200.5.28.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * postgresql17-debugsource-17.10-150200.5.28.1 * postgresql17-debuginfo-17.10-150200.5.28.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * postgresql17-debugsource-17.10-150200.5.28.1 * postgresql17-debuginfo-17.10-150200.5.28.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * postgresql17-devel-debuginfo-17.10-150200.5.28.1 * postgresql17-plperl-17.10-150200.5.28.1 * postgresql17-pltcl-debuginfo-17.10-150200.5.28.1 * postgresql17-devel-17.10-150200.5.28.1 * postgresql17-server-devel-17.10-150200.5.28.1 * postgresql17-plpython-debuginfo-17.10-150200.5.28.1 * postgresql17-server-devel-debuginfo-17.10-150200.5.28.1 * postgresql17-17.10-150200.5.28.1 * postgresql17-debugsource-17.10-150200.5.28.1 * postgresql17-contrib-17.10-150200.5.28.1 * postgresql17-contrib-debuginfo-17.10-150200.5.28.1 * postgresql17-debuginfo-17.10-150200.5.28.1 * postgresql17-plpython-17.10-150200.5.28.1 * postgresql17-plperl-debuginfo-17.10-150200.5.28.1 * postgresql17-server-debuginfo-17.10-150200.5.28.1 * postgresql17-server-17.10-150200.5.28.1 * postgresql17-pltcl-17.10-150200.5.28.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * postgresql17-docs-17.10-150200.5.28.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * postgresql17-debugsource-17.10-150200.5.28.1 * postgresql17-debuginfo-17.10-150200.5.28.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * postgresql17-devel-debuginfo-17.10-150200.5.28.1 * postgresql17-server-devel-17.10-150200.5.28.1 * postgresql17-contrib-17.10-150200.5.28.1 * postgresql17-server-debuginfo-17.10-150200.5.28.1 * postgresql17-llvmjit-17.10-150200.5.28.1 * postgresql17-plperl-17.10-150200.5.28.1 * postgresql17-17.10-150200.5.28.1 * postgresql17-contrib-debuginfo-17.10-150200.5.28.1 * postgresql17-debuginfo-17.10-150200.5.28.1 * postgresql17-pltcl-17.10-150200.5.28.1 * postgresql17-pltcl-debuginfo-17.10-150200.5.28.1 * postgresql17-server-devel-debuginfo-17.10-150200.5.28.1 * postgresql17-debugsource-17.10-150200.5.28.1 * postgresql17-plpython-17.10-150200.5.28.1 * postgresql17-devel-17.10-150200.5.28.1 * postgresql17-llvmjit-devel-17.10-150200.5.28.1 * postgresql17-plpython-debuginfo-17.10-150200.5.28.1 * postgresql17-plperl-debuginfo-17.10-150200.5.28.1 * postgresql17-server-17.10-150200.5.28.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * postgresql17-docs-17.10-150200.5.28.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * postgresql17-debugsource-17.10-150200.5.28.1 * postgresql17-debuginfo-17.10-150200.5.28.1 ## References: * https://www.suse.com/security/cve/CVE-2026-6472.html * https://www.suse.com/security/cve/CVE-2026-6473.html * https://www.suse.com/security/cve/CVE-2026-6474.html * https://www.suse.com/security/cve/CVE-2026-6475.html * https://www.suse.com/security/cve/CVE-2026-6476.html * https://www.suse.com/security/cve/CVE-2026-6477.html * https://www.suse.com/security/cve/CVE-2026-6478.html * https://www.suse.com/security/cve/CVE-2026-6479.html * https://www.suse.com/security/cve/CVE-2026-6637.html * https://www.suse.com/security/cve/CVE-2026-6638.html * https://bugzilla.suse.com/show_bug.cgi?id=1245875 * https://bugzilla.suse.com/show_bug.cgi?id=1263804 * https://bugzilla.suse.com/show_bug.cgi?id=1265172 * https://bugzilla.suse.com/show_bug.cgi?id=1265173 * https://bugzilla.suse.com/show_bug.cgi?id=1265174 * https://bugzilla.suse.com/show_bug.cgi?id=1265175 * https://bugzilla.suse.com/show_bug.cgi?id=1265176 * https://bugzilla.suse.com/show_bug.cgi?id=1265177 * https://bugzilla.suse.com/show_bug.cgi?id=1265178 * https://bugzilla.suse.com/show_bug.cgi?id=1265179 * https://bugzilla.suse.com/show_bug.cgi?id=1265181 * https://bugzilla.suse.com/show_bug.cgi?id=1265182 * https://jira.suse.com/browse/PED-14825 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:35:38 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:35:38 -0000 Subject: SUSE-SU-2026:2302-1: moderate: Security update for firewalld Message-ID: <178095093818.27.5158658589191690251@5a3a51eaee51> # Security update for firewalld Announcement ID: SUSE-SU-2026:2302-1 Release Date: 2026-06-08T15:27:07Z Rating: moderate References: * bsc#1260903 Cross-References: * CVE-2026-4948 CVSS scores: * CVE-2026-4948 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-4948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2026-4948 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for firewalld fixes the following issue: * CVE-2026-4948: local unprivileged users can modify the runtime firewall state without proper authentication due to D-Bus setter mis-authorizations (bsc#1260903). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2302=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2302=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2302=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2302=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2302=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2302=1 ## Package List: * openSUSE Leap 15.4 (noarch) * firewalld-lang-0.9.3-150400.8.15.1 * firewall-applet-0.9.3-150400.8.15.1 * firewalld-0.9.3-150400.8.15.1 * firewall-macros-0.9.3-150400.8.15.1 * python3-firewall-0.9.3-150400.8.15.1 * firewall-config-0.9.3-150400.8.15.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * python3-firewall-0.9.3-150400.8.15.1 * firewalld-0.9.3-150400.8.15.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * python3-firewall-0.9.3-150400.8.15.1 * firewalld-0.9.3-150400.8.15.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * python3-firewall-0.9.3-150400.8.15.1 * firewalld-0.9.3-150400.8.15.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * python3-firewall-0.9.3-150400.8.15.1 * firewalld-0.9.3-150400.8.15.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * python3-firewall-0.9.3-150400.8.15.1 * firewalld-0.9.3-150400.8.15.1 ## References: * https://www.suse.com/security/cve/CVE-2026-4948.html * https://bugzilla.suse.com/show_bug.cgi?id=1260903 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:35:50 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:35:50 -0000 Subject: SUSE-SU-2026:2301-1: moderate: Security update for mutt Message-ID: <178095095073.27.430949718732369689@5a3a51eaee51> # Security update for mutt Announcement ID: SUSE-SU-2026:2301-1 Release Date: 2026-06-08T13:55:10Z Rating: moderate References: * bsc#1263892 * bsc#1263893 * bsc#1263894 * bsc#1263895 * bsc#1263896 * bsc#1263897 * bsc#1264047 Cross-References: * CVE-2026-43859 * CVE-2026-43860 * CVE-2026-43861 * CVE-2026-43862 * CVE-2026-43863 * CVE-2026-43864 CVSS scores: * CVE-2026-43859 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-43859 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-43859 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-43860 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-43860 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-43860 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-43861 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-43861 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-43861 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-43862 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-43862 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-43862 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-43863 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-43863 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-43863 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-43864 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-43864 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-43864 ( NVD ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves six vulnerabilities and has one security fix can now be installed. ## Description: This update for mutt fixes the following issues * CVE-2026-43859: `strfcpy` used instead of `memcpy` for the IMAP `auth_cram` MD5 digest (bsc#1263897). * CVE-2026-43860: truncation of `hash_passwd` by one byte for IMAP `auth_cram` MD5 digest (bsc#1263896). * CVE-2026-43861: missing check for `\0` in `url_pct_decode` (bsc#1263895). * CVE-2026-43862: mishandling of the `imap_auth_gss` security level (bsc#1263894). * CVE-2026-43863: infinite loop in `data_object_to_stream` in `crypt-gpgme.c` (bsc#1263893). * CVE-2026-43864: NULL pointer dereference in function `show_sig_summary` (bsc#1263892). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2301=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2301=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * mutt-debuginfo-2.2.14-150600.3.6.1 * mutt-2.2.14-150600.3.6.1 * mutt-debugsource-2.2.14-150600.3.6.1 * openSUSE Leap 15.6 (noarch) * mutt-lang-2.2.14-150600.3.6.1 * mutt-doc-2.2.14-150600.3.6.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * mutt-debuginfo-2.2.14-150600.3.6.1 * mutt-2.2.14-150600.3.6.1 * mutt-debugsource-2.2.14-150600.3.6.1 * Basesystem Module 15-SP7 (noarch) * mutt-lang-2.2.14-150600.3.6.1 * mutt-doc-2.2.14-150600.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2026-43859.html * https://www.suse.com/security/cve/CVE-2026-43860.html * https://www.suse.com/security/cve/CVE-2026-43861.html * https://www.suse.com/security/cve/CVE-2026-43862.html * https://www.suse.com/security/cve/CVE-2026-43863.html * https://www.suse.com/security/cve/CVE-2026-43864.html * https://bugzilla.suse.com/show_bug.cgi?id=1263892 * https://bugzilla.suse.com/show_bug.cgi?id=1263893 * https://bugzilla.suse.com/show_bug.cgi?id=1263894 * https://bugzilla.suse.com/show_bug.cgi?id=1263895 * https://bugzilla.suse.com/show_bug.cgi?id=1263896 * https://bugzilla.suse.com/show_bug.cgi?id=1263897 * https://bugzilla.suse.com/show_bug.cgi?id=1264047 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jun 8 20:36:03 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jun 2026 20:36:03 -0000 Subject: SUSE-SU-2026:2300-1: moderate: Security update for mutt Message-ID: <178095096385.27.16429581130736695588@5a3a51eaee51> # Security update for mutt Announcement ID: SUSE-SU-2026:2300-1 Release Date: 2026-06-08T13:54:59Z Rating: moderate References: * bsc#1263892 * bsc#1263893 * bsc#1263894 * bsc#1263895 * bsc#1263896 * bsc#1263897 * bsc#1264047 Cross-References: * CVE-2026-43859 * CVE-2026-43860 * CVE-2026-43861 * CVE-2026-43862 * CVE-2026-43863 * CVE-2026-43864 CVSS scores: * CVE-2026-43859 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-43859 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-43859 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-43860 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-43860 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-43860 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-43861 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-43861 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-43861 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-43862 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-43862 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-43862 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-43863 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-43863 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-43863 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-43864 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-43864 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-43864 ( NVD ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves six vulnerabilities and has one security fix can now be installed. ## Description: This update for mutt fixes the following issues * CVE-2026-43859: `strfcpy` used instead of `memcpy` for the IMAP `auth_cram` MD5 digest (bsc#1263897). * CVE-2026-43860: truncation of `hash_passwd` by one byte for IMAP `auth_cram` MD5 digest (bsc#1263896). * CVE-2026-43861: missing check for `\0` in `url_pct_decode` (bsc#1263895). * CVE-2026-43862: mishandling of the `imap_auth_gss` security level (bsc#1263894). * CVE-2026-43863: infinite loop in `data_object_to_stream` in `crypt-gpgme.c` (bsc#1263893). * CVE-2026-43864: NULL pointer dereference in function `show_sig_summary` (bsc#1263892). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2300=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * mutt-1.10.1-55.33.1 * mutt-debuginfo-1.10.1-55.33.1 * mutt-debugsource-1.10.1-55.33.1 ## References: * https://www.suse.com/security/cve/CVE-2026-43859.html * https://www.suse.com/security/cve/CVE-2026-43860.html * https://www.suse.com/security/cve/CVE-2026-43861.html * https://www.suse.com/security/cve/CVE-2026-43862.html * https://www.suse.com/security/cve/CVE-2026-43863.html * https://www.suse.com/security/cve/CVE-2026-43864.html * https://bugzilla.suse.com/show_bug.cgi?id=1263892 * https://bugzilla.suse.com/show_bug.cgi?id=1263893 * https://bugzilla.suse.com/show_bug.cgi?id=1263894 * https://bugzilla.suse.com/show_bug.cgi?id=1263895 * https://bugzilla.suse.com/show_bug.cgi?id=1263896 * https://bugzilla.suse.com/show_bug.cgi?id=1263897 * https://bugzilla.suse.com/show_bug.cgi?id=1264047 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 9 12:30:07 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jun 2026 12:30:07 -0000 Subject: SUSE-SU-2026:2306-1: important: Security update for perl-Protocol-HTTP2 Message-ID: <178100820723.310.6929735000880211555@84af047a3be6> # Security update for perl-Protocol-HTTP2 Announcement ID: SUSE-SU-2026:2306-1 Release Date: 2026-06-09T07:58:46Z Rating: important References: * bsc#1267857 Cross-References: * CVE-2026-10725 CVSS scores: * CVE-2026-10725 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-10725 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for perl-Protocol-HTTP2 fixes the following issue * CVE-2026-10725: denial of service due to absence of inbound HPACK header- list size limit (HTTP/2 Bomb attack) (bsc#1267857). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2306=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2306=1 ## Package List: * openSUSE Leap 15.6 (noarch) * perl-Protocol-HTTP2-1.10-150600.3.3.1 * SUSE Package Hub 15 15-SP7 (noarch) * perl-Protocol-HTTP2-1.10-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-10725.html * https://bugzilla.suse.com/show_bug.cgi?id=1267857 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 9 16:30:11 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jun 2026 16:30:11 -0000 Subject: SUSE-SU-2026:2311-1: moderate: Security update for avahi Message-ID: <178102261140.383.13951026861101318444@a22392ad43b1> # Security update for avahi Announcement ID: SUSE-SU-2026:2311-1 Release Date: 2026-06-09T11:05:49Z Rating: moderate References: * bsc#1257235 * bsc#1261546 Cross-References: * CVE-2026-24401 * CVE-2026-34933 CVSS scores: * CVE-2026-24401 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-24401 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-24401 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-34933 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34933 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves two vulnerabilities can now be installed. ## Description: This update for avahi fixes the following issue: * CVE-2026-24401: uncontrolled recursion in `lookup_handle_cname` can crash the `avahi-daemon` (bsc#1257235). * CVE-2026-34933: reachable assertion in `transport_flags_from_domain` can crash the `avahi-daemon` (bsc#1261546). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2311=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2311=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2311=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2311=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2311=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2311=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * avahi-0.8-150400.7.31.2 * avahi-glib2-debugsource-0.8-150400.7.31.2 * libavahi-glib-devel-0.8-150400.7.31.2 * typelib-1_0-Avahi-0_6-0.8-150400.7.31.2 * avahi-compat-mDNSResponder-devel-0.8-150400.7.31.2 * libavahi-core7-debuginfo-0.8-150400.7.31.2 * libavahi-client3-debuginfo-0.8-150400.7.31.2 * libhowl0-0.8-150400.7.31.2 * python3-avahi-gtk-0.8-150400.7.31.2 * avahi-utils-0.8-150400.7.31.2 * libavahi-libevent1-0.8-150400.7.31.2 * libavahi-gobject-devel-0.8-150400.7.31.2 * libavahi-qt5-1-debuginfo-0.8-150400.7.31.2 * avahi-qt5-debugsource-0.8-150400.7.31.2 * avahi-compat-howl-devel-0.8-150400.7.31.2 * avahi-debugsource-0.8-150400.7.31.2 * libavahi-ui-gtk3-0-debuginfo-0.8-150400.7.31.2 * avahi-autoipd-0.8-150400.7.31.2 * avahi-debuginfo-0.8-150400.7.31.2 * libavahi-common3-0.8-150400.7.31.2 * libavahi-common3-debuginfo-0.8-150400.7.31.2 * libavahi-glib1-debuginfo-0.8-150400.7.31.2 * libhowl0-debuginfo-0.8-150400.7.31.2 * libavahi-ui-gtk3-0-0.8-150400.7.31.2 * libavahi-qt5-devel-0.8-150400.7.31.2 * libdns_sd-0.8-150400.7.31.2 * avahi-utils-gtk-0.8-150400.7.31.2 * libavahi-glib1-0.8-150400.7.31.2 * avahi-utils-gtk-debuginfo-0.8-150400.7.31.2 * libavahi-gobject0-debuginfo-0.8-150400.7.31.2 * avahi-autoipd-debuginfo-0.8-150400.7.31.2 * libavahi-qt5-1-0.8-150400.7.31.2 * libavahi-gobject0-0.8-150400.7.31.2 * libavahi-libevent1-debuginfo-0.8-150400.7.31.2 * python3-avahi-0.8-150400.7.31.2 * libavahi-devel-0.8-150400.7.31.2 * libdns_sd-debuginfo-0.8-150400.7.31.2 * avahi-utils-debuginfo-0.8-150400.7.31.2 * libavahi-client3-0.8-150400.7.31.2 * libavahi-core7-0.8-150400.7.31.2 * openSUSE Leap 15.4 (x86_64) * libavahi-client3-32bit-0.8-150400.7.31.2 * libavahi-client3-32bit-debuginfo-0.8-150400.7.31.2 * libavahi-common3-32bit-0.8-150400.7.31.2 * libdns_sd-32bit-debuginfo-0.8-150400.7.31.2 * avahi-32bit-debuginfo-0.8-150400.7.31.2 * libavahi-glib1-32bit-0.8-150400.7.31.2 * libdns_sd-32bit-0.8-150400.7.31.2 * libavahi-glib1-32bit-debuginfo-0.8-150400.7.31.2 * libavahi-common3-32bit-debuginfo-0.8-150400.7.31.2 * openSUSE Leap 15.4 (noarch) * avahi-lang-0.8-150400.7.31.2 * openSUSE Leap 15.4 (aarch64_ilp32) * avahi-64bit-debuginfo-0.8-150400.7.31.2 * libavahi-client3-64bit-0.8-150400.7.31.2 * libdns_sd-64bit-0.8-150400.7.31.2 * libavahi-glib1-64bit-debuginfo-0.8-150400.7.31.2 * libavahi-client3-64bit-debuginfo-0.8-150400.7.31.2 * libdns_sd-64bit-debuginfo-0.8-150400.7.31.2 * libavahi-common3-64bit-0.8-150400.7.31.2 * libavahi-common3-64bit-debuginfo-0.8-150400.7.31.2 * libavahi-glib1-64bit-0.8-150400.7.31.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * avahi-0.8-150400.7.31.2 * avahi-debugsource-0.8-150400.7.31.2 * libavahi-core7-debuginfo-0.8-150400.7.31.2 * libavahi-client3-debuginfo-0.8-150400.7.31.2 * avahi-debuginfo-0.8-150400.7.31.2 * libavahi-common3-0.8-150400.7.31.2 * libavahi-common3-debuginfo-0.8-150400.7.31.2 * libavahi-client3-0.8-150400.7.31.2 * libavahi-core7-0.8-150400.7.31.2 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * avahi-0.8-150400.7.31.2 * avahi-debugsource-0.8-150400.7.31.2 * libavahi-core7-debuginfo-0.8-150400.7.31.2 * libavahi-client3-debuginfo-0.8-150400.7.31.2 * avahi-debuginfo-0.8-150400.7.31.2 * libavahi-common3-0.8-150400.7.31.2 * libavahi-common3-debuginfo-0.8-150400.7.31.2 * libavahi-client3-0.8-150400.7.31.2 * libavahi-core7-0.8-150400.7.31.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * avahi-0.8-150400.7.31.2 * avahi-debugsource-0.8-150400.7.31.2 * libavahi-core7-debuginfo-0.8-150400.7.31.2 * libavahi-client3-debuginfo-0.8-150400.7.31.2 * avahi-debuginfo-0.8-150400.7.31.2 * libavahi-common3-0.8-150400.7.31.2 * libavahi-common3-debuginfo-0.8-150400.7.31.2 * libavahi-client3-0.8-150400.7.31.2 * libavahi-core7-0.8-150400.7.31.2 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * avahi-0.8-150400.7.31.2 * avahi-debugsource-0.8-150400.7.31.2 * libavahi-core7-debuginfo-0.8-150400.7.31.2 * libavahi-client3-debuginfo-0.8-150400.7.31.2 * avahi-debuginfo-0.8-150400.7.31.2 * libavahi-common3-0.8-150400.7.31.2 * libavahi-common3-debuginfo-0.8-150400.7.31.2 * libavahi-client3-0.8-150400.7.31.2 * libavahi-core7-0.8-150400.7.31.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * avahi-0.8-150400.7.31.2 * avahi-debugsource-0.8-150400.7.31.2 * libavahi-core7-debuginfo-0.8-150400.7.31.2 * libavahi-client3-debuginfo-0.8-150400.7.31.2 * avahi-debuginfo-0.8-150400.7.31.2 * libavahi-common3-0.8-150400.7.31.2 * libavahi-common3-debuginfo-0.8-150400.7.31.2 * libavahi-client3-0.8-150400.7.31.2 * libavahi-core7-0.8-150400.7.31.2 ## References: * https://www.suse.com/security/cve/CVE-2026-24401.html * https://www.suse.com/security/cve/CVE-2026-34933.html * https://bugzilla.suse.com/show_bug.cgi?id=1257235 * https://bugzilla.suse.com/show_bug.cgi?id=1261546 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 9 16:30:56 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jun 2026 16:30:56 -0000 Subject: SUSE-SU-2026:2310-1: important: Security update for the Linux Kernel Message-ID: <178102265662.383.7250751819476693593@a22392ad43b1> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:2310-1 Release Date: 2026-06-09T08:18:37Z Rating: important References: * bsc#1261700 * bsc#1262663 * bsc#1263068 * bsc#1263769 * bsc#1263774 * bsc#1263790 * bsc#1263995 * bsc#1264093 * bsc#1264449 * bsc#1264551 * bsc#1264989 * bsc#1265928 * bsc#1265960 * bsc#1266001 * bsc#1266009 * bsc#1266238 * bsc#1266402 * bsc#1266414 * bsc#1266711 * bsc#1266765 * bsc#1266889 * bsc#1266901 * bsc#1266969 * bsc#1266972 * bsc#1267205 * bsc#1267220 * bsc#1267222 Cross-References: * CVE-2026-31405 * CVE-2026-31473 * CVE-2026-31613 * CVE-2026-31614 * CVE-2026-31629 * CVE-2026-31758 * CVE-2026-43037 * CVE-2026-43206 * CVE-2026-43284 * CVE-2026-43362 * CVE-2026-43499 * CVE-2026-43501 * CVE-2026-43503 * CVE-2026-45852 * CVE-2026-45910 * CVE-2026-45970 * CVE-2026-46004 * CVE-2026-46021 * CVE-2026-46043 * CVE-2026-46113 * CVE-2026-46114 * CVE-2026-46243 CVSS scores: * CVE-2026-31405 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31405 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31473 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31473 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31473 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31613 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31613 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31613 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2026-31614 ( SUSE ): 6.1 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31614 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31614 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31629 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31629 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31629 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31758 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31758 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31758 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43206 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43206 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43284 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43284 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43284 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43362 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2026-43362 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L * CVE-2026-43362 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H * CVE-2026-43499 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43499 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43499 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43501 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43501 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43501 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43503 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43503 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43503 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-45852 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45852 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45910 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45910 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45910 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45970 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46004 ( SUSE ): 7.0 CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46004 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46021 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46021 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46043 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46043 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46043 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-46113 ( SUSE ): 9.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-46113 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46113 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46114 ( SUSE ): 5.3 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-46114 ( SUSE ): 5.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-46114 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-46243 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 22 vulnerabilities and has five security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2026-31405: media: dvb-net: fix OOB access in ULE extension header tables (bsc#1261700). * CVE-2026-31473: media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex (bsc#1262663). * CVE-2026-31613: smb: client: fix OOB reads parsing symlink error response (bsc#1263769). * CVE-2026-31614: smb: client: fix off-by-8 bounds check in check_wsl_eas() (bsc#1263774). * CVE-2026-31629: nfc: llcp: add missing return after LLCP_CLOSED checks (bsc#1263790). * CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmc_release (bsc#1264093). * CVE-2026-43037: ip6_tunnel: clear skb2->cb in ip4ip6_err() (bsc#1263995). * CVE-2026-43206: drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set() (bsc#1264551). * CVE-2026-43362: smb: client: fix in-place encryption corruption in SMB2_write() (bsc#1264989). * CVE-2026-43499: rtmutex: Use waiter::task instead of current in remove_waiter() (bsc#1266001). * CVE-2026-43501: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (bsc#1266009). * CVE-2026-43503: net: skbuff: propagate shared-frag marker through frag- transfer helpers (bsc#1265960). * CVE-2026-45852: RDMA/rxe: Fix double free in rxe_srq_from_init (bsc#1266711). * CVE-2026-45910: RDMA/rxe: Fix race condition in QP timer handlers (bsc#1266889). * CVE-2026-45970: bonding: alb: fix UAF in rlb_arp_recv during bond up/down (bsc#1267205). * CVE-2026-46004: ALSA: caiaq: Handle probe errors properly (bsc#1267222). * CVE-2026-46021: thermal: core: Fix thermal zone governor cleanup issues (bsc#1267220). * CVE-2026-46043: RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv (bsc#1266901). * CVE-2026-46113: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (bsc#1266969). * CVE-2026-46114: RDMA/rxe: Reject non-8-byte ATOMIC_WRITE payloads (bsc#1266972). * CVE-2026-46243: smb: client: reject userspace cifs.spnego descriptions (bsc#1266238). The following non security issues were fixed: * arm64: tlb: Allow XZR argument to TLBI ops (git-fixes). * arm64: tlb: Optimize ARM64_WORKAROUND_REPEAT_TLBI (git-fixes). * drm/hyperv: validate resolution_count and fix WIN8 fallback (git-fixes). * drm/hyperv: validate VMBus packet size in receive callback (git-fixes). * net: gro: don't merge zcopy skbs (git-fixes). * net: mana: Add NULL guards in teardown path to prevent panic on attach failure (git-fixes). * net: mana: Expose hardware diagnostic info via debugfs (bsc#1266414). * net: mana: Fix TOCTOU double-fetch of hwc_msg_id from DMA buffer (bsc#1265928). * net: mana: hardening: Reject zero max_num_queues from GDMA_QUERY_MAX_RESOURCES (git-fixes). * net: mana: Skip redundant detach on already-detached port (git-fixes). * net: mana: Use kvmalloc for large RX queue and buffer allocations (bsc#1266765). * net: mana: Use per-queue allocation for tx_qp to reduce allocation size (bsc#1266765). * net: mana: validate rx_req_idx to prevent out-of-bounds array access (bsc#1266402). * RDMA/mana_ib: Report max_msg_sz in mana_ib_query_port (git-fixes). * s390/barrier: Make array_index_mask_nospec() __always_inline (bsc#1263068). * s390/entry: Scrub r12 register on kernel entry (bsc#1263068). * s390/syscalls: Add spectre boundary for syscall dispatch table (bsc#1263068). * smb: client: correctly handle ErrorContextData as a flexible array (git- fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2310=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2310=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2310=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-2310=1 * SUSE Linux Enterprise High Availability Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2026-2310=1 ## Package List: * openSUSE Leap 15.6 (aarch64) * dtb-apm-6.4.0-150600.23.115.1 * dtb-allwinner-6.4.0-150600.23.115.1 * dlm-kmp-64kb-6.4.0-150600.23.115.1 * gfs2-kmp-64kb-debuginfo-6.4.0-150600.23.115.1 * dtb-rockchip-6.4.0-150600.23.115.1 * dtb-freescale-6.4.0-150600.23.115.1 * dlm-kmp-64kb-debuginfo-6.4.0-150600.23.115.1 * dtb-hisilicon-6.4.0-150600.23.115.1 * dtb-cavium-6.4.0-150600.23.115.1 * kernel-64kb-devel-debuginfo-6.4.0-150600.23.115.1 * kernel-64kb-debugsource-6.4.0-150600.23.115.1 * dtb-qcom-6.4.0-150600.23.115.1 * dtb-lg-6.4.0-150600.23.115.1 * cluster-md-kmp-64kb-debuginfo-6.4.0-150600.23.115.1 * gfs2-kmp-64kb-6.4.0-150600.23.115.1 * ocfs2-kmp-64kb-6.4.0-150600.23.115.1 * dtb-marvell-6.4.0-150600.23.115.1 * dtb-renesas-6.4.0-150600.23.115.1 * dtb-exynos-6.4.0-150600.23.115.1 * kernel-64kb-devel-6.4.0-150600.23.115.1 * kselftests-kmp-64kb-debuginfo-6.4.0-150600.23.115.1 * dtb-amd-6.4.0-150600.23.115.1 * kernel-64kb-extra-debuginfo-6.4.0-150600.23.115.1 * kernel-64kb-optional-debuginfo-6.4.0-150600.23.115.1 * kernel-64kb-extra-6.4.0-150600.23.115.1 * dtb-amazon-6.4.0-150600.23.115.1 * kernel-64kb-optional-6.4.0-150600.23.115.1 * reiserfs-kmp-64kb-debuginfo-6.4.0-150600.23.115.1 * dtb-xilinx-6.4.0-150600.23.115.1 * dtb-apple-6.4.0-150600.23.115.1 * dtb-mediatek-6.4.0-150600.23.115.1 * ocfs2-kmp-64kb-debuginfo-6.4.0-150600.23.115.1 * dtb-amlogic-6.4.0-150600.23.115.1 * cluster-md-kmp-64kb-6.4.0-150600.23.115.1 * dtb-socionext-6.4.0-150600.23.115.1 * dtb-broadcom-6.4.0-150600.23.115.1 * reiserfs-kmp-64kb-6.4.0-150600.23.115.1 * kernel-64kb-debuginfo-6.4.0-150600.23.115.1 * dtb-altera-6.4.0-150600.23.115.1 * kselftests-kmp-64kb-6.4.0-150600.23.115.1 * dtb-arm-6.4.0-150600.23.115.1 * dtb-sprd-6.4.0-150600.23.115.1 * dtb-nvidia-6.4.0-150600.23.115.1 * openSUSE Leap 15.6 (aarch64 nosrc) * kernel-64kb-6.4.0-150600.23.115.1 * openSUSE Leap 15.6 (aarch64 ppc64le x86_64) * kernel-default-base-6.4.0-150600.23.115.1.150600.12.54.1 * kernel-default-base-rebuild-6.4.0-150600.23.115.1.150600.12.54.1 * kernel-kvmsmall-devel-6.4.0-150600.23.115.1 * kernel-kvmsmall-debuginfo-6.4.0-150600.23.115.1 * kernel-kvmsmall-devel-debuginfo-6.4.0-150600.23.115.1 * kernel-kvmsmall-debugsource-6.4.0-150600.23.115.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kernel-obs-qa-6.4.0-150600.23.115.1 * kernel-obs-build-6.4.0-150600.23.115.1 * kernel-obs-build-debugsource-6.4.0-150600.23.115.1 * kernel-default-debugsource-6.4.0-150600.23.115.1 * kernel-default-devel-6.4.0-150600.23.115.1 * dlm-kmp-default-debuginfo-6.4.0-150600.23.115.1 * kselftests-kmp-default-debuginfo-6.4.0-150600.23.115.1 * gfs2-kmp-default-6.4.0-150600.23.115.1 * kernel-default-optional-debuginfo-6.4.0-150600.23.115.1 * kselftests-kmp-default-6.4.0-150600.23.115.1 * kernel-default-livepatch-6.4.0-150600.23.115.1 * kernel-default-extra-debuginfo-6.4.0-150600.23.115.1 * kernel-default-extra-6.4.0-150600.23.115.1 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.115.1 * kernel-default-optional-6.4.0-150600.23.115.1 * kernel-syms-6.4.0-150600.23.115.1 * kernel-default-debuginfo-6.4.0-150600.23.115.1 * cluster-md-kmp-default-6.4.0-150600.23.115.1 * kernel-default-devel-debuginfo-6.4.0-150600.23.115.1 * ocfs2-kmp-default-6.4.0-150600.23.115.1 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.115.1 * dlm-kmp-default-6.4.0-150600.23.115.1 * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.115.1 * reiserfs-kmp-default-6.4.0-150600.23.115.1 * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.115.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-150600.23.115.1 * openSUSE Leap 15.6 (noarch nosrc) * kernel-docs-6.4.0-150600.23.115.1 * openSUSE Leap 15.6 (noarch) * kernel-macros-6.4.0-150600.23.115.1 * kernel-docs-html-6.4.0-150600.23.115.1 * kernel-devel-6.4.0-150600.23.115.1 * kernel-source-6.4.0-150600.23.115.1 * kernel-source-vanilla-6.4.0-150600.23.115.1 * openSUSE Leap 15.6 (nosrc ppc64le x86_64) * kernel-debug-6.4.0-150600.23.115.1 * openSUSE Leap 15.6 (ppc64le x86_64) * kernel-debug-debugsource-6.4.0-150600.23.115.1 * kernel-debug-devel-6.4.0-150600.23.115.1 * kernel-debug-debuginfo-6.4.0-150600.23.115.1 * kernel-debug-devel-debuginfo-6.4.0-150600.23.115.1 * openSUSE Leap 15.6 (x86_64) * kernel-default-vdso-debuginfo-6.4.0-150600.23.115.1 * kernel-kvmsmall-vdso-6.4.0-150600.23.115.1 * kernel-debug-vdso-debuginfo-6.4.0-150600.23.115.1 * kernel-debug-vdso-6.4.0-150600.23.115.1 * kernel-kvmsmall-vdso-debuginfo-6.4.0-150600.23.115.1 * kernel-default-vdso-6.4.0-150600.23.115.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-6.4.0-150600.23.115.1 * kernel-livepatch-SLE15-SP6_Update_27-debugsource-1-150600.13.3.1 * kernel-livepatch-6_4_0-150600_23_115-default-debuginfo-1-150600.13.3.1 * kernel-livepatch-6_4_0-150600_23_115-default-1-150600.13.3.1 * openSUSE Leap 15.6 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-6.4.0-150600.23.115.1 * openSUSE Leap 15.6 (nosrc s390x) * kernel-zfcpdump-6.4.0-150600.23.115.1 * openSUSE Leap 15.6 (s390x) * kernel-zfcpdump-debugsource-6.4.0-150600.23.115.1 * kernel-zfcpdump-debuginfo-6.4.0-150600.23.115.1 * openSUSE Leap 15.6 (nosrc) * dtb-aarch64-6.4.0-150600.23.115.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * kernel-obs-build-6.4.0-150600.23.115.1 * kernel-default-devel-debuginfo-6.4.0-150600.23.115.1 * kernel-default-devel-6.4.0-150600.23.115.1 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.115.1 * ocfs2-kmp-default-6.4.0-150600.23.115.1 * dlm-kmp-default-debuginfo-6.4.0-150600.23.115.1 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.115.1 * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.115.1 * dlm-kmp-default-6.4.0-150600.23.115.1 * gfs2-kmp-default-6.4.0-150600.23.115.1 * reiserfs-kmp-default-6.4.0-150600.23.115.1 * cluster-md-kmp-default-6.4.0-150600.23.115.1 * kernel-syms-6.4.0-150600.23.115.1 * kernel-default-debuginfo-6.4.0-150600.23.115.1 * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.115.1 * kernel-obs-build-debugsource-6.4.0-150600.23.115.1 * kernel-default-debugsource-6.4.0-150600.23.115.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 nosrc) * kernel-64kb-6.4.0-150600.23.115.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64) * kernel-64kb-debugsource-6.4.0-150600.23.115.1 * kernel-64kb-debuginfo-6.4.0-150600.23.115.1 * kernel-64kb-devel-debuginfo-6.4.0-150600.23.115.1 * kernel-64kb-devel-6.4.0-150600.23.115.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-150600.23.115.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le x86_64) * kernel-default-base-6.4.0-150600.23.115.1.150600.12.54.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * kernel-source-6.4.0-150600.23.115.1 * kernel-macros-6.4.0-150600.23.115.1 * kernel-devel-6.4.0-150600.23.115.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch nosrc) * kernel-docs-6.4.0-150600.23.115.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (nosrc s390x) * kernel-zfcpdump-6.4.0-150600.23.115.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (s390x) * kernel-zfcpdump-debugsource-6.4.0-150600.23.115.1 * kernel-zfcpdump-debuginfo-6.4.0-150600.23.115.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * kernel-default-debugsource-6.4.0-150600.23.115.1 * kernel-obs-build-6.4.0-150600.23.115.1 * kernel-default-devel-debuginfo-6.4.0-150600.23.115.1 * kernel-default-devel-6.4.0-150600.23.115.1 * ocfs2-kmp-default-6.4.0-150600.23.115.1 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.115.1 * dlm-kmp-default-debuginfo-6.4.0-150600.23.115.1 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.115.1 * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.115.1 * dlm-kmp-default-6.4.0-150600.23.115.1 * reiserfs-kmp-default-6.4.0-150600.23.115.1 * gfs2-kmp-default-6.4.0-150600.23.115.1 * kernel-default-base-6.4.0-150600.23.115.1.150600.12.54.1 * kernel-syms-6.4.0-150600.23.115.1 * kernel-default-debuginfo-6.4.0-150600.23.115.1 * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.115.1 * kernel-obs-build-debugsource-6.4.0-150600.23.115.1 * cluster-md-kmp-default-6.4.0-150600.23.115.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (nosrc ppc64le x86_64) * kernel-default-6.4.0-150600.23.115.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * kernel-source-6.4.0-150600.23.115.1 * kernel-macros-6.4.0-150600.23.115.1 * kernel-devel-6.4.0-150600.23.115.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch nosrc) * kernel-docs-6.4.0-150600.23.115.1 * SUSE Linux Enterprise Live Patching 15-SP6 (nosrc) * kernel-default-6.4.0-150600.23.115.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_115-default-debuginfo-1-150600.13.3.1 * kernel-default-livepatch-devel-6.4.0-150600.23.115.1 * kernel-livepatch-6_4_0-150600_23_115-default-1-150600.13.3.1 * kernel-default-debuginfo-6.4.0-150600.23.115.1 * kernel-default-livepatch-6.4.0-150600.23.115.1 * kernel-default-debugsource-6.4.0-150600.23.115.1 * kernel-livepatch-SLE15-SP6_Update_27-debugsource-1-150600.13.3.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (nosrc) * kernel-default-6.4.0-150600.23.115.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le s390x x86_64) * kernel-default-debugsource-6.4.0-150600.23.115.1 * kernel-default-debuginfo-6.4.0-150600.23.115.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31405.html * https://www.suse.com/security/cve/CVE-2026-31473.html * https://www.suse.com/security/cve/CVE-2026-31613.html * https://www.suse.com/security/cve/CVE-2026-31614.html * https://www.suse.com/security/cve/CVE-2026-31629.html * https://www.suse.com/security/cve/CVE-2026-31758.html * https://www.suse.com/security/cve/CVE-2026-43037.html * https://www.suse.com/security/cve/CVE-2026-43206.html * https://www.suse.com/security/cve/CVE-2026-43284.html * https://www.suse.com/security/cve/CVE-2026-43362.html * https://www.suse.com/security/cve/CVE-2026-43499.html * https://www.suse.com/security/cve/CVE-2026-43501.html * https://www.suse.com/security/cve/CVE-2026-43503.html * https://www.suse.com/security/cve/CVE-2026-45852.html * https://www.suse.com/security/cve/CVE-2026-45910.html * https://www.suse.com/security/cve/CVE-2026-45970.html * https://www.suse.com/security/cve/CVE-2026-46004.html * https://www.suse.com/security/cve/CVE-2026-46021.html * https://www.suse.com/security/cve/CVE-2026-46043.html * https://www.suse.com/security/cve/CVE-2026-46113.html * https://www.suse.com/security/cve/CVE-2026-46114.html * https://www.suse.com/security/cve/CVE-2026-46243.html * https://bugzilla.suse.com/show_bug.cgi?id=1261700 * https://bugzilla.suse.com/show_bug.cgi?id=1262663 * https://bugzilla.suse.com/show_bug.cgi?id=1263068 * https://bugzilla.suse.com/show_bug.cgi?id=1263769 * https://bugzilla.suse.com/show_bug.cgi?id=1263774 * https://bugzilla.suse.com/show_bug.cgi?id=1263790 * https://bugzilla.suse.com/show_bug.cgi?id=1263995 * https://bugzilla.suse.com/show_bug.cgi?id=1264093 * https://bugzilla.suse.com/show_bug.cgi?id=1264449 * https://bugzilla.suse.com/show_bug.cgi?id=1264551 * https://bugzilla.suse.com/show_bug.cgi?id=1264989 * https://bugzilla.suse.com/show_bug.cgi?id=1265928 * https://bugzilla.suse.com/show_bug.cgi?id=1265960 * https://bugzilla.suse.com/show_bug.cgi?id=1266001 * https://bugzilla.suse.com/show_bug.cgi?id=1266009 * https://bugzilla.suse.com/show_bug.cgi?id=1266238 * https://bugzilla.suse.com/show_bug.cgi?id=1266402 * https://bugzilla.suse.com/show_bug.cgi?id=1266414 * https://bugzilla.suse.com/show_bug.cgi?id=1266711 * https://bugzilla.suse.com/show_bug.cgi?id=1266765 * https://bugzilla.suse.com/show_bug.cgi?id=1266889 * https://bugzilla.suse.com/show_bug.cgi?id=1266901 * https://bugzilla.suse.com/show_bug.cgi?id=1266969 * https://bugzilla.suse.com/show_bug.cgi?id=1266972 * https://bugzilla.suse.com/show_bug.cgi?id=1267205 * https://bugzilla.suse.com/show_bug.cgi?id=1267220 * https://bugzilla.suse.com/show_bug.cgi?id=1267222 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 9 16:31:01 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jun 2026 16:31:01 -0000 Subject: SUSE-SU-2026:2309-1: low: Security update for podofo Message-ID: <178102266116.383.9999587099493044361@a22392ad43b1> # Security update for podofo Announcement ID: SUSE-SU-2026:2309-1 Release Date: 2026-06-09T08:17:31Z Rating: low References: * bsc#1265320 Cross-References: * CVE-2026-44348 CVSS scores: * CVE-2026-44348 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-44348 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-44348 ( NVD ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for podofo fixes the following issue: * CVE-2026-44348: double-free in `compute_hash_to_sign()` in `src/podofo/private/OpenSSLInternal_Ripped.cpp` (bsc#1265320). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2309=1 ## Package List: * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * podofo-debugsource-1.0.2-150700.3.6.1 * libpodofo-devel-1.0.2-150700.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2026-44348.html * https://bugzilla.suse.com/show_bug.cgi?id=1265320 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 9 16:31:21 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jun 2026 16:31:21 -0000 Subject: SUSE-SU-2026:2308-1: important: Security update for netty, netty-tcnative Message-ID: <178102268174.383.4747450140407402858@a22392ad43b1> # Security update for netty, netty-tcnative Announcement ID: SUSE-SU-2026:2308-1 Release Date: 2026-06-09T08:14:00Z Rating: important References: * bsc#1264350 * bsc#1265243 * bsc#1265245 * bsc#1265246 * bsc#1265272 * bsc#1265273 * bsc#1265277 * bsc#1265279 * bsc#1265280 * bsc#1265292 * bsc#1265294 * bsc#1265318 Cross-References: * CVE-2026-41417 * CVE-2026-42578 * CVE-2026-42579 * CVE-2026-42580 * CVE-2026-42581 * CVE-2026-42582 * CVE-2026-42583 * CVE-2026-42584 * CVE-2026-42585 * CVE-2026-42586 * CVE-2026-42587 * CVE-2026-44248 CVSS scores: * CVE-2026-41417 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-41417 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N * CVE-2026-41417 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-42578 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-42578 ( NVD ): 2.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-42578 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-42579 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2026-42579 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L * CVE-2026-42579 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-42579 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2026-42580 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-42580 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-42580 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-42581 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-42581 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-42581 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-42581 ( NVD ): 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2026-42582 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42582 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42583 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-42583 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42583 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42584 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-42584 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-42584 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2026-42584 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-42585 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-42585 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-42585 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-42585 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-42586 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N * CVE-2026-42586 ( NVD ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N * CVE-2026-42586 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-42587 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42587 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-44248 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-44248 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-44248 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-44248 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves 12 vulnerabilities can now be installed. ## Description: This update for netty, netty-tcnative fixes the following issues * CVE-2026-41417: missing validations leads to HTTP request smuggling and RTSP request injection via start-line injection in `DefaultHttpRequest.setUri()` (bsc#1264350). * CVE-2026-42578: HTTP Header Injection via HttpProxyHandler Disabled Validation in Netty (bsc#1265243). * CVE-2026-42579: DNS codec does not enforce RFC 1035 domain name constraints during either encoding or decoding (bsc#1265272). * CVE-2026-42580: chunk size parser silently overflows int and enables request smuggling attacks (bsc#1265273). * CVE-2026-42581: TE+CL header coexistence in HTTP/1.0 requests bypasses smuggling sanitization (bsc#1265277). * CVE-2026-42583: resource exhaustion and possible denial of service via `Lz4FrameDecoder` (bsc#1265279). * CVE-2026-42584: improper handling of inbound responses in `HttpClientCodec` can lead to response desynchronization (bsc#1265280). * CVE-2026-42585: Netty is an asynchronous, event-driven network application framework (bsc#1265292). * CVE-2026-42586: CRLF Injection in Netty Redis Codec Encoder (bsc#1265245). * CVE-2026-42587: HttpContentDecompressor maxAllocation bypass via Content- Encoding: br/zstd/snappy enables decompression bomb DoS (bsc#1265246). * CVE-2026-44248: Netty is an asynchronous, event-driven network application framework (bsc#1265294). * CVE-2026-42582: HTTP/3 QPACK literal unbounded allocation (bsc#1265318). Changes for netty: * Upgrade to upstream version 4.1.133 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2026-2308=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2308=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2308=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2308=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2308=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2308=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2308=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2308=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2308=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2308=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2308=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2308=1 ## Package List: * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * netty-tcnative-debugsource-2.0.77-150200.3.39.1 * netty-tcnative-2.0.77-150200.3.39.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * netty-4.1.133-150200.4.46.1 * SUSE Package Hub 15 15-SP7 (noarch) * netty-javadoc-4.1.133-150200.4.46.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * netty-tcnative-2.0.77-150200.3.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * netty-tcnative-2.0.77-150200.3.39.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * netty-tcnative-2.0.77-150200.3.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * netty-tcnative-2.0.77-150200.3.39.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * netty-tcnative-2.0.77-150200.3.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * netty-tcnative-2.0.77-150200.3.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * netty-tcnative-2.0.77-150200.3.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * netty-tcnative-2.0.77-150200.3.39.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * netty-tcnative-2.0.77-150200.3.39.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * netty-tcnative-2.0.77-150200.3.39.1 ## References: * https://www.suse.com/security/cve/CVE-2026-41417.html * https://www.suse.com/security/cve/CVE-2026-42578.html * https://www.suse.com/security/cve/CVE-2026-42579.html * https://www.suse.com/security/cve/CVE-2026-42580.html * https://www.suse.com/security/cve/CVE-2026-42581.html * https://www.suse.com/security/cve/CVE-2026-42582.html * https://www.suse.com/security/cve/CVE-2026-42583.html * https://www.suse.com/security/cve/CVE-2026-42584.html * https://www.suse.com/security/cve/CVE-2026-42585.html * https://www.suse.com/security/cve/CVE-2026-42586.html * https://www.suse.com/security/cve/CVE-2026-42587.html * https://www.suse.com/security/cve/CVE-2026-44248.html * https://bugzilla.suse.com/show_bug.cgi?id=1264350 * https://bugzilla.suse.com/show_bug.cgi?id=1265243 * https://bugzilla.suse.com/show_bug.cgi?id=1265245 * https://bugzilla.suse.com/show_bug.cgi?id=1265246 * https://bugzilla.suse.com/show_bug.cgi?id=1265272 * https://bugzilla.suse.com/show_bug.cgi?id=1265273 * https://bugzilla.suse.com/show_bug.cgi?id=1265277 * https://bugzilla.suse.com/show_bug.cgi?id=1265279 * https://bugzilla.suse.com/show_bug.cgi?id=1265280 * https://bugzilla.suse.com/show_bug.cgi?id=1265292 * https://bugzilla.suse.com/show_bug.cgi?id=1265294 * https://bugzilla.suse.com/show_bug.cgi?id=1265318 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 9 16:31:25 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jun 2026 16:31:25 -0000 Subject: SUSE-SU-2026:2307-1: important: Security update for nginx Message-ID: <178102268577.383.5278266164049005713@a22392ad43b1> # Security update for nginx Announcement ID: SUSE-SU-2026:2307-1 Release Date: 2026-06-09T08:12:26Z Rating: important References: * bsc#1266215 Cross-References: * CVE-2026-9256 CVSS scores: * CVE-2026-9256 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-9256 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for nginx fixes the following issue * CVE-2026-9256: heap buffer overflow in the `ngx_http_rewrite_module` when using a configuration with overlapping captures (bsc#1266215). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2307=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-2307=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2307=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2307=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * nginx-1.21.5-150600.10.21.1 * nginx-debugsource-1.21.5-150600.10.21.1 * nginx-debuginfo-1.21.5-150600.10.21.1 * openSUSE Leap 15.6 (noarch) * nginx-source-1.21.5-150600.10.21.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * nginx-1.21.5-150600.10.21.1 * nginx-debugsource-1.21.5-150600.10.21.1 * nginx-debuginfo-1.21.5-150600.10.21.1 * Server Applications Module 15-SP7 (noarch) * nginx-source-1.21.5-150600.10.21.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * nginx-1.21.5-150600.10.21.1 * nginx-debugsource-1.21.5-150600.10.21.1 * nginx-debuginfo-1.21.5-150600.10.21.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * nginx-source-1.21.5-150600.10.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * nginx-1.21.5-150600.10.21.1 * nginx-debugsource-1.21.5-150600.10.21.1 * nginx-debuginfo-1.21.5-150600.10.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * nginx-source-1.21.5-150600.10.21.1 ## References: * https://www.suse.com/security/cve/CVE-2026-9256.html * https://bugzilla.suse.com/show_bug.cgi?id=1266215 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 9 20:30:08 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jun 2026 20:30:08 -0000 Subject: SUSE-SU-2026:22055-1: moderate: Security update for python-requests Message-ID: <178103700896.427.14743554929038046730@f2d68789a884> # Security update for python-requests Announcement ID: SUSE-SU-2026:22055-1 Release Date: 2026-06-08T16:38:34Z Rating: moderate References: * bsc#1260589 Cross-References: * CVE-2026-25645 CVSS scores: * CVE-2026-25645 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-25645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2026-25645 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N * CVE-2026-25645 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves one vulnerability can now be installed. ## Description: This update for python-requests fixes the following issue: * CVE-2026-25645: `extract_zipped_paths()` uses predictable filenames when extracting files from zip archives and reuses target files that already exist without validation (bsc#1260589). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-908=1 ## Package List: * SUSE Linux Micro 6.2 (noarch) * python313-requests-2.32.4-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25645.html * https://bugzilla.suse.com/show_bug.cgi?id=1260589 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 9 20:30:15 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jun 2026 20:30:15 -0000 Subject: SUSE-SU-2026:22054-1: moderate: Security update for polkit Message-ID: <178103701517.427.14175269339665057831@f2d68789a884> # Security update for polkit Announcement ID: SUSE-SU-2026:22054-1 Release Date: 2026-06-08T16:36:47Z Rating: moderate References: * bsc#1260859 Cross-References: * CVE-2026-4897 CVSS scores: * CVE-2026-4897 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-4897 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-4897 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves one vulnerability can now be installed. ## Description: This update for polkit fixes the following issue: * CVE-2026-4897: Fixed possible OOM condition via specially crafted input to `polkit-agent-helper-1` (bsc#1260859). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-907=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * libpolkit-gobject-1-0-123-160000.3.1 * libpolkit-agent-1-0-debuginfo-123-160000.3.1 * polkit-debuginfo-123-160000.3.1 * libpolkit-agent-1-0-123-160000.3.1 * libpolkit-gobject-1-0-debuginfo-123-160000.3.1 * polkit-debugsource-123-160000.3.1 * polkit-123-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-4897.html * https://bugzilla.suse.com/show_bug.cgi?id=1260859 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 9 20:30:20 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jun 2026 20:30:20 -0000 Subject: SUSE-SU-2026:22053-1: important: Security update for elemental-system-agent Message-ID: <178103702057.427.18003843625266145189@f2d68789a884> # Security update for elemental-system-agent Announcement ID: SUSE-SU-2026:22053-1 Release Date: 2026-06-08T15:13:37Z Rating: important References: * bsc#1260277 Cross-References: * CVE-2026-33186 CVSS scores: * CVE-2026-33186 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-33186 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33186 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves one vulnerability can now be installed. ## Description: This update for elemental-system-agent fixes the following issue * CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header (bsc#1260277). Changes: * Update to version 0.3.16: * setup for immutable releases (#274) * align system-agent image publishing for signed releases (#270) * Bumo github.com/docker/cli to v29.2.0 and go.opentelemetry.io/otel to v1.43.0 * run go mod tidy in /test folder * Bump google.golang.org/grpc from 1.75.0 to 1.79.3 (bsc#1260277 CVE-2026-33186) * Bump github.com/docker/cli in /test * export CATTLE_NODE_NAME if SYSTEM_UPGRADE_NODE_NAME is set * use correct prefix for system-agent binary (#273) * checksum validation (#271) * Add `validate` subcommand for configuration validation (#250) * Update CODEOWNERS * Pin GH Actions to commit sha * chore: bump sles to 15.7 * Extend remote plan e2e tests * Fix agent restart issue and introduce constants * chore: bump go to v1.25 * Setup e2e test infrastructure * chores(deps): Bump k8s dependencies * Define linter rules * Fix CI failures * Introduce an extended Makefile * Switch workflows to use name makefile * Replace dapper with multi stage builds * Remove dapper scripts * Add multiple improvements for ignore files * fix: remove umask command from the system-agent unit-file * fix-system-agent-umask * [1.34] bumped dependencies for 1.34 support (#242) * Bump K8s patch level to 1.33.5 and Go patch level to 1.24.6 * fix: properly handle traps after unsuccessful SUC job execution * fix: do not unconditionally reset failure-counts * fix: remove resetFailureCountOnStartup, always reset failure counts on first start * un-rc wrangler and lasso * drop windows 2019 when running PR CI ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-906=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 x86_64) * elemental-system-agent-0.3.16-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33186.html * https://bugzilla.suse.com/show_bug.cgi?id=1260277 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 9 20:30:31 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jun 2026 20:30:31 -0000 Subject: SUSE-SU-2026:22051-1: important: Security update for elemental-toolkit Message-ID: <178103703199.427.4019064423840528878@f2d68789a884> # Security update for elemental-toolkit Announcement ID: SUSE-SU-2026:22051-1 Release Date: 2026-06-08T14:20:14Z Rating: important References: * bsc#1251679 * bsc#1260277 * bsc#1266187 * bsc#1267168 Cross-References: * CVE-2026-33186 CVSS scores: * CVE-2026-33186 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-33186 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33186 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves one vulnerability and has three fixes can now be installed. ## Description: This update for elemental-toolkit fixes the following issue * CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header (bsc#1260277). Changes: * Update to v2.3.4: * 974af043 Bump golang.org/x/net to v0.55.0 (bsc#1267168 bsc#1251679) * ae39c90f Bump golang.org/x/crypto to v0.52.0 (bsc#1266187) * Update to v2.3.3: * 8b4af274 Avoid pulling binaries with curl * d46e30f4 Bump golangci/golangci-lint-action to v9 * 02caf200 Bump github.com/spf13/cobra library * e29e1fbf Bump github.com/jaypipes/ghw library * 652654e1 Bump github.com/bramvdbogaerde/go-scp library * f94a0c58 Bump google.golang.org/grpc library (bsc#1260277 CVE-2026-33186) * dc1a2056 Bump github.com/ulikunitz/xz library * 337a986c Update headers to 2026 * d6aac085 Switch from TW to Leap 16.0 for green flavor ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-903=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 x86_64) * elemental-toolkit-2.3.4-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33186.html * https://bugzilla.suse.com/show_bug.cgi?id=1251679 * https://bugzilla.suse.com/show_bug.cgi?id=1260277 * https://bugzilla.suse.com/show_bug.cgi?id=1266187 * https://bugzilla.suse.com/show_bug.cgi?id=1267168 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 9 20:30:43 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jun 2026 20:30:43 -0000 Subject: SUSE-SU-2026:22050-1: important: Security update for elemental-register Message-ID: <178103704324.427.2909549149220683400@f2d68789a884> # Security update for elemental-register Announcement ID: SUSE-SU-2026:22050-1 Release Date: 2026-06-08T14:20:14Z Rating: important References: * bsc#1251679 * bsc#1260277 * bsc#1265921 * bsc#1266789 * bsc#1267168 * bsc#1267197 Cross-References: * CVE-2026-33186 CVSS scores: * CVE-2026-33186 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-33186 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33186 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves one vulnerability and has five fixes can now be installed. ## Description: This update for elemental-register fixes the following issue * CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header (bsc#1260277). Changes: * Update to v1.9.2: * 71d1fb9c Local node labels (#984) * ce6acda9 Bump golang.org/x/net to v0.55.0 includes fixes for: * bsc#1266789 bsc#1265921 bsc#1267197 bsc#1267168 bsc#1251679 * 060958b7 Bump golangci/golangci-lint-action * 3b4b6699 use a real UUID for the machine registration ID * d33faa01 Bump google.golang.org/grpc library (bsc#1260277 CVE-2026-33186) * 6dceb411 Deterministic endpoints for MachineRegistrations (#975) * Update to v1.9.1: * b42116d4 Ensure the machine inventory selector keeps looking for a match * Update to v1.9.0: * Update to v1.9.0-rc1: * 9952ebe1 Update libraries based on dependency scan * 5e128c5d Adapt OBS packages to a 1.9 version to coexist with 1.8 version * f88219af Fix cluster api version in test environment * ad937279 Run 'make generate' to recreate generated code and vendor folder * 15bb505f Bump to cluster API libraries to v1.12.x * 63369022 Bump test environment tools in Makefile * 7b464802 Run 'make vendor' to recreate vendor folder * 879b3464 Bump yip * aeda10ac Fix unit tests after bumping libraries * 33dcb61a Run 'make vendor' to recreate vendor folder * 0ccd96af Bump wrangler from v2 to v3 * ff0190c4 Run 'make generate' to renew all generated code and config files * b28d2f08 Bump controller generator to version 0.19 * 0bf7dc32 Update controller runtime options * 549e720d Run 'make vendor' to recreate vendor folder * 3f0f27e0 Updated cluster-api, steve, rancher/apis, client-go and k8s/api to the level they were at rancher v2.13 * 49ebf0b7 Update headers to 2026 * fd13ba92 Update questions to include SL Micro 6.2 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-902=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 x86_64) * elemental-register-1.9.2-160000.1.1 * elemental-support-1.9.2-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33186.html * https://bugzilla.suse.com/show_bug.cgi?id=1251679 * https://bugzilla.suse.com/show_bug.cgi?id=1260277 * https://bugzilla.suse.com/show_bug.cgi?id=1265921 * https://bugzilla.suse.com/show_bug.cgi?id=1266789 * https://bugzilla.suse.com/show_bug.cgi?id=1267168 * https://bugzilla.suse.com/show_bug.cgi?id=1267197 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 9 20:31:51 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jun 2026 20:31:51 -0000 Subject: SUSE-SU-2026:22048-1: important: Security update for the Linux Kernel Message-ID: <178103711168.427.12594851096896919579@f2d68789a884> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:22048-1 Release Date: 2026-06-05T16:12:36Z Rating: important References: * bsc#1243603 * bsc#1260539 * bsc#1260584 * bsc#1261590 * bsc#1262634 * bsc#1262656 * bsc#1262668 * bsc#1262754 * bsc#1262755 * bsc#1262771 * bsc#1263067 * bsc#1263068 * bsc#1263102 * bsc#1263169 * bsc#1263769 * bsc#1263774 * bsc#1263908 * bsc#1264011 * bsc#1264014 * bsc#1264016 * bsc#1264063 * bsc#1264112 * bsc#1264300 * bsc#1264409 * bsc#1264437 * bsc#1264669 * bsc#1264716 * bsc#1264719 * bsc#1264720 * bsc#1264722 * bsc#1264726 * bsc#1264832 * bsc#1264989 * bsc#1265044 * bsc#1265110 * bsc#1265925 * bsc#1265928 * bsc#1266001 * bsc#1266238 * bsc#1266307 * bsc#1266395 * bsc#1266402 * bsc#1266414 * bsc#1266759 * bsc#1266765 Cross-References: * CVE-2023-20585 * CVE-2026-23359 * CVE-2026-23380 * CVE-2026-23444 * CVE-2026-31464 * CVE-2026-31480 * CVE-2026-31483 * CVE-2026-31493 * CVE-2026-3150 * CVE-2026-31516 * CVE-2026-31521 * CVE-2026-31568 * CVE-2026-31575 * CVE-2026-31613 * CVE-2026-31614 * CVE-2026-31729 * CVE-2026-31736 * CVE-2026-43009 * CVE-2026-43012 * CVE-2026-43013 * CVE-2026-43054 * CVE-2026-43112 * CVE-2026-43234 * CVE-2026-43252 * CVE-2026-43325 * CVE-2026-43328 * CVE-2026-43333 * CVE-2026-43338 * CVE-2026-43341 * CVE-2026-43359 * CVE-2026-43360 * CVE-2026-43361 * CVE-2026-43362 * CVE-2026-43414 * CVE-2026-43499 * CVE-2026-45843 * CVE-2026-46110 * CVE-2026-46243 CVSS scores: * CVE-2023-20585 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2023-20585 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2023-20585 ( NVD ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23359 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23359 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23359 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23380 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23380 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23380 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23444 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23444 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23444 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23444 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31464 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31464 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31464 ( NVD ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31480 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31480 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31480 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31483 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31483 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31483 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31493 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31493 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31493 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-3150 ( NVD ): 2.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-3150 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2026-3150 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31516 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31516 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31516 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31521 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31521 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31521 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31568 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31568 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31568 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31575 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31575 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31613 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31613 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31613 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2026-31614 ( SUSE ): 6.1 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31614 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31614 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31729 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31729 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31729 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31736 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31736 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31736 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43009 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43012 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43012 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43013 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43054 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43054 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43112 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43112 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43112 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-43234 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43234 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43252 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43252 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43325 ( SUSE ): 6.0 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43325 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43325 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43328 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43328 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43333 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43333 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2026-43333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43338 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43338 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43338 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43341 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43341 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43359 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43359 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-43359 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43360 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43360 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43360 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43361 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43361 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-43361 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43362 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2026-43362 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L * CVE-2026-43362 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H * CVE-2026-43414 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43414 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43414 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43499 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43499 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43499 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45843 ( SUSE ): 7.0 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-45843 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L * CVE-2026-45843 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N * CVE-2026-46110 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46110 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46110 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46243 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves 38 vulnerabilities and has seven fixes can now be installed. ## Description: The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2023-20585: iommu/amd: Use maximum Event log buffer size when SNP is enabled on Family 0x19 (bsc#1243603). * CVE-2026-3150: bcache: fix cached_dev.sb_bio use-after-free and crash (bsc#1263169). * CVE-2026-23359: bpf: Fix stack-out-of-bounds write in devmap (bsc#1260584). * CVE-2026-23380: tracing: Fix WARN_ON in tracing_buffers_mmap_close (bsc#1260539). * CVE-2026-23444: wifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure (bsc#1266307). * CVE-2026-31464: scsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done() (bsc#1262656). * CVE-2026-31480: tracing: Fix potential deadlock in cpu hotplug with osnoise (bsc#1262634). * CVE-2026-31483: s390/barrier: Make array_index_mask_nospec() __always_inline (bsc#1261590 bsc#1262771). * CVE-2026-31493: RDMA/efa: Fix use of completion ctx after free (bsc#1262668). * CVE-2026-31516: xfrm: prevent policy_hthresh.work from racing with netns teardown (bsc#1262755). * CVE-2026-31521: module: Fix kernel panic when a symbol st_shndx is out of bounds (bsc#1263102). * CVE-2026-31568: s390/mm: Add missing secure storage access fixups for donated memory (bsc#1263068). * CVE-2026-31575: mm/userfaultfd: fix hugetlb fault mutex hash calculation (bsc#1263067). * CVE-2026-31613: smb: client: fix OOB reads parsing symlink error response (bsc#1263769). * CVE-2026-31614: smb: client: fix off-by-8 bounds check in check_wsl_eas() (bsc#1263774). * CVE-2026-31729: usb: typec: ucsi: validate connector number in ucsi_notify_common() (bsc#1264112). * CVE-2026-31736: net: ethernet: mtk_ppe: avoid NULL deref when gmac0 is disabled (bsc#1263908). * CVE-2026-43012: net/mlx5: Fix switchdev mode rollback in case of failure (bsc#1264016). * CVE-2026-43013: net/mlx5: lag: Check for LAG device before creating debugfs (bsc#1264011). * CVE-2026-43054: scsi: target: tcm_loop: Drain commands in target_reset handler (bsc#1264063). * CVE-2026-43112: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath (bsc#1264437). * CVE-2026-43234: team: avoid NETDEV_CHANGEMTU event when unregistering slave (bsc#1264409). * CVE-2026-43252: mptcp: pm: in-kernel: always set ID as avail when rm endp (bsc#1264300). * CVE-2026-43325: wifi: iwlwifi: mvm: don't send a 6E related command when not supported (bsc#1265110). * CVE-2026-43328: cpufreq: governor: fix double free in cpufreq_dbs_governor_init() error path (bsc#1264832). * CVE-2026-43333: bpf: reject direct access to nullable PTR_TO_BUF pointers (bsc#1264726). * CVE-2026-43338: btrfs: reserve enough transaction items for qgroup ioctls (bsc#1264716). * CVE-2026-43341: net/ipv6: ioam6: prevent schema length wraparound in trace fill (bsc#1265044). * CVE-2026-43359: btrfs: fix transaction abort on set received ioctl due to item overflow (bsc#1264719). * CVE-2026-43360: btrfs: fix transaction abort on file creation due to name hash collision (bsc#1264720). * CVE-2026-43361: btrfs: fix transaction abort when snapshotting received subvolumes (bsc#1264722). * CVE-2026-43362: smb: client: fix in-place encryption corruption in SMB2_write() (bsc#1264989). * CVE-2026-43414: scsi: qla2xxx: Completely fix fcport double free (bsc#1264669). * CVE-2026-43499: rtmutex: Use waiter::task instead of current in remove_waiter() (bsc#1266001). * CVE-2026-45843: slip: bound decode() reads against the compressed packet length (bsc#1266395). * CVE-2026-46110: net: stmmac: rename STMMAC_GET_ENTRY() -> STMMAC_NEXT_ENTRY() (bsc#1266759). The following non security issues were fixed: * ACPI: x86: cmos_rtc: Clean up address space handler driver (stable-fixes). * ACPI: x86: cmos_rtc: Improve coordination with ACPI TAD driver (git-fixes). * ALSA: asihpi: Fix potential OOB array access at reading cache (stable- fixes). * ALSA: hda/conexant: Renaming the codec with device ID 0x1f86 and 0x1f87 (stable-fixes). * ALSA: pcm: Don't setup bogus iov_iter for silencing (git-fixes). * ALSA: pcm: oss: Fix setup list UAF on proc write error (git-fixes). * ALSA: scarlett2: Fix 2i2 Gen 4 direct monitor gain on firmware 2417 (git- fixes). * ALSA: seq: avoid past-the-end iterator in snd_seq_create_port() (git-fixes). * ALSA: seq: Serialize UMP output teardown with event_input (git-fixes). * ALSA: timer: avoid past-the-end iterator in snd_timer_dev_register() (git- fixes). * ALSA: ua101: Reject too-short USB descriptors (git-fixes). * arm64: tlb: Flush walk cache when unsharing PMD tables (git-fixes). * ASoC: codecs: simple-mux: Fix enum control bounds check (git-fixes). * ASoC: cs35l56: Fix flushing of IRQ work in cs35l56_sdw_remove() (git-fixes). * ASoC: Intel: bytcht_es8316: Fix MCLK leak on init errors (git-fixes). * ASoC: qcom: q6asm-dai: close stream only when running (git-fixes). * ASoC: qcom: q6asm-dai: do not set stream state in event and trigger callbacks (git-fixes). * ASoC: qcom: q6asm-dai: fix error handling in prepare and set_params (git- fixes). * ASoC: SOF: ipc3: Use standard dev_dbg API (stable-fixes). * auxdisplay: line-display: fix OOB read on zero-length message_store() (git- fixes). * bcache: fix uninitialized closure object (git-fixes). * Bluetooth: 6lowpan: check skb_clone() return value in send_mcast_pkt() (git- fixes). * Bluetooth: bnep: Fix UAF read of dev->name (git-fixes). * Bluetooth: btmtk: accept too short WMT FUNC_CTRL events (git-fixes). * Bluetooth: btmtk: fix urb->setup_packet leak in error paths (git-fixes). * Bluetooth: btusb: Allow firmware re-download when version matches (git- fixes). * Bluetooth: fix UAF in l2cap_sock_cleanup_listen() vs l2cap_conn_del() (git- fixes). * Bluetooth: hci_sync: fix UAF in hci_le_create_cis_sync (git-fixes). * Bluetooth: hci_sync: Set HCI_CMD_DRAIN_WORKQUEUE during device close (git- fixes). * Bluetooth: hci_uart: fix UAFs and race conditions in close and init paths (git-fixes). * Bluetooth: HIDP: fix missing length checks in hidp_input_report() (git- fixes). * Bluetooth: ISO: drop ISO_END frames received without prior ISO_START (git- fixes). * Bluetooth: ISO: fix UAF in iso_recv_frame (git-fixes). * Bluetooth: ISO: serialize iso_sock_clear_timer with socket lock (git-fixes). * Bluetooth: l2cap: clear chan->ident on ECRED reconfiguration success (git- fixes). * Bluetooth: L2CAP: ecred_reconfigure: send packed pdu, not stack pointer (git-fixes). * Bluetooth: L2CAP: fix chan ref leak in l2cap_chan_timeout() on !conn (git- fixes). * Bluetooth: L2CAP: Fix possible crash on l2cap_ecred_conn_rsp (git-fixes). * Bluetooth: L2CAP: use chan timer to close channels in cleanup_listen() (git- fixes). * Bluetooth: MGMT: validate Add Extended Advertising Data length (git-fixes). * Bluetooth: serialize accept_q access (git-fixes). * btrfs: do not mark inode incompressible after inline attempt fails (git- fixes). * comedi: comedi_test: fix check for valid scan_begin_src in waveform_ai_cmdtest() (git-fixes). * comedi: comedi_test: Fix limiting of convert_arg in waveform_ai_cmdtest() (git-fixes). * device property: set fwnode->secondary to NULL in fwnode_init() (git-fixes). * dm: fix a buffer overflow in ioctl processing (git-fixes). * drm/amd/display: Fix integer overflow in bios_get_image() (stable-fixes). * drm/amd/display: Validate GPIO pin LUT table size before iterating (stable- fixes). * drm/amd/display: Validate payload length and link_index in dc_process_dmub_aux_transfer_async (stable-fixes). * drm/amd/pm/si: Disregard vblank time when no displays are connected (git- fixes). * drm/amdgpu/uvd3.1: Don't validate the firmware when already validated (git- fixes). * drm/amdgpu/uvd4.2: Don't initialize UVD 4.2 when DPM is disabled (git- fixes). * drm/amdgpu/vce2: Fix VCE 2 firmware size and offsets (git-fixes). * drm/amdgpu/vce3: Fix VCE 3 firmware size and offsets (git-fixes). * drm/amdgpu/vpe: Force collaborate sync after TRAP (stable-fixes). * drm/amdgpu: add amdgpu_device reference in ip block (stable-fixes). * drm/amdgpu: fix spelling typos (stable-fixes). * drm/amdgpu: update the handle ptr in dump_ip_state (stable-fixes). * drm/amdgpu: update the handle ptr in early_init (stable-fixes). * drm/bridge: chipone-icn6211: use devm_drm_bridge_add in i2c probe (git- fixes). * drm/bridge: it66121: acquire reset GPIO in probe (git-fixes). * drm/bridge: megachips: remove bridge when irq request fails (git-fixes). * drm/hyperv: validate resolution_count and fix WIN8 fallback (git-fixes). * drm/hyperv: validate VMBus packet size in receive callback (git-fixes). * drm/i915/dp: Fix readback for target_rr in Adaptive Sync SDP (git-fixes). * drm/i915: Fix potential UAF in TTM object purge (git-fixes). * drm/msm/dsi: don't dump registers past the mapped region (git-fixes). * drm/msm/snapshot: fix dumping of the unaligned regions (git-fixes). * drm/radeon/evergreen_cs: Add missing NULL prefix check in surface check (git-fixes). * drm/virtio: use uninterruptible resv lock for plane updates (git-fixes). * drm/xe/gsc: Fix double-free of managed BO in error path (git-fixes). * drm/xe/oa: Fix exec_queue leak on width check in stream open (git-fixes). * drm/xe/pf: Fix CFI failure in debugfs access (git-fixes). * drm/xe/vf: Fix signature of print functions (git-fixes). * drm/xe: Define CACHE_MODE_1 as MCR register (git-fixes). * efi: Allocate runtime workqueue before ACPI init (git-fixes). * firmware: arm_ffa: Align RxTx buffer size before mapping (git-fixes). * firmware: arm_ffa: Check for NULL FF-A ID table while driver registration (git-fixes). * firmware: arm_ffa: Fix per-vcpu self notifications handling in workqueue (git-fixes). * firmware: arm_ffa: Skip free_pages on RX buffer alloc failure (git-fixes). * gve: Add RSS cache for non RSS device option scenario (bsc#1265925). * gve: add XDP DROP and PASS support for DQ (bsc#1265925). * gve: Enable reading max ring size from the device in DQO-QPL mode (bsc#1265925). * gve: introduce config-based allocation for XDP (bsc#1265925). * gve: merge packet buffer size fields (bsc#1265925). * gve: remove xdp_xsk_done and xdp_xsk_wakeup statistics (bsc#1265925). * gve: update GQ RX to use buf_size (bsc#1265925). * gve: Update QPL page registration logic (bsc#1265925). * gve: update XDP allocation path support RX buffer posting (bsc#1265925). * HID: playstation: Clamp num_touch_reports (git-fixes). * HID: quirks: really enable the intended work around for appledisplay (git- fixes). * HID: uclogic: Fix regression of input name assignment (git-fixes). * hwmon: (lenovo-ec-sensors): Convert to devm_request_region() (git-fixes). * hwmon: (lenovo-ec-sensors): Fix EC "MCHP" signature validation logic (git- fixes). * hwmon: (pmbus/adm1266) bounce blackbox records through a protocol-sized buffer (git-fixes). * hwmon: (pmbus/adm1266) cap PDIO scan in get_multiple at ADM1266_PDIO_NR (git-fixes). * hwmon: (pmbus/adm1266) don't clobber GPIO bits before PDIO read in get_multiple (git-fixes). * hwmon: (pmbus/adm1266) include adapter number in GPIO line label (git- fixes). * hwmon: (pmbus/adm1266) include PEC byte in pmbus_block_xfer read buffer (git-fixes). * hwmon: (pmbus/adm1266) register the gpio_chip after pmbus_do_probe() (git- fixes). * hwmon: (pmbus/adm1266) register the nvmem device after pmbus_do_probe() (git-fixes). * hwmon: (pmbus/adm1266) reject implausible blackbox record_count (git-fixes). * hwmon: (pmbus/adm1266) reject short block-read responses in the GPIO accessors (git-fixes). * hwmon: (pmbus/adm1266) seed timestamp from the real-time clock (git-fixes). * hwmon: (pmbus/adm1266) widen blackbox-info buffer to I2C_SMBUS_BLOCK_MAX (git-fixes). * iio: adc: mt6359: fix unchecked return value in mt6358_read_imp (git-fixes). * iio: adc: npcm: fix unbalanced clk_disable_unprepare() (git-fixes). * iio: adc: viperboard: Fix error handling in vprbrd_iio_read_raw (git-fixes). * iio: adc: xilinx-xadc: Fix sequencer mode in postdisable for dual mux (git- fixes). * iio: buffer: Fix DMA fence leak in iio_buffer_enqueue_dmabuf() (git-fixes). * iio: buffer: hw-consumer: fix use-after-free in error path (git-fixes). * iio: dac: ad5686: acquire lock when doing powerdown control (git-fixes). * iio: dac: ad5686: fix input raw value check (git-fixes). * iio: dac: max5821: fix return value check in powerdown sync (git-fixes). * iio: gyro: adis16260: fix division by zero in write_raw (git-fixes). * iio: gyro: itg3200: fix i2c read into the wrong stack location (git-fixes). * iio: imu: st_lsm6dsx: fix stack leak in tagged FIFO buffer (git-fixes). * iio: light: cm3323: fix reg_conf not being initialized correctly (git- fixes). * iio: magnetometer: st_magn: fix default DRDY pin selection for LIS2MDL (git- fixes). * iio: ssp_sensors: cancel delayed work_refresh on remove (git-fixes). * iio: temperature: tsys01: fix broken PROM checksum validation (git-fixes). * Input: atmel_mxt_ts - fix boundary check in mxt_prepare_cfg_mem (git-fixes). * Input: ims-pcu - fix usb_free_coherent() size in ims_pcu_buffers_free() (git-fixes). * Input: usbtouchscreen - clamp NEXIO data_len/x_len to URB buffer size (git- fixes). * Input: xpad - fix out-of-bounds access for Share button (git-fixes). * KVM: nSVM: Avoid incorrect injection of SVM_EXIT_CR0_SEL_WRITE (git-fixes). * KVM: nSVM: Propagate SVM_EXIT_CR0_SEL_WRITE correctly for LMSW emulation (git-fixes). * KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0 (git-fixes). * KVM: x86: Fix Xen hypercall tracepoint argument assignment (git-fixes). * KVM: x86: Return the VM's configured APIC bus frequency when queried (git- fixes). * media: i2c: og01a1b: Fix V4L2 subdevice data initialization on probe (git- fixes). * media: i2c: og01a1b: Replace client->dev usage (stable-fixes). * net: mana: Add NULL guards in teardown path to prevent panic on attach failure (git-fixes). * net: mana: Expose hardware diagnostic info via debugfs (bsc#1266414). * net: mana: Fix TOCTOU double-fetch of hwc_msg_id from DMA buffer (bsc#1265928). * net: mana: hardening: Reject zero max_num_queues from GDMA_QUERY_MAX_RESOURCES (git-fixes). * net: mana: hardening: Reject zero max_num_queues from MANA_QUERY_VPORT_CONFIG (git-fixes). * net: mana: Skip redundant detach on already-detached port (git-fixes). * net: mana: Use kvmalloc for large RX queue and buffer allocations (bsc#1266765). * net: mana: Use per-queue allocation for tx_qp to reduce allocation size (bsc#1266765). * net: mana: validate rx_req_idx to prevent out-of-bounds array access (bsc#1266402). * parport: Fix race between port and client registration (git-fixes). * platform/surface: aggregator_registry: omit battery & AC nodes on Surface Laptop 7 (git-fixes). * platform/x86: adv_swbutton: Check ACPI_HANDLE() against NULL (git-fixes). * platform/x86: hp_accel: Check ACPI_COMPANION() against NULL (git-fixes). * platform/x86: intel-hid: Check ACPI_HANDLE() against NULL (git-fixes). * platform/x86: intel-vbtn: Check ACPI_HANDLE() against NULL (git-fixes). * RDMA/efa: Check stored completion CTX command ID with received one (git- fixes). * RDMA/efa: Extend admin timeout error print (git-fixes). * RDMA/efa: Fix possible deadlock (git-fixes). * RDMA/efa: Improve admin completion context state machine (git-fixes). * RDMA/mana_ib: Report max_msg_sz in mana_ib_query_port (git-fixes). * Revert "ACPI: CPPC: Adjust debug messages in amd_set_max_freq_ratio() to warn" (git-fixes). * s390/pfault: Fix virtual vs physical address confusion (bsc#1262754). * scsi: devinfo: Add BLIST_SKIP_IO_HINTS for Iomega ZIP (git-fixes). * scsi: mpi3mr: Clear reset history on ready and recheck state after timeout (git-fixes). * scsi: ses: Handle positive SCSI error from ses_recv_diag() (git-fixes). * scsi: ufs: core: Fix shift out of bounds when MAXQ=32 (git-fixes). * security/keys: fix missed RCU read section on lookup (stable-fixes). * serial: fsl_lpuart: fix rx buffer and DMA map leaks in start_rx_dma (git- fixes). * serial: qcom-geni: fix UART_RX_PAR_EN bit position (git-fixes). * serial: qcom_geni: fix kfifo underflow when flush precedes DMA completion IRQ (git-fixes). * smb: client: reject userspace cifs.spnego descriptions (bsc#1266238). * spi: ep93xx: fix error pointer deref after DMA setup failure (git-fixes). * spi: mtk-snfi: Fix resource leak in mtk_snand_read_page_cache() (git-fixes). * spi: qup: fix error pointer deref after DMA setup failure (git-fixes). * spi: sprd: fix error pointer deref after DMA setup failure (git-fixes). * spi: ti-qspi: fix use-after-free after DMA setup failure (git-fixes). * thunderbolt: property: Reject dir_len < 4 to prevent size_t underflow (git- fixes). * thunderbolt: property: Reject u32 wrap in tb_property_entry_valid() (git- fixes). * tracing: Switch trace_osnoise.c code over to use guard() and __free() (bsc#1262634). * tty: serial: pch_uart: add check for dma_alloc_coherent() (git-fixes). * tty: serial: samsung: Remove redundant port lock acquisition in rx helpers (git-fixes). * USB: cdc-acm: Fix bit overlap and move quirk definitions to header (git- fixes). * usb: cdns3: gadget: fix request skipping after clearing halt (git-fixes). * usb: cdns3: plat: fix leaked usb2_phy initialization on usb3_phy acquisition failure (git-fixes). * usb: chipidea: core: convert ci_role_switch to local variable (git-fixes). * usb: dwc2: Fix use after free in debug code (git-fixes). * usb: gadget: composite: fix integer underflow in WebUSB GET_URL handling (git-fixes). * usb: gadget: dummy_hcd: Reject hub port requests for non-existent ports (git-fixes). * usb: gadget: f_fs: copy only received bytes on short ep0 read (git-fixes). * usb: gadget: f_fs: serialize DMABUF cancel against request completion (git- fixes). * usb: gadget: f_hid: fix device reference leak in hidg_alloc() (git-fixes). * usb: gadget: net2280: Fix double free in probe error path (git-fixes). * usb: gadget: uvc: hold opts->lock across XU walks in uvc_function_bind (git- fixes). * USB: serial: belkin_sa: validate interrupt status length (git-fixes). * USB: serial: cypress_m8: validate interrupt packet headers (git-fixes). * USB: serial: keyspan: fix missing indat transfer sanity check (git-fixes). * USB: serial: mct_u232: fix missing interrupt-in transfer sanity check (git- fixes). * USB: serial: mxuport: fix memory corruption with small endpoint (git-fixes). * USB: serial: omninet: fix memory corruption with small endpoint (git-fixes). * USB: serial: option: add missing RSVD(5) flag for Rolling RW135R-GL (git- fixes). * USB: serial: safe_serial: fix memory corruption with small endpoint (git- fixes). * usb: typec: tcpm: improve handling of DISCOVER_MODES failures (git-fixes). * usb: typec: ucsi: Don't update power_supply on power role change if not connected (git-fixes). * usb: usbtmc: check URB actual_length for interrupt-IN notifications (git- fixes). * usb: usbtmc: reject interrupt endpoints with small wMaxPacketSize (git- fixes). * usbip: vudc: Fix use after free bug in vudc_remove due to race condition (git-fixes). * virt: sev-guest: Explicitly leak pages in unknown state (git-fixes). * wifi: ath10k: skip WMI and beacon transmission when device is wedged (git- fixes). * wifi: ath11k: clear shared SRNG pointer state on restart (git-fixes). * wifi: ath11k: fix error path leak in ath11k_tm_cmd_wmi_ftm() (git-fixes). * wifi: ath11k: fix error path leaks in some WMI calls (git-fixes). * wifi: ath11k: fix error path leaks in some WMI WOW calls (git-fixes). * wifi: ath11k: fix peer resolution on rx path when peer_id=0 (git-fixes). * wifi: ath11k: fix use after free in ath11k_dp_rx_msdu_coalesce() (git- fixes). * wifi: cfg80211: advance loop vars in cfg80211_merge_profile() (git-fixes). * wifi: mac80211: consume only present negotiated TTLM maps (git-fixes). * wifi: mac80211: fix MLE defragmentation (git-fixes). * wifi: mac80211: fix multi-link element inheritance (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-897=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le x86_64) * kernel-default-base-6.12.0-160000.34.1.160000.2.15 * SUSE Linux Micro 6.2 (noarch) * kernel-devel-6.12.0-160000.34.1 * kernel-source-6.12.0-160000.34.1 * kernel-macros-6.12.0-160000.34.1 * SUSE Linux Micro 6.2 (aarch64 nosrc) * kernel-64kb-6.12.0-160000.34.1 * SUSE Linux Micro 6.2 (aarch64) * kernel-64kb-debuginfo-6.12.0-160000.34.1 * kernel-64kb-debugsource-6.12.0-160000.34.1 * kernel-64kb-devel-6.12.0-160000.34.1 * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.12.0-160000.34.1 * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-6.12.0-160000.34.1 * kernel-default-extra-debuginfo-6.12.0-160000.34.1 * kernel-default-debuginfo-6.12.0-160000.34.1 * kernel-default-debugsource-6.12.0-160000.34.1 * kernel-default-extra-6.12.0-160000.34.1 * SUSE Linux Micro 6.2 (ppc64le s390x x86_64) * kernel-default-livepatch-6.12.0-160000.34.1 * SUSE Linux Micro 6.2 (x86_64) * kernel-default-devel-debuginfo-6.12.0-160000.34.1 * kernel-rt-devel-debuginfo-6.12.0-160000.34.1 * kernel-rt-livepatch-6.12.0-160000.34.1 * SUSE Linux Micro 6.2 (aarch64 nosrc x86_64) * kernel-rt-6.12.0-160000.34.1 * SUSE Linux Micro 6.2 (aarch64 x86_64) * kernel-rt-debugsource-6.12.0-160000.34.1 * kernel-rt-debuginfo-6.12.0-160000.34.1 * kernel-rt-devel-6.12.0-160000.34.1 ## References: * https://www.suse.com/security/cve/CVE-2023-20585.html * https://www.suse.com/security/cve/CVE-2026-23359.html * https://www.suse.com/security/cve/CVE-2026-23380.html * https://www.suse.com/security/cve/CVE-2026-23444.html * https://www.suse.com/security/cve/CVE-2026-31464.html * https://www.suse.com/security/cve/CVE-2026-31480.html * https://www.suse.com/security/cve/CVE-2026-31483.html * https://www.suse.com/security/cve/CVE-2026-31493.html * https://www.suse.com/security/cve/CVE-2026-3150.html * https://www.suse.com/security/cve/CVE-2026-31516.html * https://www.suse.com/security/cve/CVE-2026-31521.html * https://www.suse.com/security/cve/CVE-2026-31568.html * https://www.suse.com/security/cve/CVE-2026-31575.html * https://www.suse.com/security/cve/CVE-2026-31613.html * https://www.suse.com/security/cve/CVE-2026-31614.html * https://www.suse.com/security/cve/CVE-2026-31729.html * https://www.suse.com/security/cve/CVE-2026-31736.html * https://www.suse.com/security/cve/CVE-2026-43009.html * https://www.suse.com/security/cve/CVE-2026-43012.html * https://www.suse.com/security/cve/CVE-2026-43013.html * https://www.suse.com/security/cve/CVE-2026-43054.html * https://www.suse.com/security/cve/CVE-2026-43112.html * https://www.suse.com/security/cve/CVE-2026-43234.html * https://www.suse.com/security/cve/CVE-2026-43252.html * https://www.suse.com/security/cve/CVE-2026-43325.html * https://www.suse.com/security/cve/CVE-2026-43328.html * https://www.suse.com/security/cve/CVE-2026-43333.html * https://www.suse.com/security/cve/CVE-2026-43338.html * https://www.suse.com/security/cve/CVE-2026-43341.html * https://www.suse.com/security/cve/CVE-2026-43359.html * https://www.suse.com/security/cve/CVE-2026-43360.html * https://www.suse.com/security/cve/CVE-2026-43361.html * https://www.suse.com/security/cve/CVE-2026-43362.html * https://www.suse.com/security/cve/CVE-2026-43414.html * https://www.suse.com/security/cve/CVE-2026-43499.html * https://www.suse.com/security/cve/CVE-2026-45843.html * https://www.suse.com/security/cve/CVE-2026-46110.html * https://www.suse.com/security/cve/CVE-2026-46243.html * https://bugzilla.suse.com/show_bug.cgi?id=1243603 * https://bugzilla.suse.com/show_bug.cgi?id=1260539 * https://bugzilla.suse.com/show_bug.cgi?id=1260584 * https://bugzilla.suse.com/show_bug.cgi?id=1261590 * https://bugzilla.suse.com/show_bug.cgi?id=1262634 * https://bugzilla.suse.com/show_bug.cgi?id=1262656 * https://bugzilla.suse.com/show_bug.cgi?id=1262668 * https://bugzilla.suse.com/show_bug.cgi?id=1262754 * https://bugzilla.suse.com/show_bug.cgi?id=1262755 * https://bugzilla.suse.com/show_bug.cgi?id=1262771 * https://bugzilla.suse.com/show_bug.cgi?id=1263067 * https://bugzilla.suse.com/show_bug.cgi?id=1263068 * https://bugzilla.suse.com/show_bug.cgi?id=1263102 * https://bugzilla.suse.com/show_bug.cgi?id=1263169 * https://bugzilla.suse.com/show_bug.cgi?id=1263769 * https://bugzilla.suse.com/show_bug.cgi?id=1263774 * https://bugzilla.suse.com/show_bug.cgi?id=1263908 * https://bugzilla.suse.com/show_bug.cgi?id=1264011 * https://bugzilla.suse.com/show_bug.cgi?id=1264014 * https://bugzilla.suse.com/show_bug.cgi?id=1264016 * https://bugzilla.suse.com/show_bug.cgi?id=1264063 * https://bugzilla.suse.com/show_bug.cgi?id=1264112 * https://bugzilla.suse.com/show_bug.cgi?id=1264300 * https://bugzilla.suse.com/show_bug.cgi?id=1264409 * https://bugzilla.suse.com/show_bug.cgi?id=1264437 * https://bugzilla.suse.com/show_bug.cgi?id=1264669 * https://bugzilla.suse.com/show_bug.cgi?id=1264716 * https://bugzilla.suse.com/show_bug.cgi?id=1264719 * https://bugzilla.suse.com/show_bug.cgi?id=1264720 * https://bugzilla.suse.com/show_bug.cgi?id=1264722 * https://bugzilla.suse.com/show_bug.cgi?id=1264726 * https://bugzilla.suse.com/show_bug.cgi?id=1264832 * https://bugzilla.suse.com/show_bug.cgi?id=1264989 * https://bugzilla.suse.com/show_bug.cgi?id=1265044 * https://bugzilla.suse.com/show_bug.cgi?id=1265110 * https://bugzilla.suse.com/show_bug.cgi?id=1265925 * https://bugzilla.suse.com/show_bug.cgi?id=1265928 * https://bugzilla.suse.com/show_bug.cgi?id=1266001 * https://bugzilla.suse.com/show_bug.cgi?id=1266238 * https://bugzilla.suse.com/show_bug.cgi?id=1266307 * https://bugzilla.suse.com/show_bug.cgi?id=1266395 * https://bugzilla.suse.com/show_bug.cgi?id=1266402 * https://bugzilla.suse.com/show_bug.cgi?id=1266414 * https://bugzilla.suse.com/show_bug.cgi?id=1266759 * https://bugzilla.suse.com/show_bug.cgi?id=1266765 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 9 20:31:56 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jun 2026 20:31:56 -0000 Subject: SUSE-SU-2026:22047-1: moderate: Security update for NetworkManager Message-ID: <178103711695.427.10963218881637330079@f2d68789a884> # Security update for NetworkManager Announcement ID: SUSE-SU-2026:22047-1 Release Date: 2026-06-05T13:49:14Z Rating: moderate References: * bsc#1257359 * bsc#1257366 Cross-References: * CVE-2025-9615 CVSS scores: * CVE-2025-9615 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-9615 ( NVD ): 3.3 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves one vulnerability and has one fix can now be installed. ## Description: This update for NetworkManager fixes the following issues: Security fixes: \- CVE-2025-9615: Fixed non-admin user using others' certificates (bsc#1257359). Other fixes: \- Accept localhost hostnames if static (bsc#1257366) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-896=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * NetworkManager-wwan-1.52.0-160000.4.1 * libnm0-1.52.0-160000.4.1 * typelib-1_0-NM-1_0-1.52.0-160000.4.1 * NetworkManager-bluetooth-debuginfo-1.52.0-160000.4.1 * NetworkManager-cloud-setup-1.52.0-160000.4.1 * NetworkManager-pppoe-1.52.0-160000.4.1 * NetworkManager-1.52.0-160000.4.1 * NetworkManager-debuginfo-1.52.0-160000.4.1 * NetworkManager-tui-1.52.0-160000.4.1 * NetworkManager-pppoe-debuginfo-1.52.0-160000.4.1 * NetworkManager-wwan-debuginfo-1.52.0-160000.4.1 * NetworkManager-tui-debuginfo-1.52.0-160000.4.1 * NetworkManager-cloud-setup-debuginfo-1.52.0-160000.4.1 * NetworkManager-bluetooth-1.52.0-160000.4.1 * libnm0-debuginfo-1.52.0-160000.4.1 * NetworkManager-debugsource-1.52.0-160000.4.1 ## References: * https://www.suse.com/security/cve/CVE-2025-9615.html * https://bugzilla.suse.com/show_bug.cgi?id=1257359 * https://bugzilla.suse.com/show_bug.cgi?id=1257366 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 9 20:32:02 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jun 2026 20:32:02 -0000 Subject: SUSE-SU-2026:22046-1: moderate: Security update for dpkg Message-ID: <178103712258.427.15370882215471655924@f2d68789a884> # Security update for dpkg Announcement ID: SUSE-SU-2026:22046-1 Release Date: 2026-06-05T13:44:58Z Rating: moderate References: * bsc#1259385 Cross-References: * CVE-2026-2219 CVSS scores: * CVE-2026-2219 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-2219 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-2219 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves one vulnerability can now be installed. ## Description: This update for dpkg fixes the following issue: * CVE-2026-2219: dpkg-deb: malformed .deb archives can cause a denial of service (bsc#1259385). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-894=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * update-alternatives-debugsource-1.22.21-160000.3.1 * update-alternatives-1.22.21-160000.3.1 * update-alternatives-debuginfo-1.22.21-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-2219.html * https://bugzilla.suse.com/show_bug.cgi?id=1259385 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 9 20:32:22 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jun 2026 20:32:22 -0000 Subject: SUSE-SU-2026:22045-1: critical: Security update for samba Message-ID: <178103714244.427.10889982410827966016@f2d68789a884> # Security update for samba Announcement ID: SUSE-SU-2026:22045-1 Release Date: 2026-06-05T08:34:04Z Rating: critical References: * bsc#1249058 * bsc#1255755 * bsc#1257200 * bsc#1259050 * bsc#1259667 * bsc#1261158 * bsc#1261159 * bsc#1261160 * bsc#1261161 * bsc#1261163 * bsc#1261188 Cross-References: * CVE-2026-1933 * CVE-2026-2340 * CVE-2026-3012 * CVE-2026-3238 * CVE-2026-4408 * CVE-2026-4480 CVSS scores: * CVE-2026-1933 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-1933 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-1933 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-1933 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2026-2340 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-2340 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2026-2340 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2026-3012 ( SUSE ): 7.6 CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-3012 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N * CVE-2026-3012 ( NVD ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-3012 ( NVD ): 8.0 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N * CVE-2026-3238 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3238 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-4408 ( SUSE ): 9.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-4408 ( SUSE ): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-4408 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-4408 ( NVD ): 9.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2026-4480 ( SUSE ): 10.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-4480 ( SUSE ): 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2026-4480 ( NVD ): 9.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2026-4480 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves six vulnerabilities and has five fixes can now be installed. ## Description: This update for samba fixes the following issues Security issues: * CVE-2026-1933: Missing access check on reparse point operations (bsc#1261188). * CVE-2026-2340: vfs_worm does not block directory modification (bsc#1261158). * CVE-2026-3012: group policy certificate enrollment uses http: // without validation (bsc#1261159). * CVE-2026-3238: unauthenticated udp packet crashes AD DC nbt server (bsc#1261160). * CVE-2026-4408: Remote Code Execution in SAMR (bsc#1261163). * CVE-2026-4480: Unauthenticated Remote Code Execution (bsc#1261161). Changes for samba: * network:samba:STABLE/samba: "use-kerberos=desired" broken / Dolphin requires login for Samba shares (bsc#1255755). * Samba service start times out (SElinux relabel takes too long) (bsc#1259050). * samba-ad-dc-libs packages is missing a DLZ plugin for bind 9.20 (bsc#1249058). * VFS_Snapper does not show previous file versions in subdirectories. (bsc#1259667). * Updated to 4.22.9 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-890=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * samba-client-libs-debuginfo-4.22.9+git.506.22c03ce0781-160000.1.1 * samba-debugsource-4.22.9+git.506.22c03ce0781-160000.1.1 * libldb2-debuginfo-4.22.9+git.506.22c03ce0781-160000.1.1 * libldb2-4.22.9+git.506.22c03ce0781-160000.1.1 * samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1 * samba-debuginfo-4.22.9+git.506.22c03ce0781-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-1933.html * https://www.suse.com/security/cve/CVE-2026-2340.html * https://www.suse.com/security/cve/CVE-2026-3012.html * https://www.suse.com/security/cve/CVE-2026-3238.html * https://www.suse.com/security/cve/CVE-2026-4408.html * https://www.suse.com/security/cve/CVE-2026-4480.html * https://bugzilla.suse.com/show_bug.cgi?id=1249058 * https://bugzilla.suse.com/show_bug.cgi?id=1255755 * https://bugzilla.suse.com/show_bug.cgi?id=1257200 * https://bugzilla.suse.com/show_bug.cgi?id=1259050 * https://bugzilla.suse.com/show_bug.cgi?id=1259667 * https://bugzilla.suse.com/show_bug.cgi?id=1261158 * https://bugzilla.suse.com/show_bug.cgi?id=1261159 * https://bugzilla.suse.com/show_bug.cgi?id=1261160 * https://bugzilla.suse.com/show_bug.cgi?id=1261161 * https://bugzilla.suse.com/show_bug.cgi?id=1261163 * https://bugzilla.suse.com/show_bug.cgi?id=1261188 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 9 20:32:41 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jun 2026 20:32:41 -0000 Subject: SUSE-SU-2026:22042-1: important: Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 16) Message-ID: <178103716157.427.8637274871087172470@f2d68789a884> # Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:22042-1 Release Date: 2026-06-02T18:38:15Z Rating: important References: * bsc#1259798 * bsc#1260563 * bsc#1260908 * bsc#1264096 * bsc#1265224 * bsc#1265384 Cross-References: * CVE-2025-54518 * CVE-2026-23243 * CVE-2026-23274 * CVE-2026-23317 * CVE-2026-46300 * CVE-2026-46333 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46300 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46333 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.26.1 fixes various security issues The following security issues were fixed: * CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). * CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). * CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-879=1 ## Package List: * SUSE Linux Micro 6.2 (ppc64le s390x x86_64) * kernel-livepatch-SLE16_Update_5-debugsource-6-160000.1.1 * kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1 * kernel-livepatch-6_12_0-160000_26-default-debuginfo-6-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://www.suse.com/security/cve/CVE-2026-46333.html * https://bugzilla.suse.com/show_bug.cgi?id=1259798 * https://bugzilla.suse.com/show_bug.cgi?id=1260563 * https://bugzilla.suse.com/show_bug.cgi?id=1260908 * https://bugzilla.suse.com/show_bug.cgi?id=1264096 * https://bugzilla.suse.com/show_bug.cgi?id=1265224 * https://bugzilla.suse.com/show_bug.cgi?id=1265384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 9 20:33:49 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jun 2026 20:33:49 -0000 Subject: SUSE-SU-2026:22043-1: important: Security update for the Linux Kernel Message-ID: <178103722941.427.12207015988509680388@f2d68789a884> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:22043-1 Release Date: 2026-06-05T16:14:08Z Rating: important References: * bsc#1243603 * bsc#1260539 * bsc#1260584 * bsc#1261590 * bsc#1262634 * bsc#1262656 * bsc#1262668 * bsc#1262754 * bsc#1262755 * bsc#1262771 * bsc#1263067 * bsc#1263068 * bsc#1263102 * bsc#1263169 * bsc#1263769 * bsc#1263774 * bsc#1263908 * bsc#1264011 * bsc#1264014 * bsc#1264016 * bsc#1264063 * bsc#1264112 * bsc#1264300 * bsc#1264409 * bsc#1264437 * bsc#1264669 * bsc#1264716 * bsc#1264719 * bsc#1264720 * bsc#1264722 * bsc#1264726 * bsc#1264832 * bsc#1264989 * bsc#1265044 * bsc#1265110 * bsc#1265925 * bsc#1265928 * bsc#1266001 * bsc#1266238 * bsc#1266307 * bsc#1266395 * bsc#1266402 * bsc#1266414 * bsc#1266759 * bsc#1266765 Cross-References: * CVE-2023-20585 * CVE-2026-23359 * CVE-2026-23380 * CVE-2026-23444 * CVE-2026-31464 * CVE-2026-31480 * CVE-2026-31483 * CVE-2026-31493 * CVE-2026-3150 * CVE-2026-31516 * CVE-2026-31521 * CVE-2026-31568 * CVE-2026-31575 * CVE-2026-31613 * CVE-2026-31614 * CVE-2026-31729 * CVE-2026-31736 * CVE-2026-43009 * CVE-2026-43012 * CVE-2026-43013 * CVE-2026-43054 * CVE-2026-43112 * CVE-2026-43234 * CVE-2026-43252 * CVE-2026-43325 * CVE-2026-43328 * CVE-2026-43333 * CVE-2026-43338 * CVE-2026-43341 * CVE-2026-43359 * CVE-2026-43360 * CVE-2026-43361 * CVE-2026-43362 * CVE-2026-43414 * CVE-2026-43499 * CVE-2026-45843 * CVE-2026-46110 * CVE-2026-46243 CVSS scores: * CVE-2023-20585 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2023-20585 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2023-20585 ( NVD ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23359 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23359 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23359 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23380 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23380 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23380 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23444 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23444 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23444 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23444 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31464 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-31464 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31464 ( NVD ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31480 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31480 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31480 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31483 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31483 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-31483 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31493 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31493 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31493 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-3150 ( NVD ): 2.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-3150 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2026-3150 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31516 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31516 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31516 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31521 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31521 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31521 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31568 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31568 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31568 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31575 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31575 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31613 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31613 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31613 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2026-31614 ( SUSE ): 6.1 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31614 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31614 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31729 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31729 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31729 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31736 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31736 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31736 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43009 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43012 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43012 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43013 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43054 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43054 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43112 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43112 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43112 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-43234 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43234 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43252 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43252 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43325 ( SUSE ): 6.0 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43325 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43325 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43328 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43328 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43333 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43333 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2026-43333 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43338 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43338 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43338 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43341 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43341 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43359 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43359 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-43359 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43360 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43360 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43360 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43361 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43361 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-43361 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43362 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2026-43362 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L * CVE-2026-43362 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H * CVE-2026-43414 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43414 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-43414 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43499 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43499 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43499 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45843 ( SUSE ): 7.0 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-45843 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L * CVE-2026-45843 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N * CVE-2026-46110 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46110 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46110 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46243 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Micro 6.2 * SUSE Linux Micro Extras 6.2 An update that solves 38 vulnerabilities and has seven fixes can now be installed. ## Description: The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2023-20585: iommu/amd: Use maximum Event log buffer size when SNP is enabled on Family 0x19 (bsc#1243603). * CVE-2026-3150: bcache: fix cached_dev.sb_bio use-after-free and crash (bsc#1263169). * CVE-2026-23359: bpf: Fix stack-out-of-bounds write in devmap (bsc#1260584). * CVE-2026-23380: tracing: Fix WARN_ON in tracing_buffers_mmap_close (bsc#1260539). * CVE-2026-23444: wifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure (bsc#1266307). * CVE-2026-31464: scsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done() (bsc#1262656). * CVE-2026-31480: tracing: Fix potential deadlock in cpu hotplug with osnoise (bsc#1262634). * CVE-2026-31483: s390/barrier: Make array_index_mask_nospec() __always_inline (bsc#1261590 bsc#1262771). * CVE-2026-31493: RDMA/efa: Fix use of completion ctx after free (bsc#1262668). * CVE-2026-31516: xfrm: prevent policy_hthresh.work from racing with netns teardown (bsc#1262755). * CVE-2026-31521: module: Fix kernel panic when a symbol st_shndx is out of bounds (bsc#1263102). * CVE-2026-31568: s390/mm: Add missing secure storage access fixups for donated memory (bsc#1263068). * CVE-2026-31575: mm/userfaultfd: fix hugetlb fault mutex hash calculation (bsc#1263067). * CVE-2026-31613: smb: client: fix OOB reads parsing symlink error response (bsc#1263769). * CVE-2026-31614: smb: client: fix off-by-8 bounds check in check_wsl_eas() (bsc#1263774). * CVE-2026-31729: usb: typec: ucsi: validate connector number in ucsi_notify_common() (bsc#1264112). * CVE-2026-31736: net: ethernet: mtk_ppe: avoid NULL deref when gmac0 is disabled (bsc#1263908). * CVE-2026-43012: net/mlx5: Fix switchdev mode rollback in case of failure (bsc#1264016). * CVE-2026-43013: net/mlx5: lag: Check for LAG device before creating debugfs (bsc#1264011). * CVE-2026-43054: scsi: target: tcm_loop: Drain commands in target_reset handler (bsc#1264063). * CVE-2026-43112: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath (bsc#1264437). * CVE-2026-43234: team: avoid NETDEV_CHANGEMTU event when unregistering slave (bsc#1264409). * CVE-2026-43252: mptcp: pm: in-kernel: always set ID as avail when rm endp (bsc#1264300). * CVE-2026-43325: wifi: iwlwifi: mvm: don't send a 6E related command when not supported (bsc#1265110). * CVE-2026-43328: cpufreq: governor: fix double free in cpufreq_dbs_governor_init() error path (bsc#1264832). * CVE-2026-43333: bpf: reject direct access to nullable PTR_TO_BUF pointers (bsc#1264726). * CVE-2026-43338: btrfs: reserve enough transaction items for qgroup ioctls (bsc#1264716). * CVE-2026-43341: net/ipv6: ioam6: prevent schema length wraparound in trace fill (bsc#1265044). * CVE-2026-43359: btrfs: fix transaction abort on set received ioctl due to item overflow (bsc#1264719). * CVE-2026-43360: btrfs: fix transaction abort on file creation due to name hash collision (bsc#1264720). * CVE-2026-43361: btrfs: fix transaction abort when snapshotting received subvolumes (bsc#1264722). * CVE-2026-43362: smb: client: fix in-place encryption corruption in SMB2_write() (bsc#1264989). * CVE-2026-43414: scsi: qla2xxx: Completely fix fcport double free (bsc#1264669). * CVE-2026-43499: rtmutex: Use waiter::task instead of current in remove_waiter() (bsc#1266001). * CVE-2026-45843: slip: bound decode() reads against the compressed packet length (bsc#1266395). * CVE-2026-46110: net: stmmac: rename STMMAC_GET_ENTRY() -> STMMAC_NEXT_ENTRY() (bsc#1266759). The following non security issues were fixed: * ACPI: x86: cmos_rtc: Clean up address space handler driver (stable-fixes). * ACPI: x86: cmos_rtc: Improve coordination with ACPI TAD driver (git-fixes). * ALSA: asihpi: Fix potential OOB array access at reading cache (stable- fixes). * ALSA: hda/conexant: Renaming the codec with device ID 0x1f86 and 0x1f87 (stable-fixes). * ALSA: pcm: Don't setup bogus iov_iter for silencing (git-fixes). * ALSA: pcm: oss: Fix setup list UAF on proc write error (git-fixes). * ALSA: scarlett2: Fix 2i2 Gen 4 direct monitor gain on firmware 2417 (git- fixes). * ALSA: seq: avoid past-the-end iterator in snd_seq_create_port() (git-fixes). * ALSA: seq: Serialize UMP output teardown with event_input (git-fixes). * ALSA: timer: avoid past-the-end iterator in snd_timer_dev_register() (git- fixes). * ALSA: ua101: Reject too-short USB descriptors (git-fixes). * arm64: tlb: Flush walk cache when unsharing PMD tables (git-fixes). * ASoC: codecs: simple-mux: Fix enum control bounds check (git-fixes). * ASoC: cs35l56: Fix flushing of IRQ work in cs35l56_sdw_remove() (git-fixes). * ASoC: Intel: bytcht_es8316: Fix MCLK leak on init errors (git-fixes). * ASoC: qcom: q6asm-dai: close stream only when running (git-fixes). * ASoC: qcom: q6asm-dai: do not set stream state in event and trigger callbacks (git-fixes). * ASoC: qcom: q6asm-dai: fix error handling in prepare and set_params (git- fixes). * ASoC: SOF: ipc3: Use standard dev_dbg API (stable-fixes). * auxdisplay: line-display: fix OOB read on zero-length message_store() (git- fixes). * bcache: fix uninitialized closure object (git-fixes). * Bluetooth: 6lowpan: check skb_clone() return value in send_mcast_pkt() (git- fixes). * Bluetooth: bnep: Fix UAF read of dev->name (git-fixes). * Bluetooth: btmtk: accept too short WMT FUNC_CTRL events (git-fixes). * Bluetooth: btmtk: fix urb->setup_packet leak in error paths (git-fixes). * Bluetooth: btusb: Allow firmware re-download when version matches (git- fixes). * Bluetooth: fix UAF in l2cap_sock_cleanup_listen() vs l2cap_conn_del() (git- fixes). * Bluetooth: hci_sync: fix UAF in hci_le_create_cis_sync (git-fixes). * Bluetooth: hci_sync: Set HCI_CMD_DRAIN_WORKQUEUE during device close (git- fixes). * Bluetooth: hci_uart: fix UAFs and race conditions in close and init paths (git-fixes). * Bluetooth: HIDP: fix missing length checks in hidp_input_report() (git- fixes). * Bluetooth: ISO: drop ISO_END frames received without prior ISO_START (git- fixes). * Bluetooth: ISO: fix UAF in iso_recv_frame (git-fixes). * Bluetooth: ISO: serialize iso_sock_clear_timer with socket lock (git-fixes). * Bluetooth: l2cap: clear chan->ident on ECRED reconfiguration success (git- fixes). * Bluetooth: L2CAP: ecred_reconfigure: send packed pdu, not stack pointer (git-fixes). * Bluetooth: L2CAP: fix chan ref leak in l2cap_chan_timeout() on !conn (git- fixes). * Bluetooth: L2CAP: Fix possible crash on l2cap_ecred_conn_rsp (git-fixes). * Bluetooth: L2CAP: use chan timer to close channels in cleanup_listen() (git- fixes). * Bluetooth: MGMT: validate Add Extended Advertising Data length (git-fixes). * Bluetooth: serialize accept_q access (git-fixes). * btrfs: do not mark inode incompressible after inline attempt fails (git- fixes). * comedi: comedi_test: fix check for valid scan_begin_src in waveform_ai_cmdtest() (git-fixes). * comedi: comedi_test: Fix limiting of convert_arg in waveform_ai_cmdtest() (git-fixes). * device property: set fwnode->secondary to NULL in fwnode_init() (git-fixes). * dm: fix a buffer overflow in ioctl processing (git-fixes). * drm/amd/display: Fix integer overflow in bios_get_image() (stable-fixes). * drm/amd/display: Validate GPIO pin LUT table size before iterating (stable- fixes). * drm/amd/display: Validate payload length and link_index in dc_process_dmub_aux_transfer_async (stable-fixes). * drm/amd/pm/si: Disregard vblank time when no displays are connected (git- fixes). * drm/amdgpu/uvd3.1: Don't validate the firmware when already validated (git- fixes). * drm/amdgpu/uvd4.2: Don't initialize UVD 4.2 when DPM is disabled (git- fixes). * drm/amdgpu/vce2: Fix VCE 2 firmware size and offsets (git-fixes). * drm/amdgpu/vce3: Fix VCE 3 firmware size and offsets (git-fixes). * drm/amdgpu/vpe: Force collaborate sync after TRAP (stable-fixes). * drm/amdgpu: add amdgpu_device reference in ip block (stable-fixes). * drm/amdgpu: fix spelling typos (stable-fixes). * drm/amdgpu: update the handle ptr in dump_ip_state (stable-fixes). * drm/amdgpu: update the handle ptr in early_init (stable-fixes). * drm/bridge: chipone-icn6211: use devm_drm_bridge_add in i2c probe (git- fixes). * drm/bridge: it66121: acquire reset GPIO in probe (git-fixes). * drm/bridge: megachips: remove bridge when irq request fails (git-fixes). * drm/hyperv: validate resolution_count and fix WIN8 fallback (git-fixes). * drm/hyperv: validate VMBus packet size in receive callback (git-fixes). * drm/i915/dp: Fix readback for target_rr in Adaptive Sync SDP (git-fixes). * drm/i915: Fix potential UAF in TTM object purge (git-fixes). * drm/msm/dsi: don't dump registers past the mapped region (git-fixes). * drm/msm/snapshot: fix dumping of the unaligned regions (git-fixes). * drm/radeon/evergreen_cs: Add missing NULL prefix check in surface check (git-fixes). * drm/virtio: use uninterruptible resv lock for plane updates (git-fixes). * drm/xe/gsc: Fix double-free of managed BO in error path (git-fixes). * drm/xe/oa: Fix exec_queue leak on width check in stream open (git-fixes). * drm/xe/pf: Fix CFI failure in debugfs access (git-fixes). * drm/xe/vf: Fix signature of print functions (git-fixes). * drm/xe: Define CACHE_MODE_1 as MCR register (git-fixes). * efi: Allocate runtime workqueue before ACPI init (git-fixes). * firmware: arm_ffa: Align RxTx buffer size before mapping (git-fixes). * firmware: arm_ffa: Check for NULL FF-A ID table while driver registration (git-fixes). * firmware: arm_ffa: Fix per-vcpu self notifications handling in workqueue (git-fixes). * firmware: arm_ffa: Skip free_pages on RX buffer alloc failure (git-fixes). * gve: Add RSS cache for non RSS device option scenario (bsc#1265925). * gve: add XDP DROP and PASS support for DQ (bsc#1265925). * gve: Enable reading max ring size from the device in DQO-QPL mode (bsc#1265925). * gve: introduce config-based allocation for XDP (bsc#1265925). * gve: merge packet buffer size fields (bsc#1265925). * gve: remove xdp_xsk_done and xdp_xsk_wakeup statistics (bsc#1265925). * gve: update GQ RX to use buf_size (bsc#1265925). * gve: Update QPL page registration logic (bsc#1265925). * gve: update XDP allocation path support RX buffer posting (bsc#1265925). * HID: playstation: Clamp num_touch_reports (git-fixes). * HID: quirks: really enable the intended work around for appledisplay (git- fixes). * HID: uclogic: Fix regression of input name assignment (git-fixes). * hwmon: (lenovo-ec-sensors): Convert to devm_request_region() (git-fixes). * hwmon: (lenovo-ec-sensors): Fix EC "MCHP" signature validation logic (git- fixes). * hwmon: (pmbus/adm1266) bounce blackbox records through a protocol-sized buffer (git-fixes). * hwmon: (pmbus/adm1266) cap PDIO scan in get_multiple at ADM1266_PDIO_NR (git-fixes). * hwmon: (pmbus/adm1266) don't clobber GPIO bits before PDIO read in get_multiple (git-fixes). * hwmon: (pmbus/adm1266) include adapter number in GPIO line label (git- fixes). * hwmon: (pmbus/adm1266) include PEC byte in pmbus_block_xfer read buffer (git-fixes). * hwmon: (pmbus/adm1266) register the gpio_chip after pmbus_do_probe() (git- fixes). * hwmon: (pmbus/adm1266) register the nvmem device after pmbus_do_probe() (git-fixes). * hwmon: (pmbus/adm1266) reject implausible blackbox record_count (git-fixes). * hwmon: (pmbus/adm1266) reject short block-read responses in the GPIO accessors (git-fixes). * hwmon: (pmbus/adm1266) seed timestamp from the real-time clock (git-fixes). * hwmon: (pmbus/adm1266) widen blackbox-info buffer to I2C_SMBUS_BLOCK_MAX (git-fixes). * iio: adc: mt6359: fix unchecked return value in mt6358_read_imp (git-fixes). * iio: adc: npcm: fix unbalanced clk_disable_unprepare() (git-fixes). * iio: adc: viperboard: Fix error handling in vprbrd_iio_read_raw (git-fixes). * iio: adc: xilinx-xadc: Fix sequencer mode in postdisable for dual mux (git- fixes). * iio: buffer: Fix DMA fence leak in iio_buffer_enqueue_dmabuf() (git-fixes). * iio: buffer: hw-consumer: fix use-after-free in error path (git-fixes). * iio: dac: ad5686: acquire lock when doing powerdown control (git-fixes). * iio: dac: ad5686: fix input raw value check (git-fixes). * iio: dac: max5821: fix return value check in powerdown sync (git-fixes). * iio: gyro: adis16260: fix division by zero in write_raw (git-fixes). * iio: gyro: itg3200: fix i2c read into the wrong stack location (git-fixes). * iio: imu: st_lsm6dsx: fix stack leak in tagged FIFO buffer (git-fixes). * iio: light: cm3323: fix reg_conf not being initialized correctly (git- fixes). * iio: magnetometer: st_magn: fix default DRDY pin selection for LIS2MDL (git- fixes). * iio: ssp_sensors: cancel delayed work_refresh on remove (git-fixes). * iio: temperature: tsys01: fix broken PROM checksum validation (git-fixes). * Input: atmel_mxt_ts - fix boundary check in mxt_prepare_cfg_mem (git-fixes). * Input: ims-pcu - fix usb_free_coherent() size in ims_pcu_buffers_free() (git-fixes). * Input: usbtouchscreen - clamp NEXIO data_len/x_len to URB buffer size (git- fixes). * Input: xpad - fix out-of-bounds access for Share button (git-fixes). * KVM: nSVM: Avoid incorrect injection of SVM_EXIT_CR0_SEL_WRITE (git-fixes). * KVM: nSVM: Propagate SVM_EXIT_CR0_SEL_WRITE correctly for LMSW emulation (git-fixes). * KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0 (git-fixes). * KVM: x86: Fix Xen hypercall tracepoint argument assignment (git-fixes). * KVM: x86: Return the VM's configured APIC bus frequency when queried (git- fixes). * media: i2c: og01a1b: Fix V4L2 subdevice data initialization on probe (git- fixes). * media: i2c: og01a1b: Replace client->dev usage (stable-fixes). * net: mana: Add NULL guards in teardown path to prevent panic on attach failure (git-fixes). * net: mana: Expose hardware diagnostic info via debugfs (bsc#1266414). * net: mana: Fix TOCTOU double-fetch of hwc_msg_id from DMA buffer (bsc#1265928). * net: mana: hardening: Reject zero max_num_queues from GDMA_QUERY_MAX_RESOURCES (git-fixes). * net: mana: hardening: Reject zero max_num_queues from MANA_QUERY_VPORT_CONFIG (git-fixes). * net: mana: Skip redundant detach on already-detached port (git-fixes). * net: mana: Use kvmalloc for large RX queue and buffer allocations (bsc#1266765). * net: mana: Use per-queue allocation for tx_qp to reduce allocation size (bsc#1266765). * net: mana: validate rx_req_idx to prevent out-of-bounds array access (bsc#1266402). * parport: Fix race between port and client registration (git-fixes). * platform/surface: aggregator_registry: omit battery & AC nodes on Surface Laptop 7 (git-fixes). * platform/x86: adv_swbutton: Check ACPI_HANDLE() against NULL (git-fixes). * platform/x86: hp_accel: Check ACPI_COMPANION() against NULL (git-fixes). * platform/x86: intel-hid: Check ACPI_HANDLE() against NULL (git-fixes). * platform/x86: intel-vbtn: Check ACPI_HANDLE() against NULL (git-fixes). * RDMA/efa: Check stored completion CTX command ID with received one (git- fixes). * RDMA/efa: Extend admin timeout error print (git-fixes). * RDMA/efa: Fix possible deadlock (git-fixes). * RDMA/efa: Improve admin completion context state machine (git-fixes). * RDMA/mana_ib: Report max_msg_sz in mana_ib_query_port (git-fixes). * Revert "ACPI: CPPC: Adjust debug messages in amd_set_max_freq_ratio() to warn" (git-fixes). * s390/pfault: Fix virtual vs physical address confusion (bsc#1262754). * scsi: devinfo: Add BLIST_SKIP_IO_HINTS for Iomega ZIP (git-fixes). * scsi: mpi3mr: Clear reset history on ready and recheck state after timeout (git-fixes). * scsi: ses: Handle positive SCSI error from ses_recv_diag() (git-fixes). * scsi: ufs: core: Fix shift out of bounds when MAXQ=32 (git-fixes). * security/keys: fix missed RCU read section on lookup (stable-fixes). * serial: fsl_lpuart: fix rx buffer and DMA map leaks in start_rx_dma (git- fixes). * serial: qcom-geni: fix UART_RX_PAR_EN bit position (git-fixes). * serial: qcom_geni: fix kfifo underflow when flush precedes DMA completion IRQ (git-fixes). * smb: client: reject userspace cifs.spnego descriptions (bsc#1266238). * spi: ep93xx: fix error pointer deref after DMA setup failure (git-fixes). * spi: mtk-snfi: Fix resource leak in mtk_snand_read_page_cache() (git-fixes). * spi: qup: fix error pointer deref after DMA setup failure (git-fixes). * spi: sprd: fix error pointer deref after DMA setup failure (git-fixes). * spi: ti-qspi: fix use-after-free after DMA setup failure (git-fixes). * thunderbolt: property: Reject dir_len < 4 to prevent size_t underflow (git- fixes). * thunderbolt: property: Reject u32 wrap in tb_property_entry_valid() (git- fixes). * tracing: Switch trace_osnoise.c code over to use guard() and __free() (bsc#1262634). * tty: serial: pch_uart: add check for dma_alloc_coherent() (git-fixes). * tty: serial: samsung: Remove redundant port lock acquisition in rx helpers (git-fixes). * USB: cdc-acm: Fix bit overlap and move quirk definitions to header (git- fixes). * usb: cdns3: gadget: fix request skipping after clearing halt (git-fixes). * usb: cdns3: plat: fix leaked usb2_phy initialization on usb3_phy acquisition failure (git-fixes). * usb: chipidea: core: convert ci_role_switch to local variable (git-fixes). * usb: dwc2: Fix use after free in debug code (git-fixes). * usb: gadget: composite: fix integer underflow in WebUSB GET_URL handling (git-fixes). * usb: gadget: dummy_hcd: Reject hub port requests for non-existent ports (git-fixes). * usb: gadget: f_fs: copy only received bytes on short ep0 read (git-fixes). * usb: gadget: f_fs: serialize DMABUF cancel against request completion (git- fixes). * usb: gadget: f_hid: fix device reference leak in hidg_alloc() (git-fixes). * usb: gadget: net2280: Fix double free in probe error path (git-fixes). * usb: gadget: uvc: hold opts->lock across XU walks in uvc_function_bind (git- fixes). * USB: serial: belkin_sa: validate interrupt status length (git-fixes). * USB: serial: cypress_m8: validate interrupt packet headers (git-fixes). * USB: serial: keyspan: fix missing indat transfer sanity check (git-fixes). * USB: serial: mct_u232: fix missing interrupt-in transfer sanity check (git- fixes). * USB: serial: mxuport: fix memory corruption with small endpoint (git-fixes). * USB: serial: omninet: fix memory corruption with small endpoint (git-fixes). * USB: serial: option: add missing RSVD(5) flag for Rolling RW135R-GL (git- fixes). * USB: serial: safe_serial: fix memory corruption with small endpoint (git- fixes). * usb: typec: tcpm: improve handling of DISCOVER_MODES failures (git-fixes). * usb: typec: ucsi: Don't update power_supply on power role change if not connected (git-fixes). * usb: usbtmc: check URB actual_length for interrupt-IN notifications (git- fixes). * usb: usbtmc: reject interrupt endpoints with small wMaxPacketSize (git- fixes). * usbip: vudc: Fix use after free bug in vudc_remove due to race condition (git-fixes). * virt: sev-guest: Explicitly leak pages in unknown state (git-fixes). * wifi: ath10k: skip WMI and beacon transmission when device is wedged (git- fixes). * wifi: ath11k: clear shared SRNG pointer state on restart (git-fixes). * wifi: ath11k: fix error path leak in ath11k_tm_cmd_wmi_ftm() (git-fixes). * wifi: ath11k: fix error path leaks in some WMI calls (git-fixes). * wifi: ath11k: fix error path leaks in some WMI WOW calls (git-fixes). * wifi: ath11k: fix peer resolution on rx path when peer_id=0 (git-fixes). * wifi: ath11k: fix use after free in ath11k_dp_rx_msdu_coalesce() (git- fixes). * wifi: cfg80211: advance loop vars in cfg80211_merge_profile() (git-fixes). * wifi: mac80211: consume only present negotiated TTLM maps (git-fixes). * wifi: mac80211: fix MLE defragmentation (git-fixes). * wifi: mac80211: fix multi-link element inheritance (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro Extras 6.2 zypper in -t patch SUSE-SLE-Micro-Extras-6.2-897=1 ## Package List: * SUSE Linux Micro Extras 6.2 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-debugsource-6.12.0-160000.34.1 * kernel-obs-build-6.12.0-160000.34.1 * kernel-syms-6.12.0-160000.34.1 ## References: * https://www.suse.com/security/cve/CVE-2023-20585.html * https://www.suse.com/security/cve/CVE-2026-23359.html * https://www.suse.com/security/cve/CVE-2026-23380.html * https://www.suse.com/security/cve/CVE-2026-23444.html * https://www.suse.com/security/cve/CVE-2026-31464.html * https://www.suse.com/security/cve/CVE-2026-31480.html * https://www.suse.com/security/cve/CVE-2026-31483.html * https://www.suse.com/security/cve/CVE-2026-31493.html * https://www.suse.com/security/cve/CVE-2026-3150.html * https://www.suse.com/security/cve/CVE-2026-31516.html * https://www.suse.com/security/cve/CVE-2026-31521.html * https://www.suse.com/security/cve/CVE-2026-31568.html * https://www.suse.com/security/cve/CVE-2026-31575.html * https://www.suse.com/security/cve/CVE-2026-31613.html * https://www.suse.com/security/cve/CVE-2026-31614.html * https://www.suse.com/security/cve/CVE-2026-31729.html * https://www.suse.com/security/cve/CVE-2026-31736.html * https://www.suse.com/security/cve/CVE-2026-43009.html * https://www.suse.com/security/cve/CVE-2026-43012.html * https://www.suse.com/security/cve/CVE-2026-43013.html * https://www.suse.com/security/cve/CVE-2026-43054.html * https://www.suse.com/security/cve/CVE-2026-43112.html * https://www.suse.com/security/cve/CVE-2026-43234.html * https://www.suse.com/security/cve/CVE-2026-43252.html * https://www.suse.com/security/cve/CVE-2026-43325.html * https://www.suse.com/security/cve/CVE-2026-43328.html * https://www.suse.com/security/cve/CVE-2026-43333.html * https://www.suse.com/security/cve/CVE-2026-43338.html * https://www.suse.com/security/cve/CVE-2026-43341.html * https://www.suse.com/security/cve/CVE-2026-43359.html * https://www.suse.com/security/cve/CVE-2026-43360.html * https://www.suse.com/security/cve/CVE-2026-43361.html * https://www.suse.com/security/cve/CVE-2026-43362.html * https://www.suse.com/security/cve/CVE-2026-43414.html * https://www.suse.com/security/cve/CVE-2026-43499.html * https://www.suse.com/security/cve/CVE-2026-45843.html * https://www.suse.com/security/cve/CVE-2026-46110.html * https://www.suse.com/security/cve/CVE-2026-46243.html * https://bugzilla.suse.com/show_bug.cgi?id=1243603 * https://bugzilla.suse.com/show_bug.cgi?id=1260539 * https://bugzilla.suse.com/show_bug.cgi?id=1260584 * https://bugzilla.suse.com/show_bug.cgi?id=1261590 * https://bugzilla.suse.com/show_bug.cgi?id=1262634 * https://bugzilla.suse.com/show_bug.cgi?id=1262656 * https://bugzilla.suse.com/show_bug.cgi?id=1262668 * https://bugzilla.suse.com/show_bug.cgi?id=1262754 * https://bugzilla.suse.com/show_bug.cgi?id=1262755 * https://bugzilla.suse.com/show_bug.cgi?id=1262771 * https://bugzilla.suse.com/show_bug.cgi?id=1263067 * https://bugzilla.suse.com/show_bug.cgi?id=1263068 * https://bugzilla.suse.com/show_bug.cgi?id=1263102 * https://bugzilla.suse.com/show_bug.cgi?id=1263169 * https://bugzilla.suse.com/show_bug.cgi?id=1263769 * https://bugzilla.suse.com/show_bug.cgi?id=1263774 * https://bugzilla.suse.com/show_bug.cgi?id=1263908 * https://bugzilla.suse.com/show_bug.cgi?id=1264011 * https://bugzilla.suse.com/show_bug.cgi?id=1264014 * https://bugzilla.suse.com/show_bug.cgi?id=1264016 * https://bugzilla.suse.com/show_bug.cgi?id=1264063 * https://bugzilla.suse.com/show_bug.cgi?id=1264112 * https://bugzilla.suse.com/show_bug.cgi?id=1264300 * https://bugzilla.suse.com/show_bug.cgi?id=1264409 * https://bugzilla.suse.com/show_bug.cgi?id=1264437 * https://bugzilla.suse.com/show_bug.cgi?id=1264669 * https://bugzilla.suse.com/show_bug.cgi?id=1264716 * https://bugzilla.suse.com/show_bug.cgi?id=1264719 * https://bugzilla.suse.com/show_bug.cgi?id=1264720 * https://bugzilla.suse.com/show_bug.cgi?id=1264722 * https://bugzilla.suse.com/show_bug.cgi?id=1264726 * https://bugzilla.suse.com/show_bug.cgi?id=1264832 * https://bugzilla.suse.com/show_bug.cgi?id=1264989 * https://bugzilla.suse.com/show_bug.cgi?id=1265044 * https://bugzilla.suse.com/show_bug.cgi?id=1265110 * https://bugzilla.suse.com/show_bug.cgi?id=1265925 * https://bugzilla.suse.com/show_bug.cgi?id=1265928 * https://bugzilla.suse.com/show_bug.cgi?id=1266001 * https://bugzilla.suse.com/show_bug.cgi?id=1266238 * https://bugzilla.suse.com/show_bug.cgi?id=1266307 * https://bugzilla.suse.com/show_bug.cgi?id=1266395 * https://bugzilla.suse.com/show_bug.cgi?id=1266402 * https://bugzilla.suse.com/show_bug.cgi?id=1266414 * https://bugzilla.suse.com/show_bug.cgi?id=1266759 * https://bugzilla.suse.com/show_bug.cgi?id=1266765 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 9 20:34:03 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jun 2026 20:34:03 -0000 Subject: SUSE-SU-2026:2324-1: important: Security update for perl-XML-LibXML Message-ID: <178103724389.427.16032763656527453866@f2d68789a884> # Security update for perl-XML-LibXML Announcement ID: SUSE-SU-2026:2324-1 Release Date: 2026-06-09T14:33:45Z Rating: important References: * bsc#1264715 Cross-References: * CVE-2026-8177 CVSS scores: * CVE-2026-8177 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-8177 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for perl-XML-LibXML fixes the following issue * CVE-2026-8177: read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences (bsc#1264715). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2324=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2324=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2324=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2324=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2324=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2324=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2324=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2324=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2324=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2324=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2324=1 ## Package List: * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * perl-XML-LibXML-debuginfo-2.0132-150000.3.8.1 * perl-XML-LibXML-2.0132-150000.3.8.1 * perl-XML-LibXML-debugsource-2.0132-150000.3.8.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * perl-XML-LibXML-debuginfo-2.0132-150000.3.8.1 * perl-XML-LibXML-debugsource-2.0132-150000.3.8.1 * perl-XML-LibXML-2.0132-150000.3.8.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * perl-XML-LibXML-debuginfo-2.0132-150000.3.8.1 * perl-XML-LibXML-debugsource-2.0132-150000.3.8.1 * perl-XML-LibXML-2.0132-150000.3.8.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * perl-XML-LibXML-debuginfo-2.0132-150000.3.8.1 * perl-XML-LibXML-debugsource-2.0132-150000.3.8.1 * perl-XML-LibXML-2.0132-150000.3.8.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * perl-XML-LibXML-debuginfo-2.0132-150000.3.8.1 * perl-XML-LibXML-debugsource-2.0132-150000.3.8.1 * perl-XML-LibXML-2.0132-150000.3.8.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * perl-XML-LibXML-debuginfo-2.0132-150000.3.8.1 * perl-XML-LibXML-debugsource-2.0132-150000.3.8.1 * perl-XML-LibXML-2.0132-150000.3.8.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * perl-XML-LibXML-debuginfo-2.0132-150000.3.8.1 * perl-XML-LibXML-debugsource-2.0132-150000.3.8.1 * perl-XML-LibXML-2.0132-150000.3.8.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * perl-XML-LibXML-debuginfo-2.0132-150000.3.8.1 * perl-XML-LibXML-debugsource-2.0132-150000.3.8.1 * perl-XML-LibXML-2.0132-150000.3.8.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * perl-XML-LibXML-debuginfo-2.0132-150000.3.8.1 * perl-XML-LibXML-debugsource-2.0132-150000.3.8.1 * perl-XML-LibXML-2.0132-150000.3.8.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * perl-XML-LibXML-debuginfo-2.0132-150000.3.8.1 * perl-XML-LibXML-debugsource-2.0132-150000.3.8.1 * perl-XML-LibXML-2.0132-150000.3.8.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * perl-XML-LibXML-debuginfo-2.0132-150000.3.8.1 * perl-XML-LibXML-debugsource-2.0132-150000.3.8.1 * perl-XML-LibXML-2.0132-150000.3.8.1 ## References: * https://www.suse.com/security/cve/CVE-2026-8177.html * https://bugzilla.suse.com/show_bug.cgi?id=1264715 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jun 9 20:33:58 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jun 2026 20:33:58 -0000 Subject: SUSE-SU-2026:2325-1: important: Security update for kubernetes1.26 Message-ID: <178103723839.427.10398965729524457767@f2d68789a884> # Security update for kubernetes1.26 Announcement ID: SUSE-SU-2026:2325-1 Release Date: 2026-06-09T14:34:21Z Rating: important References: * bsc#1251168 * bsc#1262271 * bsc#1265740 Cross-References: * CVE-2026-33814 * CVE-2026-35469 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35469 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-35469 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35469 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for kubernetes1.26 fixes the following issues * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265740). * CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service (bsc#1262271). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2325=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2325=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2325=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2325=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2325=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2325=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2325=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2325=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2325=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kubernetes1.26-apiserver-1.26.15-150400.9.27.1 * kubernetes1.26-kubeadm-1.26.15-150400.9.27.1 * kubernetes1.26-scheduler-1.26.15-150400.9.27.1 * kubernetes1.26-controller-manager-1.26.15-150400.9.27.1 * kubernetes1.26-client-common-1.26.15-150400.9.27.1 * kubernetes1.26-kubelet-1.26.15-150400.9.27.1 * kubernetes1.26-client-1.26.15-150400.9.27.1 * kubernetes1.26-proxy-1.26.15-150400.9.27.1 * kubernetes1.26-kubelet-common-1.26.15-150400.9.27.1 * openSUSE Leap 15.4 (noarch) * kubernetes1.26-client-fish-completion-1.26.15-150400.9.27.1 * kubernetes1.26-client-bash-completion-1.26.15-150400.9.27.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kubernetes1.26-client-1.26.15-150400.9.27.1 * kubernetes1.26-client-common-1.26.15-150400.9.27.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * kubernetes1.26-client-1.26.15-150400.9.27.1 * kubernetes1.26-client-common-1.26.15-150400.9.27.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kubernetes1.26-client-1.26.15-150400.9.27.1 * kubernetes1.26-client-common-1.26.15-150400.9.27.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kubernetes1.26-client-1.26.15-150400.9.27.1 * kubernetes1.26-client-common-1.26.15-150400.9.27.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * kubernetes1.26-client-1.26.15-150400.9.27.1 * kubernetes1.26-client-common-1.26.15-150400.9.27.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * kubernetes1.26-client-1.26.15-150400.9.27.1 * kubernetes1.26-client-common-1.26.15-150400.9.27.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * kubernetes1.26-client-1.26.15-150400.9.27.1 * kubernetes1.26-client-common-1.26.15-150400.9.27.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * kubernetes1.26-client-1.26.15-150400.9.27.1 * kubernetes1.26-client-common-1.26.15-150400.9.27.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://www.suse.com/security/cve/CVE-2026-35469.html * https://bugzilla.suse.com/show_bug.cgi?id=1251168 * https://bugzilla.suse.com/show_bug.cgi?id=1262271 * https://bugzilla.suse.com/show_bug.cgi?id=1265740 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 08:30:18 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 08:30:18 -0000 Subject: SUSE-SU-2026:2327-1: moderate: Security update for go1.26 Message-ID: <178108021893.207.2702600542967252970@72e00eddb364> # Security update for go1.26 Announcement ID: SUSE-SU-2026:2327-1 Release Date: 2026-06-09T19:06:53Z Rating: moderate References: * bsc#1255111 * bsc#1267442 * bsc#1267444 * bsc#1267450 Cross-References: * CVE-2026-27145 * CVE-2026-42504 * CVE-2026-42507 CVSS scores: * CVE-2026-27145 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-27145 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-27145 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-42504 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-42504 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-42504 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42507 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-42507 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-42507 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * Development Tools Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for go1.26 fixes the following issues Update to go1.26.4 (bsc#1255111): * CVE-2026-27145: crypto/x509: split candidate hostname only once (bsc#1267450). * CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader (bsc#1267442). * CVE-2026-42507: net/textproto: arbitrary input are included in errors without any escaping (bsc#1267444). Changes: * go#79230 go#79217 boo#1267442 security: fix CVE-2026-42504 mime: quadratic complexity in WordDecoder.DecodeHeader * go#79426 go#79346 boo#1267444 security: fix CVE-2026-42507 net/textproto: arbitrary input are included in errors without any escaping * go#79701 go#79694 boo#1267450 security: fix CVE-2026-27145 crypto/x509: split candidate hostname only once * go#79191 cmd/compile: Bug in rewrite rules for AMD64 causes SHL instruction overflow and miscompilation * go#79226 crypto/internal/fips140/drbg: backport CL 774221 to Go 1.26 * go#79349 cmd/fix: x/tools/go/analysis/passes/modernize: slicescontains hoists needle expression, changing side effect count * go#79686 runtime/race: change in 93a4f03 leads to a failed build on Amazon Linux 2 and arm64 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2026-2327=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2327=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2327=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2327=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2327=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2327=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2327=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2327=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2327=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2327=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2327=1 ## Package List: * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * go1.26-race-1.26.4-150000.1.15.1 * go1.26-doc-1.26.4-150000.1.15.1 * go1.26-1.26.4-150000.1.15.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.26-race-1.26.4-150000.1.15.1 * go1.26-doc-1.26.4-150000.1.15.1 * go1.26-1.26.4-150000.1.15.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * go1.26-1.26.4-150000.1.15.1 * go1.26-doc-1.26.4-150000.1.15.1 * go1.26-race-1.26.4-150000.1.15.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.26-race-1.26.4-150000.1.15.1 * go1.26-doc-1.26.4-150000.1.15.1 * go1.26-1.26.4-150000.1.15.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * go1.26-race-1.26.4-150000.1.15.1 * go1.26-doc-1.26.4-150000.1.15.1 * go1.26-1.26.4-150000.1.15.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * go1.26-race-1.26.4-150000.1.15.1 * go1.26-doc-1.26.4-150000.1.15.1 * go1.26-1.26.4-150000.1.15.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * go1.26-race-1.26.4-150000.1.15.1 * go1.26-doc-1.26.4-150000.1.15.1 * go1.26-1.26.4-150000.1.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.26-race-1.26.4-150000.1.15.1 * go1.26-doc-1.26.4-150000.1.15.1 * go1.26-1.26.4-150000.1.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * go1.26-race-1.26.4-150000.1.15.1 * go1.26-doc-1.26.4-150000.1.15.1 * go1.26-1.26.4-150000.1.15.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * go1.26-race-1.26.4-150000.1.15.1 * go1.26-doc-1.26.4-150000.1.15.1 * go1.26-1.26.4-150000.1.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * go1.26-race-1.26.4-150000.1.15.1 * go1.26-doc-1.26.4-150000.1.15.1 * go1.26-1.26.4-150000.1.15.1 ## References: * https://www.suse.com/security/cve/CVE-2026-27145.html * https://www.suse.com/security/cve/CVE-2026-42504.html * https://www.suse.com/security/cve/CVE-2026-42507.html * https://bugzilla.suse.com/show_bug.cgi?id=1255111 * https://bugzilla.suse.com/show_bug.cgi?id=1267442 * https://bugzilla.suse.com/show_bug.cgi?id=1267444 * https://bugzilla.suse.com/show_bug.cgi?id=1267450 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 08:30:28 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 08:30:28 -0000 Subject: SUSE-SU-2026:2326-1: moderate: Security update for go1.25 Message-ID: <178108022832.207.17952395011046533218@72e00eddb364> # Security update for go1.25 Announcement ID: SUSE-SU-2026:2326-1 Release Date: 2026-06-09T19:05:53Z Rating: moderate References: * bsc#1244485 * bsc#1267442 * bsc#1267444 * bsc#1267450 Cross-References: * CVE-2026-27145 * CVE-2026-42504 * CVE-2026-42507 CVSS scores: * CVE-2026-27145 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-27145 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-27145 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-42504 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-42504 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-42504 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42507 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-42507 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-42507 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * Development Tools Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for go1.25 fixes the following issues Update to go1.25.11 (bsc#1244485): * CVE-2026-27145: crypto/x509: split candidate hostname only once (bsc#1267450). * CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader (bsc#1267442). * CVE-2026-42507: net/textproto: arbitrary input are included in errors without any escaping (bsc#1267444). Changes: * go#79229 go#79217 boo#1267442 security: fix CVE-2026-42504 mime: quadratic complexity in WordDecoder.DecodeHeader * go#79425 go#79346 boo#1267444 security: fix CVE-2026-42507 net/textproto: arbitrary input are included in errors without any escaping * go#79700 go#79694 boo#1267450 security: fix CVE-2026-27145 crypto/x509: split candidate hostname only once * go#79190 cmd/compile: Bug in rewrite rules for AMD64 causes SHL instruction overflow and miscompilation * go#79698 runtime/race: change in 93a4f03 leads to a failed build on Amazon Linux 2 and arm64 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2026-2326=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2326=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2326=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2326=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2326=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2326=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2326=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2326=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2326=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2326=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2326=1 ## Package List: * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * go1.25-race-1.25.11-150000.1.41.1 * go1.25-1.25.11-150000.1.41.1 * go1.25-doc-1.25.11-150000.1.41.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.25-race-1.25.11-150000.1.41.1 * go1.25-1.25.11-150000.1.41.1 * go1.25-doc-1.25.11-150000.1.41.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * go1.25-race-1.25.11-150000.1.41.1 * go1.25-1.25.11-150000.1.41.1 * go1.25-doc-1.25.11-150000.1.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.25-race-1.25.11-150000.1.41.1 * go1.25-1.25.11-150000.1.41.1 * go1.25-doc-1.25.11-150000.1.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.25-race-1.25.11-150000.1.41.1 * go1.25-1.25.11-150000.1.41.1 * go1.25-doc-1.25.11-150000.1.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * go1.25-race-1.25.11-150000.1.41.1 * go1.25-1.25.11-150000.1.41.1 * go1.25-doc-1.25.11-150000.1.41.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * go1.25-race-1.25.11-150000.1.41.1 * go1.25-1.25.11-150000.1.41.1 * go1.25-doc-1.25.11-150000.1.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * go1.25-race-1.25.11-150000.1.41.1 * go1.25-1.25.11-150000.1.41.1 * go1.25-doc-1.25.11-150000.1.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * go1.25-race-1.25.11-150000.1.41.1 * go1.25-1.25.11-150000.1.41.1 * go1.25-doc-1.25.11-150000.1.41.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * go1.25-race-1.25.11-150000.1.41.1 * go1.25-1.25.11-150000.1.41.1 * go1.25-doc-1.25.11-150000.1.41.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * go1.25-race-1.25.11-150000.1.41.1 * go1.25-1.25.11-150000.1.41.1 * go1.25-doc-1.25.11-150000.1.41.1 ## References: * https://www.suse.com/security/cve/CVE-2026-27145.html * https://www.suse.com/security/cve/CVE-2026-42504.html * https://www.suse.com/security/cve/CVE-2026-42507.html * https://bugzilla.suse.com/show_bug.cgi?id=1244485 * https://bugzilla.suse.com/show_bug.cgi?id=1267442 * https://bugzilla.suse.com/show_bug.cgi?id=1267444 * https://bugzilla.suse.com/show_bug.cgi?id=1267450 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 08:30:35 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 08:30:35 -0000 Subject: SUSE-SU-2026:2322-1: important: Security update for kubernetes1.24 Message-ID: <178108023559.207.3135193228796055881@72e00eddb364> # Security update for kubernetes1.24 Announcement ID: SUSE-SU-2026:2322-1 Release Date: 2026-06-09T14:32:17Z Rating: important References: * bsc#1251168 * bsc#1262271 * bsc#1265740 Cross-References: * CVE-2026-33814 * CVE-2026-35469 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35469 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-35469 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35469 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for kubernetes1.24 fixes the following issues * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265740). * CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service (bsc#1262271). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2322=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2322=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2322=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2322=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2322=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-client-common-1.24.17-150400.9.27.1 * kubernetes1.24-kubeadm-1.24.17-150400.9.27.1 * kubernetes1.24-proxy-1.24.17-150400.9.27.1 * kubernetes1.24-kubelet-1.24.17-150400.9.27.1 * kubernetes1.24-scheduler-1.24.17-150400.9.27.1 * kubernetes1.24-apiserver-1.24.17-150400.9.27.1 * kubernetes1.24-client-1.24.17-150400.9.27.1 * kubernetes1.24-kubelet-common-1.24.17-150400.9.27.1 * kubernetes1.24-controller-manager-1.24.17-150400.9.27.1 * openSUSE Leap 15.4 (noarch) * kubernetes1.24-client-bash-completion-1.24.17-150400.9.27.1 * kubernetes1.24-client-fish-completion-1.24.17-150400.9.27.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kubernetes1.24-client-common-1.24.17-150400.9.27.1 * kubernetes1.24-client-1.24.17-150400.9.27.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kubernetes1.24-client-common-1.24.17-150400.9.27.1 * kubernetes1.24-client-1.24.17-150400.9.27.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * kubernetes1.24-client-common-1.24.17-150400.9.27.1 * kubernetes1.24-client-1.24.17-150400.9.27.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kubernetes1.24-client-common-1.24.17-150400.9.27.1 * kubernetes1.24-client-1.24.17-150400.9.27.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://www.suse.com/security/cve/CVE-2026-35469.html * https://bugzilla.suse.com/show_bug.cgi?id=1251168 * https://bugzilla.suse.com/show_bug.cgi?id=1262271 * https://bugzilla.suse.com/show_bug.cgi?id=1265740 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 08:30:58 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 08:30:58 -0000 Subject: SUSE-SU-2026:2318-1: important: Security update for python-Django Message-ID: <178108025853.207.4853716847811949582@72e00eddb364> # Security update for python-Django Announcement ID: SUSE-SU-2026:2318-1 Release Date: 2026-06-09T13:22:05Z Rating: important References: * bsc#1267576 * bsc#1267577 * bsc#1267578 * bsc#1267579 * bsc#1267580 Cross-References: * CVE-2026-35193 * CVE-2026-48587 * CVE-2026-6873 * CVE-2026-7666 * CVE-2026-8404 CVSS scores: * CVE-2026-35193 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-35193 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-35193 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-35193 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2026-48587 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-48587 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-48587 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-48587 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2026-48587 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6873 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-6873 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6873 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-6873 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6873 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-7666 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-7666 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-7666 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-7666 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2026-8404 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-8404 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-8404 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-8404 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-8404 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves five vulnerabilities can now be installed. ## Description: This update for python-Django fixes the following issues * CVE-2026-6873: signed cookie salt namespace collision in `django.http.HttpRequest.get_signed_cookie` (bsc#1267578). * CVE-2026-7666: potential unencrypted email transmission via `STARTTLS` in the SMTP backend (bsc#1267579). * CVE-2026-8404: potential exposure of private data via case-sensitive `Cache- Control` directives in `UpdateCacheMiddleware` (bsc#1267580). * CVE-2026-35193: potential exposure of private data via missing `Vary: Authorization` in `UpdateCacheMiddleware` (bsc#1267576). * CVE-2026-48587: potential exposure of private data via whitespace padding in `Vary` header (bsc#1267577). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2318=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2318=1 ## Package List: * openSUSE Leap 15.6 (noarch) * python311-Django-4.2.11-150600.3.59.1 * SUSE Package Hub 15 15-SP7 (noarch) * python311-Django-4.2.11-150600.3.59.1 ## References: * https://www.suse.com/security/cve/CVE-2026-35193.html * https://www.suse.com/security/cve/CVE-2026-48587.html * https://www.suse.com/security/cve/CVE-2026-6873.html * https://www.suse.com/security/cve/CVE-2026-7666.html * https://www.suse.com/security/cve/CVE-2026-8404.html * https://bugzilla.suse.com/show_bug.cgi?id=1267576 * https://bugzilla.suse.com/show_bug.cgi?id=1267577 * https://bugzilla.suse.com/show_bug.cgi?id=1267578 * https://bugzilla.suse.com/show_bug.cgi?id=1267579 * https://bugzilla.suse.com/show_bug.cgi?id=1267580 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 08:31:15 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 08:31:15 -0000 Subject: SUSE-SU-2026:2317-1: important: Security update for the Linux Kernel Message-ID: <178108027547.207.8692269799470921788@72e00eddb364> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:2317-1 Release Date: 2026-06-09T13:20:54Z Rating: important References: * bsc#1260018 * bsc#1261638 * bsc#1263600 * bsc#1263668 * bsc#1263995 * bsc#1264634 * bsc#1264848 * bsc#1265126 * bsc#1266001 Cross-References: * CVE-2026-23271 * CVE-2026-31402 * CVE-2026-31607 * CVE-2026-31685 * CVE-2026-43037 * CVE-2026-43126 * CVE-2026-43190 * CVE-2026-43437 * CVE-2026-43499 * CVE-2026-46243 CVSS scores: * CVE-2026-23271 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-23271 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-23271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31402 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-31402 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-31402 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31607 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31607 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2026-31607 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31685 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31685 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31685 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2026-43037 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43126 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43126 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43190 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43190 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43190 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43437 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43437 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43499 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43499 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43499 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Enterprise Server 11 SP4 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE An update that solves 10 vulnerabilities can now be installed. ## Description: The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2026-23271: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race (bsc#1260018). * CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (bsc#1261638). * CVE-2026-31607: usbip: validate number_of_packets in usbip_pack_ret_submit() (bsc#1263600). * CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263668). * CVE-2026-43037: ip6_tunnel: clear skb2->cb in ip4ip6_err() (bsc#1263995). * CVE-2026-43126: ALSA: mixer: oss: Add card disconnect checkpoints (bsc#1264634). * CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264848). * CVE-2026-43437: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (bsc#1265126). * CVE-2026-43499: rtmutex: Use waiter::task instead of current in remove_waiter() (bsc#1266001). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2026-2317=1 * SUSE Linux Enterprise Server 11 SP4 zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2026-2317=1 ## Package List: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (nosrc x86_64) * kernel-default-3.0.101-108.210.1 * kernel-ec2-3.0.101-108.210.1 * kernel-trace-3.0.101-108.210.1 * kernel-xen-3.0.101-108.210.1 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (x86_64) * kernel-trace-base-3.0.101-108.210.1 * kernel-ec2-debugsource-3.0.101-108.210.1 * kernel-default-devel-debuginfo-3.0.101-108.210.1 * kernel-xen-debuginfo-3.0.101-108.210.1 * kernel-xen-base-3.0.101-108.210.1 * kernel-syms-3.0.101-108.210.1 * kernel-default-debuginfo-3.0.101-108.210.1 * kernel-trace-devel-3.0.101-108.210.1 * kernel-trace-debuginfo-3.0.101-108.210.1 * kernel-default-devel-3.0.101-108.210.1 * kernel-ec2-base-3.0.101-108.210.1 * kernel-ec2-devel-debuginfo-3.0.101-108.210.1 * kernel-xen-debugsource-3.0.101-108.210.1 * kernel-trace-debugsource-3.0.101-108.210.1 * kernel-trace-devel-debuginfo-3.0.101-108.210.1 * kernel-xen-devel-3.0.101-108.210.1 * kernel-source-3.0.101-108.210.1 * kernel-ec2-debuginfo-3.0.101-108.210.1 * kernel-xen-devel-debuginfo-3.0.101-108.210.1 * kernel-default-debugsource-3.0.101-108.210.1 * kernel-ec2-devel-3.0.101-108.210.1 * kernel-default-base-3.0.101-108.210.1 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (noarch nosrc) * kernel-docs-3.0.101-108.210.1 * SUSE Linux Enterprise Server 11 SP4 (nosrc x86_64) * kernel-default-3.0.101-108.210.1 * kernel-ec2-3.0.101-108.210.1 * kernel-trace-3.0.101-108.210.1 * kernel-xen-3.0.101-108.210.1 * SUSE Linux Enterprise Server 11 SP4 (x86_64) * kernel-trace-base-3.0.101-108.210.1 * kernel-ec2-debugsource-3.0.101-108.210.1 * kernel-default-devel-debuginfo-3.0.101-108.210.1 * kernel-xen-debuginfo-3.0.101-108.210.1 * kernel-xen-base-3.0.101-108.210.1 * kernel-syms-3.0.101-108.210.1 * kernel-default-debuginfo-3.0.101-108.210.1 * kernel-trace-devel-3.0.101-108.210.1 * kernel-trace-debuginfo-3.0.101-108.210.1 * kernel-default-devel-3.0.101-108.210.1 * kernel-ec2-base-3.0.101-108.210.1 * kernel-ec2-devel-debuginfo-3.0.101-108.210.1 * kernel-xen-debugsource-3.0.101-108.210.1 * kernel-trace-debugsource-3.0.101-108.210.1 * kernel-trace-devel-debuginfo-3.0.101-108.210.1 * kernel-xen-devel-3.0.101-108.210.1 * kernel-source-3.0.101-108.210.1 * kernel-ec2-debuginfo-3.0.101-108.210.1 * kernel-xen-devel-debuginfo-3.0.101-108.210.1 * kernel-default-debugsource-3.0.101-108.210.1 * kernel-ec2-devel-3.0.101-108.210.1 * kernel-default-base-3.0.101-108.210.1 * SUSE Linux Enterprise Server 11 SP4 (noarch nosrc) * kernel-docs-3.0.101-108.210.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23271.html * https://www.suse.com/security/cve/CVE-2026-31402.html * https://www.suse.com/security/cve/CVE-2026-31607.html * https://www.suse.com/security/cve/CVE-2026-31685.html * https://www.suse.com/security/cve/CVE-2026-43037.html * https://www.suse.com/security/cve/CVE-2026-43126.html * https://www.suse.com/security/cve/CVE-2026-43190.html * https://www.suse.com/security/cve/CVE-2026-43437.html * https://www.suse.com/security/cve/CVE-2026-43499.html * https://www.suse.com/security/cve/CVE-2026-46243.html * https://bugzilla.suse.com/show_bug.cgi?id=1260018 * https://bugzilla.suse.com/show_bug.cgi?id=1261638 * https://bugzilla.suse.com/show_bug.cgi?id=1263600 * https://bugzilla.suse.com/show_bug.cgi?id=1263668 * https://bugzilla.suse.com/show_bug.cgi?id=1263995 * https://bugzilla.suse.com/show_bug.cgi?id=1264634 * https://bugzilla.suse.com/show_bug.cgi?id=1264848 * https://bugzilla.suse.com/show_bug.cgi?id=1265126 * https://bugzilla.suse.com/show_bug.cgi?id=1266001 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 08:31:22 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 08:31:22 -0000 Subject: SUSE-SU-2026:2316-1: important: Security update for 389-ds Message-ID: <178108028276.207.14008107856845841487@72e00eddb364> # Security update for 389-ds Announcement ID: SUSE-SU-2026:2316-1 Release Date: 2026-06-09T12:52:23Z Rating: important References: * bsc#1265898 Cross-References: * CVE-2026-9064 CVSS scores: * CVE-2026-9064 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-9064 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-9064 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for 389-ds fixes the following issue * CVE-2026-9064: unbounded LDAP controls count in `get_ldapmessage_controls_ext()` can lead to amplified CPU time and heap allocation and a denial of service (bsc#1265898). Changes for 389-ds: * Update to version 2.0.20~git90.9f70d434e. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2316=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2316=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2316=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2316=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2316=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * 389-ds-snmp-debuginfo-2.0.20~git90.9f70d434e-150400.3.51.1 * 389-ds-debugsource-2.0.20~git90.9f70d434e-150400.3.51.1 * 389-ds-snmp-2.0.20~git90.9f70d434e-150400.3.51.1 * libsvrcore0-debuginfo-2.0.20~git90.9f70d434e-150400.3.51.1 * 389-ds-debuginfo-2.0.20~git90.9f70d434e-150400.3.51.1 * libsvrcore0-2.0.20~git90.9f70d434e-150400.3.51.1 * 389-ds-2.0.20~git90.9f70d434e-150400.3.51.1 * lib389-2.0.20~git90.9f70d434e-150400.3.51.1 * 389-ds-devel-2.0.20~git90.9f70d434e-150400.3.51.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * 389-ds-debugsource-2.0.20~git90.9f70d434e-150400.3.51.1 * libsvrcore0-debuginfo-2.0.20~git90.9f70d434e-150400.3.51.1 * 389-ds-debuginfo-2.0.20~git90.9f70d434e-150400.3.51.1 * libsvrcore0-2.0.20~git90.9f70d434e-150400.3.51.1 * 389-ds-2.0.20~git90.9f70d434e-150400.3.51.1 * lib389-2.0.20~git90.9f70d434e-150400.3.51.1 * 389-ds-devel-2.0.20~git90.9f70d434e-150400.3.51.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * 389-ds-debugsource-2.0.20~git90.9f70d434e-150400.3.51.1 * libsvrcore0-debuginfo-2.0.20~git90.9f70d434e-150400.3.51.1 * 389-ds-debuginfo-2.0.20~git90.9f70d434e-150400.3.51.1 * libsvrcore0-2.0.20~git90.9f70d434e-150400.3.51.1 * 389-ds-2.0.20~git90.9f70d434e-150400.3.51.1 * lib389-2.0.20~git90.9f70d434e-150400.3.51.1 * 389-ds-devel-2.0.20~git90.9f70d434e-150400.3.51.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * 389-ds-debugsource-2.0.20~git90.9f70d434e-150400.3.51.1 * libsvrcore0-debuginfo-2.0.20~git90.9f70d434e-150400.3.51.1 * 389-ds-debuginfo-2.0.20~git90.9f70d434e-150400.3.51.1 * libsvrcore0-2.0.20~git90.9f70d434e-150400.3.51.1 * 389-ds-2.0.20~git90.9f70d434e-150400.3.51.1 * lib389-2.0.20~git90.9f70d434e-150400.3.51.1 * 389-ds-devel-2.0.20~git90.9f70d434e-150400.3.51.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * 389-ds-debugsource-2.0.20~git90.9f70d434e-150400.3.51.1 * libsvrcore0-debuginfo-2.0.20~git90.9f70d434e-150400.3.51.1 * 389-ds-debuginfo-2.0.20~git90.9f70d434e-150400.3.51.1 * libsvrcore0-2.0.20~git90.9f70d434e-150400.3.51.1 * 389-ds-2.0.20~git90.9f70d434e-150400.3.51.1 * lib389-2.0.20~git90.9f70d434e-150400.3.51.1 * 389-ds-devel-2.0.20~git90.9f70d434e-150400.3.51.1 ## References: * https://www.suse.com/security/cve/CVE-2026-9064.html * https://bugzilla.suse.com/show_bug.cgi?id=1265898 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 08:31:30 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 08:31:30 -0000 Subject: SUSE-SU-2026:2315-1: important: Security update for kubernetes1.23 Message-ID: <178108029038.207.10915049944505700735@72e00eddb364> # Security update for kubernetes1.23 Announcement ID: SUSE-SU-2026:2315-1 Release Date: 2026-06-09T12:51:53Z Rating: important References: * bsc#1251168 * bsc#1262271 * bsc#1265740 Cross-References: * CVE-2026-33814 * CVE-2026-35469 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35469 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-35469 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35469 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for kubernetes1.23 fixes the following issues * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265740). * CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service (bsc#1262271). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2026-2315=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2315=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2315=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2315=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2315=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * kubernetes1.23-kubeadm-1.23.17-150300.7.17.1 * kubernetes1.23-kubelet-common-1.23.17-150300.7.17.1 * kubernetes1.23-controller-manager-1.23.17-150300.7.17.1 * kubernetes1.23-apiserver-1.23.17-150300.7.17.1 * kubernetes1.23-client-common-1.23.17-150300.7.17.1 * kubernetes1.23-scheduler-1.23.17-150300.7.17.1 * kubernetes1.23-proxy-1.23.17-150300.7.17.1 * kubernetes1.23-client-1.23.17-150300.7.17.1 * kubernetes1.23-kubelet-1.23.17-150300.7.17.1 * openSUSE Leap 15.3 (noarch) * kubernetes1.23-client-fish-completion-1.23.17-150300.7.17.1 * kubernetes1.23-client-bash-completion-1.23.17-150300.7.17.1 * openSUSE Leap 15.3 (ppc64le) * kubernetes1.23-apiserver-debuginfo-1.23.17-150300.7.17.1 * kubernetes1.23-client-debuginfo-1.23.17-150300.7.17.1 * kubernetes1.23-scheduler-debuginfo-1.23.17-150300.7.17.1 * kubernetes1.23-kubeadm-debuginfo-1.23.17-150300.7.17.1 * kubernetes1.23-proxy-debuginfo-1.23.17-150300.7.17.1 * kubernetes1.23-controller-manager-debuginfo-1.23.17-150300.7.17.1 * kubernetes1.23-kubelet-debuginfo-1.23.17-150300.7.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kubernetes1.23-client-1.23.17-150300.7.17.1 * kubernetes1.23-client-common-1.23.17-150300.7.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kubernetes1.23-client-1.23.17-150300.7.17.1 * kubernetes1.23-client-common-1.23.17-150300.7.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * kubernetes1.23-client-1.23.17-150300.7.17.1 * kubernetes1.23-client-common-1.23.17-150300.7.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (ppc64le) * kubernetes1.23-client-debuginfo-1.23.17-150300.7.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kubernetes1.23-client-1.23.17-150300.7.17.1 * kubernetes1.23-client-common-1.23.17-150300.7.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le) * kubernetes1.23-client-debuginfo-1.23.17-150300.7.17.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://www.suse.com/security/cve/CVE-2026-35469.html * https://bugzilla.suse.com/show_bug.cgi?id=1251168 * https://bugzilla.suse.com/show_bug.cgi?id=1262271 * https://bugzilla.suse.com/show_bug.cgi?id=1265740 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 08:31:36 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 08:31:36 -0000 Subject: SUSE-SU-2026:2314-1: important: Security update for libsoup Message-ID: <178108029644.207.10979869019418286243@72e00eddb364> # Security update for libsoup Announcement ID: SUSE-SU-2026:2314-1 Release Date: 2026-06-09T12:51:31Z Rating: important References: * bsc#1257649 * bsc#1259767 Cross-References: * CVE-2026-1801 * CVE-2026-4271 CVSS scores: * CVE-2026-1801 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-1801 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-1801 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-1801 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-4271 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-4271 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-4271 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-4271 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for libsoup fixes the following issues * CVE-2026-1801: HTTP Request Smuggling in soup_filter_input_stream_read_line() (bsc#1257649). * CVE-2026-4271: use-after-free in the HTTP/2 server when user signal handlers disconnect connections during callback execution (bsc#1259767). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2314=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2314=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2314=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2314=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libsoup-3_0-0-3.4.4-150600.3.47.1 * libsoup-devel-3.4.4-150600.3.47.1 * libsoup-3_0-0-debuginfo-3.4.4-150600.3.47.1 * libsoup-debugsource-3.4.4-150600.3.47.1 * typelib-1_0-Soup-3_0-3.4.4-150600.3.47.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libsoup-3_0-0-64bit-debuginfo-3.4.4-150600.3.47.1 * libsoup-3_0-0-64bit-3.4.4-150600.3.47.1 * libsoup-devel-64bit-3.4.4-150600.3.47.1 * openSUSE Leap 15.6 (x86_64) * libsoup-3_0-0-32bit-3.4.4-150600.3.47.1 * libsoup-devel-32bit-3.4.4-150600.3.47.1 * libsoup-3_0-0-32bit-debuginfo-3.4.4-150600.3.47.1 * openSUSE Leap 15.6 (noarch) * libsoup-lang-3.4.4-150600.3.47.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libsoup-3_0-0-3.4.4-150600.3.47.1 * libsoup-devel-3.4.4-150600.3.47.1 * libsoup-3_0-0-debuginfo-3.4.4-150600.3.47.1 * libsoup-debugsource-3.4.4-150600.3.47.1 * typelib-1_0-Soup-3_0-3.4.4-150600.3.47.1 * Basesystem Module 15-SP7 (noarch) * libsoup-lang-3.4.4-150600.3.47.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * libsoup-3_0-0-3.4.4-150600.3.47.1 * libsoup-devel-3.4.4-150600.3.47.1 * libsoup-3_0-0-debuginfo-3.4.4-150600.3.47.1 * libsoup-debugsource-3.4.4-150600.3.47.1 * typelib-1_0-Soup-3_0-3.4.4-150600.3.47.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * libsoup-lang-3.4.4-150600.3.47.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * libsoup-3_0-0-3.4.4-150600.3.47.1 * libsoup-devel-3.4.4-150600.3.47.1 * libsoup-3_0-0-debuginfo-3.4.4-150600.3.47.1 * libsoup-debugsource-3.4.4-150600.3.47.1 * typelib-1_0-Soup-3_0-3.4.4-150600.3.47.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * libsoup-lang-3.4.4-150600.3.47.1 ## References: * https://www.suse.com/security/cve/CVE-2026-1801.html * https://www.suse.com/security/cve/CVE-2026-4271.html * https://bugzilla.suse.com/show_bug.cgi?id=1257649 * https://bugzilla.suse.com/show_bug.cgi?id=1259767 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 08:31:52 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 08:31:52 -0000 Subject: SUSE-SU-2026:2313-1: important: Security update for vim Message-ID: <178108031282.207.18207560396452895373@72e00eddb364> # Security update for vim Announcement ID: SUSE-SU-2026:2313-1 Release Date: 2026-06-09T12:51:12Z Rating: important References: * bsc#1261833 * bsc#1262395 * bsc#1264706 * bsc#1264707 * bsc#1264708 * bsc#1265349 * bsc#1265360 Cross-References: * CVE-2026-39881 * CVE-2026-42307 * CVE-2026-43961 * CVE-2026-44656 * CVE-2026-45130 * CVE-2026-46483 CVSS scores: * CVE-2026-39881 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39881 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N * CVE-2026-39881 ( NVD ): 5.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:N * CVE-2026-39881 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-42307 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-43961 ( SUSE ): 5.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43961 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2026-44656 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-44656 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-44656 ( NVD ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-44656 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-45130 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2026-45130 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-45130 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2026-46483 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46483 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-46483 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-46483 ( NVD ): 3.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves six vulnerabilities and has one security fix can now be installed. ## Description: This update for vim fixes the following issues * CVE-2026-39881: command injection in NetBeans interface can lead to arbitrary file reads and writes (bsc#1261833). * CVE-2026-42307: Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim (bsc#1264706). * CVE-2026-43961: Vimscript Code Injection in netrw NetrwMarkFile() via crafted filename (bsc#1265349). * CVE-2026-44656: Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's: find command-line completion (bsc#1264707). * CVE-2026-45130: Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 encoding active (bsc#1264708). * CVE-2026-46483: command injection via `tar#Vimuntar()` in `runtime/autoload/tar.vim` when decompressing `.tgz` archives on Unix-like systems (bsc#1265360). Changes for vim: * Update to v9.2.0530. * Fix for incorrectly detecting scientific parameter files as bitbake recipies. (bsc#1262395) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2313=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2313=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2313=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2313=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2313=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2313=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2313=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2313=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * vim-data-common-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * vim-small-debuginfo-9.2.0530-150000.5.94.1 * vim-debugsource-9.2.0530-150000.5.94.1 * vim-small-9.2.0530-150000.5.94.1 * vim-debuginfo-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * vim-data-common-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * vim-small-debuginfo-9.2.0530-150000.5.94.1 * vim-debugsource-9.2.0530-150000.5.94.1 * vim-small-9.2.0530-150000.5.94.1 * vim-debuginfo-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * vim-data-common-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * vim-small-debuginfo-9.2.0530-150000.5.94.1 * vim-debugsource-9.2.0530-150000.5.94.1 * vim-small-9.2.0530-150000.5.94.1 * vim-debuginfo-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * vim-data-common-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * vim-small-debuginfo-9.2.0530-150000.5.94.1 * vim-debugsource-9.2.0530-150000.5.94.1 * vim-small-9.2.0530-150000.5.94.1 * vim-debuginfo-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * vim-small-debuginfo-9.2.0530-150000.5.94.1 * gvim-9.2.0530-150000.5.94.1 * gvim-debuginfo-9.2.0530-150000.5.94.1 * vim-debugsource-9.2.0530-150000.5.94.1 * vim-debuginfo-9.2.0530-150000.5.94.1 * vim-9.2.0530-150000.5.94.1 * vim-small-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * vim-data-common-9.2.0530-150000.5.94.1 * vim-data-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * vim-small-debuginfo-9.2.0530-150000.5.94.1 * gvim-9.2.0530-150000.5.94.1 * gvim-debuginfo-9.2.0530-150000.5.94.1 * vim-debugsource-9.2.0530-150000.5.94.1 * vim-debuginfo-9.2.0530-150000.5.94.1 * vim-9.2.0530-150000.5.94.1 * vim-small-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * vim-data-common-9.2.0530-150000.5.94.1 * vim-data-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * vim-small-debuginfo-9.2.0530-150000.5.94.1 * gvim-9.2.0530-150000.5.94.1 * gvim-debuginfo-9.2.0530-150000.5.94.1 * vim-debugsource-9.2.0530-150000.5.94.1 * vim-debuginfo-9.2.0530-150000.5.94.1 * vim-9.2.0530-150000.5.94.1 * vim-small-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * vim-data-common-9.2.0530-150000.5.94.1 * vim-data-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * vim-small-debuginfo-9.2.0530-150000.5.94.1 * gvim-9.2.0530-150000.5.94.1 * gvim-debuginfo-9.2.0530-150000.5.94.1 * vim-debugsource-9.2.0530-150000.5.94.1 * vim-debuginfo-9.2.0530-150000.5.94.1 * vim-9.2.0530-150000.5.94.1 * vim-small-9.2.0530-150000.5.94.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * vim-data-common-9.2.0530-150000.5.94.1 * vim-data-9.2.0530-150000.5.94.1 ## References: * https://www.suse.com/security/cve/CVE-2026-39881.html * https://www.suse.com/security/cve/CVE-2026-42307.html * https://www.suse.com/security/cve/CVE-2026-43961.html * https://www.suse.com/security/cve/CVE-2026-44656.html * https://www.suse.com/security/cve/CVE-2026-45130.html * https://www.suse.com/security/cve/CVE-2026-46483.html * https://bugzilla.suse.com/show_bug.cgi?id=1261833 * https://bugzilla.suse.com/show_bug.cgi?id=1262395 * https://bugzilla.suse.com/show_bug.cgi?id=1264706 * https://bugzilla.suse.com/show_bug.cgi?id=1264707 * https://bugzilla.suse.com/show_bug.cgi?id=1264708 * https://bugzilla.suse.com/show_bug.cgi?id=1265349 * https://bugzilla.suse.com/show_bug.cgi?id=1265360 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 08:31:57 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 08:31:57 -0000 Subject: SUSE-SU-2026:2312-1: important: Security update for strongswan Message-ID: <178108031755.207.7248510091210990556@72e00eddb364> # Security update for strongswan Announcement ID: SUSE-SU-2026:2312-1 Release Date: 2026-06-09T12:49:40Z Rating: important References: * bsc#1266360 Cross-References: * CVE-2026-47895 CVSS scores: * CVE-2026-47895 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-47895 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for strongswan fixes the following issue * CVE-2026-47895: double-free when destroying certain cloned identities (bsc#1266360). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-2312=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2312=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * strongswan-debugsource-5.1.3-26.38.1 * strongswan-ipsec-5.1.3-26.38.1 * strongswan-5.1.3-26.38.1 * strongswan-libs0-debuginfo-5.1.3-26.38.1 * strongswan-libs0-5.1.3-26.38.1 * strongswan-hmac-5.1.3-26.38.1 * strongswan-ipsec-debuginfo-5.1.3-26.38.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * strongswan-doc-5.1.3-26.38.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * strongswan-debugsource-5.1.3-26.38.1 * strongswan-ipsec-5.1.3-26.38.1 * strongswan-5.1.3-26.38.1 * strongswan-libs0-debuginfo-5.1.3-26.38.1 * strongswan-libs0-5.1.3-26.38.1 * strongswan-hmac-5.1.3-26.38.1 * strongswan-ipsec-debuginfo-5.1.3-26.38.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * strongswan-doc-5.1.3-26.38.1 ## References: * https://www.suse.com/security/cve/CVE-2026-47895.html * https://bugzilla.suse.com/show_bug.cgi?id=1266360 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 12:30:34 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 12:30:34 -0000 Subject: SUSE-SU-2026:2330-1: critical: Security update for mariadb Message-ID: <178109463466.304.1614219124011162012@7a13588ea82f> # Security update for mariadb Announcement ID: SUSE-SU-2026:2330-1 Release Date: 2026-06-10T07:39:59Z Rating: critical References: * bsc#1259176 * bsc#1261413 * bsc#1266435 * bsc#1266437 * bsc#1266438 * bsc#1266439 * bsc#1266440 * bsc#1266441 * bsc#1266442 * bsc#1266814 * bsc#1266815 * bsc#1267542 Cross-References: * CVE-2026-34303 * CVE-2026-3494 * CVE-2026-35549 * CVE-2026-44168 * CVE-2026-44169 * CVE-2026-44170 * CVE-2026-44171 * CVE-2026-44172 * CVE-2026-44173 * CVE-2026-48163 * CVE-2026-48165 * CVE-2026-49261 CVSS scores: * CVE-2026-34303 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3494 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-3494 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2026-3494 ( NVD ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-3494 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2026-35549 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-35549 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35549 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-44168 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-44168 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-44169 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-44169 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-44170 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-44171 ( SUSE ): 5.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-44171 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2026-44172 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-44173 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L * CVE-2026-44173 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L * CVE-2026-48163 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-48163 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-48165 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-48165 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-49261 ( SUSE ): 9.4 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-49261 ( SUSE ): 9.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * Galera for Ericsson 15 SP7 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves 12 vulnerabilities can now be installed. ## Description: This update for mariadb fixes the following issues: * CVE-2026-3494: audit plugin comment handling bypass (bsc#1259176). * CVE-2026-34303: mysql: optimizer unspecified vulnerability (bsc#1266435). * CVE-2026-35549: SHA2 auth plugin crash on large packets (bsc#1261413). * CVE-2026-44168: wsrep SST unsafe parameter handling on the donor side (bsc#1266442). * CVE-2026-44169: authorization bypass in role-based routine-level privilege check exposes stored routine definitions (bsc#1266441). * CVE-2026-44170: argument injection in CONNECT REST Xcurl on Windows via unsanitized URL (bsc#1266440). * CVE-2026-44171: path traversal in mbstream (bsc#1266439). * CVE-2026-44172: mysql_real_escape_string() incorrectly handled big5 (bsc#1266438). * CVE-2026-44173: FILE privilege was not checked for subqueries in the FROM clause (bsc#1266437). * CVE-2026-48163: wsrep SST unsafe parameter handling on the donor side (bsc#1266815). * CVE-2026-48165: unsafe usage of `wsrep_sst_receive_address` values on the joiner side (bsc#1266814). * CVE-2026-49261: unsafe parameter handling in `wsrep_notify_cmd` (bsc#1267542). Changes for mariadb: * Update to 11.8.8: https://mariadb.com/docs/release-notes/community- server/11.8/11.8.8 https://mariadb.com/docs/release-notes/community- server/changelogs/11.8/11.8.8 * Update to 11.8.7: https://mariadb.com/docs/release-notes/community- server/11.8/11.8.7 https://mariadb.com/docs/release-notes/community- server/changelogs/11.8/11.8.7 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-2330=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2330=1 * Galera for Ericsson 15 SP7 zypper in -t patch SUSE-SLE-Product-SLES-15-SP7-ERICSSON-2026-2330=1 ## Package List: * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libmariadbd-devel-11.8.8-150700.3.15.1 * mariadb-debugsource-11.8.8-150700.3.15.1 * libmariadbd19-debuginfo-11.8.8-150700.3.15.1 * mariadb-11.8.8-150700.3.15.1 * mariadb-client-11.8.8-150700.3.15.1 * libmariadbd19-11.8.8-150700.3.15.1 * mariadb-client-debuginfo-11.8.8-150700.3.15.1 * mariadb-debuginfo-11.8.8-150700.3.15.1 * mariadb-tools-11.8.8-150700.3.15.1 * mariadb-tools-debuginfo-11.8.8-150700.3.15.1 * Server Applications Module 15-SP7 (noarch) * mariadb-errormessages-11.8.8-150700.3.15.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * mariadb-debuginfo-11.8.8-150700.3.15.1 * mariadb-debugsource-11.8.8-150700.3.15.1 * mariadb-galera-11.8.8-150700.3.15.1 * Galera for Ericsson 15 SP7 (x86_64) * mariadb-debuginfo-11.8.8-150700.3.15.1 * mariadb-debugsource-11.8.8-150700.3.15.1 * mariadb-galera-11.8.8-150700.3.15.1 ## References: * https://www.suse.com/security/cve/CVE-2026-34303.html * https://www.suse.com/security/cve/CVE-2026-3494.html * https://www.suse.com/security/cve/CVE-2026-35549.html * https://www.suse.com/security/cve/CVE-2026-44168.html * https://www.suse.com/security/cve/CVE-2026-44169.html * https://www.suse.com/security/cve/CVE-2026-44170.html * https://www.suse.com/security/cve/CVE-2026-44171.html * https://www.suse.com/security/cve/CVE-2026-44172.html * https://www.suse.com/security/cve/CVE-2026-44173.html * https://www.suse.com/security/cve/CVE-2026-48163.html * https://www.suse.com/security/cve/CVE-2026-48165.html * https://www.suse.com/security/cve/CVE-2026-49261.html * https://bugzilla.suse.com/show_bug.cgi?id=1259176 * https://bugzilla.suse.com/show_bug.cgi?id=1261413 * https://bugzilla.suse.com/show_bug.cgi?id=1266435 * https://bugzilla.suse.com/show_bug.cgi?id=1266437 * https://bugzilla.suse.com/show_bug.cgi?id=1266438 * https://bugzilla.suse.com/show_bug.cgi?id=1266439 * https://bugzilla.suse.com/show_bug.cgi?id=1266440 * https://bugzilla.suse.com/show_bug.cgi?id=1266441 * https://bugzilla.suse.com/show_bug.cgi?id=1266442 * https://bugzilla.suse.com/show_bug.cgi?id=1266814 * https://bugzilla.suse.com/show_bug.cgi?id=1266815 * https://bugzilla.suse.com/show_bug.cgi?id=1267542 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 12:30:41 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 12:30:41 -0000 Subject: SUSE-SU-2026:2329-1: important: Security update for xen Message-ID: <178109464198.304.14987637243063739524@7a13588ea82f> # Security update for xen Announcement ID: SUSE-SU-2026:2329-1 Release Date: 2026-06-10T07:39:36Z Rating: important References: * bsc#1266952 * bsc#1266953 * bsc#1266955 Cross-References: * CVE-2026-42487 * CVE-2026-42488 * CVE-2026-42489 * CVE-2026-42490 CVSS scores: * CVE-2026-42487 ( SUSE ): 8.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-42487 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-42488 ( SUSE ): 8.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-42488 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-42489 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2026-42489 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2026-42490 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2026-42490 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2026-42487: x86 HVM I/O port list traversal (bsc#1266952). * CVE-2026-42488: x86: mismatched mapcache metadata (bsc#1266955). * CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse (bsc#1266953). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2329=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2329=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2329=1 ## Package List: * openSUSE Leap 15.6 (aarch64 x86_64 i586) * xen-devel-4.18.5_18-150600.3.50.1 * xen-libs-debuginfo-4.18.5_18-150600.3.50.1 * xen-libs-4.18.5_18-150600.3.50.1 * xen-tools-domU-4.18.5_18-150600.3.50.1 * xen-debugsource-4.18.5_18-150600.3.50.1 * xen-tools-domU-debuginfo-4.18.5_18-150600.3.50.1 * openSUSE Leap 15.6 (x86_64) * xen-libs-32bit-4.18.5_18-150600.3.50.1 * xen-libs-32bit-debuginfo-4.18.5_18-150600.3.50.1 * openSUSE Leap 15.6 (aarch64 x86_64) * xen-tools-4.18.5_18-150600.3.50.1 * xen-4.18.5_18-150600.3.50.1 * xen-doc-html-4.18.5_18-150600.3.50.1 * xen-tools-debuginfo-4.18.5_18-150600.3.50.1 * openSUSE Leap 15.6 (noarch) * xen-tools-xendomains-wait-disk-4.18.5_18-150600.3.50.1 * openSUSE Leap 15.6 (aarch64_ilp32) * xen-libs-64bit-4.18.5_18-150600.3.50.1 * xen-libs-64bit-debuginfo-4.18.5_18-150600.3.50.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (x86_64) * xen-devel-4.18.5_18-150600.3.50.1 * xen-tools-debuginfo-4.18.5_18-150600.3.50.1 * xen-tools-4.18.5_18-150600.3.50.1 * xen-tools-domU-debuginfo-4.18.5_18-150600.3.50.1 * xen-libs-debuginfo-4.18.5_18-150600.3.50.1 * xen-libs-4.18.5_18-150600.3.50.1 * xen-tools-domU-4.18.5_18-150600.3.50.1 * xen-debugsource-4.18.5_18-150600.3.50.1 * xen-4.18.5_18-150600.3.50.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * xen-tools-xendomains-wait-disk-4.18.5_18-150600.3.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64) * xen-devel-4.18.5_18-150600.3.50.1 * xen-tools-debuginfo-4.18.5_18-150600.3.50.1 * xen-tools-4.18.5_18-150600.3.50.1 * xen-tools-domU-debuginfo-4.18.5_18-150600.3.50.1 * xen-libs-debuginfo-4.18.5_18-150600.3.50.1 * xen-libs-4.18.5_18-150600.3.50.1 * xen-tools-domU-4.18.5_18-150600.3.50.1 * xen-debugsource-4.18.5_18-150600.3.50.1 * xen-4.18.5_18-150600.3.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * xen-tools-xendomains-wait-disk-4.18.5_18-150600.3.50.1 ## References: * https://www.suse.com/security/cve/CVE-2026-42487.html * https://www.suse.com/security/cve/CVE-2026-42488.html * https://www.suse.com/security/cve/CVE-2026-42489.html * https://www.suse.com/security/cve/CVE-2026-42490.html * https://bugzilla.suse.com/show_bug.cgi?id=1266952 * https://bugzilla.suse.com/show_bug.cgi?id=1266953 * https://bugzilla.suse.com/show_bug.cgi?id=1266955 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 12:30:49 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 12:30:49 -0000 Subject: SUSE-SU-2026:2328-1: important: Security update for xen Message-ID: <178109464935.304.13256173037582823718@7a13588ea82f> # Security update for xen Announcement ID: SUSE-SU-2026:2328-1 Release Date: 2026-06-10T07:39:28Z Rating: important References: * bsc#1266952 * bsc#1266953 * bsc#1266955 Cross-References: * CVE-2026-42487 * CVE-2026-42488 * CVE-2026-42489 * CVE-2026-42490 CVSS scores: * CVE-2026-42487 ( SUSE ): 8.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-42487 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-42488 ( SUSE ): 8.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-42488 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-42489 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2026-42489 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2026-42490 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2026-42490 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2026-42487: x86 HVM I/O port list traversal (bsc#1266952). * CVE-2026-42488: x86: mismatched mapcache metadata (bsc#1266955). * CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse (bsc#1266953). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2328=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2328=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2328=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2328=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2328=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2328=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64 i586) * xen-tools-domU-4.17.6_12-150500.3.73.1 * xen-libs-debuginfo-4.17.6_12-150500.3.73.1 * xen-tools-domU-debuginfo-4.17.6_12-150500.3.73.1 * xen-debugsource-4.17.6_12-150500.3.73.1 * xen-libs-4.17.6_12-150500.3.73.1 * xen-devel-4.17.6_12-150500.3.73.1 * openSUSE Leap 15.5 (x86_64) * xen-libs-32bit-4.17.6_12-150500.3.73.1 * xen-libs-32bit-debuginfo-4.17.6_12-150500.3.73.1 * openSUSE Leap 15.5 (aarch64 x86_64) * xen-4.17.6_12-150500.3.73.1 * xen-tools-debuginfo-4.17.6_12-150500.3.73.1 * xen-doc-html-4.17.6_12-150500.3.73.1 * xen-tools-4.17.6_12-150500.3.73.1 * openSUSE Leap 15.5 (noarch) * xen-tools-xendomains-wait-disk-4.17.6_12-150500.3.73.1 * openSUSE Leap 15.5 (aarch64_ilp32) * xen-libs-64bit-debuginfo-4.17.6_12-150500.3.73.1 * xen-libs-64bit-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * xen-libs-debuginfo-4.17.6_12-150500.3.73.1 * xen-debugsource-4.17.6_12-150500.3.73.1 * xen-libs-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * xen-tools-domU-4.17.6_12-150500.3.73.1 * xen-tools-debuginfo-4.17.6_12-150500.3.73.1 * xen-libs-debuginfo-4.17.6_12-150500.3.73.1 * xen-tools-domU-debuginfo-4.17.6_12-150500.3.73.1 * xen-4.17.6_12-150500.3.73.1 * xen-debugsource-4.17.6_12-150500.3.73.1 * xen-libs-4.17.6_12-150500.3.73.1 * xen-tools-4.17.6_12-150500.3.73.1 * xen-devel-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * xen-tools-xendomains-wait-disk-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * xen-tools-domU-4.17.6_12-150500.3.73.1 * xen-tools-debuginfo-4.17.6_12-150500.3.73.1 * xen-libs-debuginfo-4.17.6_12-150500.3.73.1 * xen-tools-domU-debuginfo-4.17.6_12-150500.3.73.1 * xen-4.17.6_12-150500.3.73.1 * xen-debugsource-4.17.6_12-150500.3.73.1 * xen-libs-4.17.6_12-150500.3.73.1 * xen-tools-4.17.6_12-150500.3.73.1 * xen-devel-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * xen-tools-xendomains-wait-disk-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * xen-tools-domU-4.17.6_12-150500.3.73.1 * xen-tools-debuginfo-4.17.6_12-150500.3.73.1 * xen-libs-debuginfo-4.17.6_12-150500.3.73.1 * xen-tools-domU-debuginfo-4.17.6_12-150500.3.73.1 * xen-4.17.6_12-150500.3.73.1 * xen-debugsource-4.17.6_12-150500.3.73.1 * xen-libs-4.17.6_12-150500.3.73.1 * xen-tools-4.17.6_12-150500.3.73.1 * xen-devel-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * xen-tools-xendomains-wait-disk-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * xen-tools-domU-4.17.6_12-150500.3.73.1 * xen-tools-debuginfo-4.17.6_12-150500.3.73.1 * xen-libs-debuginfo-4.17.6_12-150500.3.73.1 * xen-tools-domU-debuginfo-4.17.6_12-150500.3.73.1 * xen-4.17.6_12-150500.3.73.1 * xen-debugsource-4.17.6_12-150500.3.73.1 * xen-libs-4.17.6_12-150500.3.73.1 * xen-tools-4.17.6_12-150500.3.73.1 * xen-devel-4.17.6_12-150500.3.73.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * xen-tools-xendomains-wait-disk-4.17.6_12-150500.3.73.1 ## References: * https://www.suse.com/security/cve/CVE-2026-42487.html * https://www.suse.com/security/cve/CVE-2026-42488.html * https://www.suse.com/security/cve/CVE-2026-42489.html * https://www.suse.com/security/cve/CVE-2026-42490.html * https://bugzilla.suse.com/show_bug.cgi?id=1266952 * https://bugzilla.suse.com/show_bug.cgi?id=1266953 * https://bugzilla.suse.com/show_bug.cgi?id=1266955 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 16:30:14 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 16:30:14 -0000 Subject: SUSE-SU-2026:2337-1: important: Security update for libyang Message-ID: <178110901448.377.9309389537959279763@7a13588ea82f> # Security update for libyang Announcement ID: SUSE-SU-2026:2337-1 Release Date: 2026-06-10T08:43:48Z Rating: important References: * bsc#1265330 * bsc#1266316 Cross-References: * CVE-2026-41401 * CVE-2026-44673 CVSS scores: * CVE-2026-41401 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-41401 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-41401 ( NVD ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-41401 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-44673 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-44673 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-44673 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Server Applications Module 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for libyang fixes the following issues * CVE-2026-41401: use-after-free in `lyd_parser_set_data_flags` when processing crafted YANG XML documents with specific metadata attributes (bsc#1266316). * CVE-2026-44673: integer overflow in `lyb_read_string()` of `src/parser_lyb.c` leads to heap buffer overflow when parsing a maliciously crafted LYB binary blob (bsc#1265330). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-2337=1 ## Package List: * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libyang-debugsource-2.1.148-150700.3.5.1 * libyang-debuginfo-2.1.148-150700.3.5.1 * libyang2-debuginfo-2.1.148-150700.3.5.1 * libyang2-2.1.148-150700.3.5.1 ## References: * https://www.suse.com/security/cve/CVE-2026-41401.html * https://www.suse.com/security/cve/CVE-2026-44673.html * https://bugzilla.suse.com/show_bug.cgi?id=1265330 * https://bugzilla.suse.com/show_bug.cgi?id=1266316 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 16:30:22 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 16:30:22 -0000 Subject: SUSE-SU-2026:2335-1: important: Security update for libyang Message-ID: <178110902203.377.15112171518704912315@7a13588ea82f> # Security update for libyang Announcement ID: SUSE-SU-2026:2335-1 Release Date: 2026-06-10T08:43:18Z Rating: important References: * bsc#1265330 * bsc#1266316 Cross-References: * CVE-2026-41401 * CVE-2026-44673 CVSS scores: * CVE-2026-41401 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-41401 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-41401 ( NVD ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-41401 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-44673 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-44673 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-44673 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for libyang fixes the following issues * CVE-2026-41401: use-after-free in `lyd_parser_set_data_flags` when processing crafted YANG XML documents with specific metadata attributes (bsc#1266316). * CVE-2026-44673: integer overflow in `lyb_read_string()` of `src/parser_lyb.c` leads to heap buffer overflow when parsing a maliciously crafted LYB binary blob (bsc#1265330). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2335=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2335=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2335=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2335=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2335=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2335=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2335=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libyang-debuginfo-2.1.55-150500.3.5.1 * libyang-debugsource-2.1.55-150500.3.5.1 * yang-tools-debuginfo-2.1.55-150500.3.5.1 * libyang2-debuginfo-2.1.55-150500.3.5.1 * yang-tools-2.1.55-150500.3.5.1 * libyang2-2.1.55-150500.3.5.1 * libyang-devel-2.1.55-150500.3.5.1 * openSUSE Leap 15.5 (noarch) * libyang-doc-2.1.55-150500.3.5.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libyang-debuginfo-2.1.55-150500.3.5.1 * libyang-debugsource-2.1.55-150500.3.5.1 * libyang2-2.1.55-150500.3.5.1 * libyang2-debuginfo-2.1.55-150500.3.5.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libyang-debuginfo-2.1.55-150500.3.5.1 * libyang-debugsource-2.1.55-150500.3.5.1 * libyang2-2.1.55-150500.3.5.1 * libyang2-debuginfo-2.1.55-150500.3.5.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libyang-debuginfo-2.1.55-150500.3.5.1 * libyang-debugsource-2.1.55-150500.3.5.1 * libyang2-2.1.55-150500.3.5.1 * libyang2-debuginfo-2.1.55-150500.3.5.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * libyang-debuginfo-2.1.55-150500.3.5.1 * libyang-debugsource-2.1.55-150500.3.5.1 * libyang2-2.1.55-150500.3.5.1 * libyang2-debuginfo-2.1.55-150500.3.5.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libyang-debuginfo-2.1.55-150500.3.5.1 * libyang-debugsource-2.1.55-150500.3.5.1 * libyang2-2.1.55-150500.3.5.1 * libyang2-debuginfo-2.1.55-150500.3.5.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * libyang-debuginfo-2.1.55-150500.3.5.1 * libyang-debugsource-2.1.55-150500.3.5.1 * libyang2-2.1.55-150500.3.5.1 * libyang2-debuginfo-2.1.55-150500.3.5.1 ## References: * https://www.suse.com/security/cve/CVE-2026-41401.html * https://www.suse.com/security/cve/CVE-2026-44673.html * https://bugzilla.suse.com/show_bug.cgi?id=1265330 * https://bugzilla.suse.com/show_bug.cgi?id=1266316 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 16:30:27 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 16:30:27 -0000 Subject: SUSE-SU-2026:2334-1: important: Security update for libyang Message-ID: <178110902791.377.15934554039735573741@7a13588ea82f> # Security update for libyang Announcement ID: SUSE-SU-2026:2334-1 Release Date: 2026-06-10T08:42:45Z Rating: important References: * bsc#1265330 * bsc#1266316 Cross-References: * CVE-2026-41401 * CVE-2026-44673 CVSS scores: * CVE-2026-41401 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-41401 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-41401 ( NVD ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-41401 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-44673 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-44673 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-44673 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for libyang fixes the following issues * CVE-2026-41401: use-after-free in `lyd_parser_set_data_flags` when processing crafted YANG XML documents with specific metadata attributes (bsc#1266316). * CVE-2026-44673: integer overflow in `lyb_read_string()` of `src/parser_lyb.c` leads to heap buffer overflow when parsing a maliciously crafted LYB binary blob (bsc#1265330). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-2334=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2334=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libyang2-2.1.148-8.8.1 * libyang-debugsource-2.1.148-8.8.1 * libyang2-debuginfo-2.1.148-8.8.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libyang2-2.1.148-8.8.1 * libyang-debugsource-2.1.148-8.8.1 * libyang2-debuginfo-2.1.148-8.8.1 ## References: * https://www.suse.com/security/cve/CVE-2026-41401.html * https://www.suse.com/security/cve/CVE-2026-44673.html * https://bugzilla.suse.com/show_bug.cgi?id=1265330 * https://bugzilla.suse.com/show_bug.cgi?id=1266316 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 16:30:35 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 16:30:35 -0000 Subject: SUSE-SU-2026:2333-1: important: Security update for glibc Message-ID: <178110903537.377.15710604175393918951@7a13588ea82f> # Security update for glibc Announcement ID: SUSE-SU-2026:2333-1 Release Date: 2026-06-10T08:42:34Z Rating: important References: * bsc#1261206 * bsc#1262464 * bsc#1262465 Cross-References: * CVE-2026-4046 * CVE-2026-5450 * CVE-2026-5928 CVSS scores: * CVE-2026-4046 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-4046 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-4046 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-5450 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-5450 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-5450 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-5928 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-5928 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-5928 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for glibc fixes the following issues * CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an application (bsc#1261206). * CVE-2026-5450: stdio-common: scanf %mc pattern will cause heap overflow when width > 1024 (bsc#1262465). * CVE-2026-5928: libio: ungetwc could be used to leak data on special conditions (bsc#1262464). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2026-2333=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2333=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2333=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2333=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2333=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2333=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2333=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2333=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2333=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2333=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2333=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2333=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2333=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2333=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586 i686) * glibc-debuginfo-2.31-150300.101.1 * glibc-devel-2.31-150300.101.1 * glibc-locale-base-2.31-150300.101.1 * glibc-locale-2.31-150300.101.1 * glibc-profile-2.31-150300.101.1 * glibc-devel-debuginfo-2.31-150300.101.1 * glibc-debugsource-2.31-150300.101.1 * glibc-devel-static-2.31-150300.101.1 * glibc-2.31-150300.101.1 * glibc-locale-base-debuginfo-2.31-150300.101.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * glibc-utils-2.31-150300.101.1 * glibc-utils-src-debugsource-2.31-150300.101.1 * nscd-2.31-150300.101.1 * nscd-debuginfo-2.31-150300.101.1 * glibc-extra-debuginfo-2.31-150300.101.1 * glibc-utils-debuginfo-2.31-150300.101.1 * glibc-extra-2.31-150300.101.1 * openSUSE Leap 15.3 (noarch) * glibc-html-2.31-150300.101.1 * glibc-info-2.31-150300.101.1 * glibc-lang-2.31-150300.101.1 * glibc-i18ndata-2.31-150300.101.1 * openSUSE Leap 15.3 (x86_64) * glibc-devel-static-32bit-2.31-150300.101.1 * glibc-profile-32bit-2.31-150300.101.1 * glibc-devel-32bit-debuginfo-2.31-150300.101.1 * glibc-utils-32bit-debuginfo-2.31-150300.101.1 * glibc-utils-32bit-2.31-150300.101.1 * glibc-32bit-2.31-150300.101.1 * glibc-devel-32bit-2.31-150300.101.1 * glibc-32bit-debuginfo-2.31-150300.101.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.101.1 * glibc-locale-base-32bit-2.31-150300.101.1 * openSUSE Leap 15.3 (aarch64_ilp32) * glibc-64bit-debuginfo-2.31-150300.101.1 * glibc-64bit-2.31-150300.101.1 * glibc-devel-64bit-debuginfo-2.31-150300.101.1 * glibc-devel-64bit-2.31-150300.101.1 * glibc-locale-base-64bit-debuginfo-2.31-150300.101.1 * glibc-utils-64bit-debuginfo-2.31-150300.101.1 * glibc-profile-64bit-2.31-150300.101.1 * glibc-devel-static-64bit-2.31-150300.101.1 * glibc-utils-64bit-2.31-150300.101.1 * glibc-locale-base-64bit-2.31-150300.101.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * glibc-debuginfo-2.31-150300.101.1 * glibc-devel-2.31-150300.101.1 * glibc-locale-base-2.31-150300.101.1 * glibc-locale-2.31-150300.101.1 * glibc-devel-debuginfo-2.31-150300.101.1 * glibc-debugsource-2.31-150300.101.1 * glibc-2.31-150300.101.1 * glibc-locale-base-debuginfo-2.31-150300.101.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * glibc-debuginfo-2.31-150300.101.1 * glibc-devel-2.31-150300.101.1 * glibc-locale-base-2.31-150300.101.1 * glibc-locale-2.31-150300.101.1 * glibc-devel-debuginfo-2.31-150300.101.1 * glibc-debugsource-2.31-150300.101.1 * glibc-2.31-150300.101.1 * glibc-locale-base-debuginfo-2.31-150300.101.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * glibc-debuginfo-2.31-150300.101.1 * glibc-devel-2.31-150300.101.1 * glibc-locale-base-2.31-150300.101.1 * glibc-locale-2.31-150300.101.1 * glibc-devel-debuginfo-2.31-150300.101.1 * glibc-debugsource-2.31-150300.101.1 * glibc-2.31-150300.101.1 * glibc-locale-base-debuginfo-2.31-150300.101.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * glibc-debuginfo-2.31-150300.101.1 * glibc-devel-2.31-150300.101.1 * glibc-locale-base-2.31-150300.101.1 * glibc-locale-2.31-150300.101.1 * glibc-devel-debuginfo-2.31-150300.101.1 * glibc-debugsource-2.31-150300.101.1 * glibc-2.31-150300.101.1 * glibc-locale-base-debuginfo-2.31-150300.101.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * glibc-debuginfo-2.31-150300.101.1 * glibc-devel-2.31-150300.101.1 * glibc-locale-base-2.31-150300.101.1 * glibc-locale-2.31-150300.101.1 * glibc-devel-debuginfo-2.31-150300.101.1 * glibc-debugsource-2.31-150300.101.1 * glibc-2.31-150300.101.1 * glibc-locale-base-debuginfo-2.31-150300.101.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * glibc-utils-2.31-150300.101.1 * glibc-debuginfo-2.31-150300.101.1 * glibc-devel-2.31-150300.101.1 * glibc-utils-src-debugsource-2.31-150300.101.1 * glibc-locale-base-2.31-150300.101.1 * nscd-2.31-150300.101.1 * glibc-utils-debuginfo-2.31-150300.101.1 * glibc-locale-2.31-150300.101.1 * glibc-extra-debuginfo-2.31-150300.101.1 * glibc-devel-debuginfo-2.31-150300.101.1 * glibc-profile-2.31-150300.101.1 * nscd-debuginfo-2.31-150300.101.1 * glibc-debugsource-2.31-150300.101.1 * glibc-devel-static-2.31-150300.101.1 * glibc-2.31-150300.101.1 * glibc-locale-base-debuginfo-2.31-150300.101.1 * glibc-extra-2.31-150300.101.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * glibc-info-2.31-150300.101.1 * glibc-lang-2.31-150300.101.1 * glibc-i18ndata-2.31-150300.101.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * glibc-devel-32bit-debuginfo-2.31-150300.101.1 * glibc-32bit-2.31-150300.101.1 * glibc-devel-32bit-2.31-150300.101.1 * glibc-32bit-debuginfo-2.31-150300.101.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.101.1 * glibc-locale-base-32bit-2.31-150300.101.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * glibc-utils-2.31-150300.101.1 * glibc-debuginfo-2.31-150300.101.1 * glibc-devel-2.31-150300.101.1 * glibc-utils-src-debugsource-2.31-150300.101.1 * glibc-locale-base-2.31-150300.101.1 * nscd-2.31-150300.101.1 * glibc-utils-debuginfo-2.31-150300.101.1 * glibc-locale-2.31-150300.101.1 * glibc-extra-debuginfo-2.31-150300.101.1 * glibc-devel-debuginfo-2.31-150300.101.1 * glibc-profile-2.31-150300.101.1 * nscd-debuginfo-2.31-150300.101.1 * glibc-debugsource-2.31-150300.101.1 * glibc-devel-static-2.31-150300.101.1 * glibc-2.31-150300.101.1 * glibc-locale-base-debuginfo-2.31-150300.101.1 * glibc-extra-2.31-150300.101.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * glibc-info-2.31-150300.101.1 * glibc-lang-2.31-150300.101.1 * glibc-i18ndata-2.31-150300.101.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * glibc-devel-32bit-debuginfo-2.31-150300.101.1 * glibc-32bit-2.31-150300.101.1 * glibc-devel-32bit-2.31-150300.101.1 * glibc-32bit-debuginfo-2.31-150300.101.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.101.1 * glibc-locale-base-32bit-2.31-150300.101.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * glibc-utils-2.31-150300.101.1 * glibc-utils-src-debugsource-2.31-150300.101.1 * nscd-2.31-150300.101.1 * glibc-debuginfo-2.31-150300.101.1 * glibc-locale-base-2.31-150300.101.1 * glibc-devel-2.31-150300.101.1 * glibc-utils-debuginfo-2.31-150300.101.1 * glibc-profile-2.31-150300.101.1 * glibc-locale-2.31-150300.101.1 * glibc-extra-debuginfo-2.31-150300.101.1 * nscd-debuginfo-2.31-150300.101.1 * glibc-devel-debuginfo-2.31-150300.101.1 * glibc-debugsource-2.31-150300.101.1 * glibc-devel-static-2.31-150300.101.1 * glibc-2.31-150300.101.1 * glibc-locale-base-debuginfo-2.31-150300.101.1 * glibc-extra-2.31-150300.101.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * glibc-info-2.31-150300.101.1 * glibc-lang-2.31-150300.101.1 * glibc-i18ndata-2.31-150300.101.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * glibc-devel-32bit-debuginfo-2.31-150300.101.1 * glibc-32bit-2.31-150300.101.1 * glibc-devel-32bit-2.31-150300.101.1 * glibc-32bit-debuginfo-2.31-150300.101.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.101.1 * glibc-locale-base-32bit-2.31-150300.101.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * glibc-devel-32bit-debuginfo-2.31-150300.101.1 * glibc-32bit-2.31-150300.101.1 * glibc-devel-32bit-2.31-150300.101.1 * glibc-32bit-debuginfo-2.31-150300.101.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.101.1 * glibc-locale-base-32bit-2.31-150300.101.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * glibc-utils-2.31-150300.101.1 * glibc-debuginfo-2.31-150300.101.1 * glibc-devel-2.31-150300.101.1 * glibc-utils-src-debugsource-2.31-150300.101.1 * glibc-locale-base-2.31-150300.101.1 * nscd-2.31-150300.101.1 * glibc-utils-debuginfo-2.31-150300.101.1 * glibc-locale-2.31-150300.101.1 * glibc-extra-debuginfo-2.31-150300.101.1 * glibc-devel-debuginfo-2.31-150300.101.1 * glibc-profile-2.31-150300.101.1 * nscd-debuginfo-2.31-150300.101.1 * glibc-debugsource-2.31-150300.101.1 * glibc-devel-static-2.31-150300.101.1 * glibc-2.31-150300.101.1 * glibc-locale-base-debuginfo-2.31-150300.101.1 * glibc-extra-2.31-150300.101.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * glibc-info-2.31-150300.101.1 * glibc-lang-2.31-150300.101.1 * glibc-i18ndata-2.31-150300.101.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * glibc-utils-2.31-150300.101.1 * glibc-debuginfo-2.31-150300.101.1 * glibc-devel-2.31-150300.101.1 * glibc-utils-src-debugsource-2.31-150300.101.1 * glibc-locale-base-2.31-150300.101.1 * nscd-2.31-150300.101.1 * glibc-utils-debuginfo-2.31-150300.101.1 * glibc-locale-2.31-150300.101.1 * glibc-extra-debuginfo-2.31-150300.101.1 * glibc-devel-debuginfo-2.31-150300.101.1 * glibc-profile-2.31-150300.101.1 * nscd-debuginfo-2.31-150300.101.1 * glibc-debugsource-2.31-150300.101.1 * glibc-devel-static-2.31-150300.101.1 * glibc-2.31-150300.101.1 * glibc-locale-base-debuginfo-2.31-150300.101.1 * glibc-extra-2.31-150300.101.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * glibc-info-2.31-150300.101.1 * glibc-lang-2.31-150300.101.1 * glibc-i18ndata-2.31-150300.101.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * glibc-devel-32bit-debuginfo-2.31-150300.101.1 * glibc-32bit-2.31-150300.101.1 * glibc-devel-32bit-2.31-150300.101.1 * glibc-32bit-debuginfo-2.31-150300.101.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.101.1 * glibc-locale-base-32bit-2.31-150300.101.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * glibc-utils-2.31-150300.101.1 * glibc-debuginfo-2.31-150300.101.1 * glibc-devel-2.31-150300.101.1 * glibc-utils-src-debugsource-2.31-150300.101.1 * glibc-locale-base-2.31-150300.101.1 * nscd-2.31-150300.101.1 * glibc-utils-debuginfo-2.31-150300.101.1 * glibc-locale-2.31-150300.101.1 * glibc-extra-debuginfo-2.31-150300.101.1 * glibc-devel-debuginfo-2.31-150300.101.1 * glibc-profile-2.31-150300.101.1 * nscd-debuginfo-2.31-150300.101.1 * glibc-debugsource-2.31-150300.101.1 * glibc-devel-static-2.31-150300.101.1 * glibc-2.31-150300.101.1 * glibc-locale-base-debuginfo-2.31-150300.101.1 * glibc-extra-2.31-150300.101.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * glibc-info-2.31-150300.101.1 * glibc-lang-2.31-150300.101.1 * glibc-i18ndata-2.31-150300.101.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * glibc-devel-32bit-debuginfo-2.31-150300.101.1 * glibc-32bit-2.31-150300.101.1 * glibc-devel-32bit-2.31-150300.101.1 * glibc-32bit-debuginfo-2.31-150300.101.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.101.1 * glibc-locale-base-32bit-2.31-150300.101.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * glibc-utils-2.31-150300.101.1 * glibc-debuginfo-2.31-150300.101.1 * glibc-devel-2.31-150300.101.1 * glibc-utils-src-debugsource-2.31-150300.101.1 * glibc-locale-base-2.31-150300.101.1 * nscd-2.31-150300.101.1 * glibc-utils-debuginfo-2.31-150300.101.1 * glibc-locale-2.31-150300.101.1 * glibc-extra-debuginfo-2.31-150300.101.1 * glibc-devel-debuginfo-2.31-150300.101.1 * glibc-profile-2.31-150300.101.1 * nscd-debuginfo-2.31-150300.101.1 * glibc-debugsource-2.31-150300.101.1 * glibc-devel-static-2.31-150300.101.1 * glibc-2.31-150300.101.1 * glibc-locale-base-debuginfo-2.31-150300.101.1 * glibc-extra-2.31-150300.101.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * glibc-info-2.31-150300.101.1 * glibc-lang-2.31-150300.101.1 * glibc-i18ndata-2.31-150300.101.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * glibc-devel-32bit-debuginfo-2.31-150300.101.1 * glibc-32bit-2.31-150300.101.1 * glibc-devel-32bit-2.31-150300.101.1 * glibc-32bit-debuginfo-2.31-150300.101.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.101.1 * glibc-locale-base-32bit-2.31-150300.101.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * glibc-utils-2.31-150300.101.1 * glibc-debuginfo-2.31-150300.101.1 * glibc-devel-2.31-150300.101.1 * glibc-utils-src-debugsource-2.31-150300.101.1 * glibc-locale-base-2.31-150300.101.1 * nscd-2.31-150300.101.1 * glibc-utils-debuginfo-2.31-150300.101.1 * glibc-locale-2.31-150300.101.1 * glibc-extra-debuginfo-2.31-150300.101.1 * glibc-devel-debuginfo-2.31-150300.101.1 * glibc-profile-2.31-150300.101.1 * nscd-debuginfo-2.31-150300.101.1 * glibc-debugsource-2.31-150300.101.1 * glibc-devel-static-2.31-150300.101.1 * glibc-2.31-150300.101.1 * glibc-locale-base-debuginfo-2.31-150300.101.1 * glibc-extra-2.31-150300.101.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * glibc-info-2.31-150300.101.1 * glibc-lang-2.31-150300.101.1 * glibc-i18ndata-2.31-150300.101.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * glibc-devel-32bit-debuginfo-2.31-150300.101.1 * glibc-32bit-2.31-150300.101.1 * glibc-devel-32bit-2.31-150300.101.1 * glibc-32bit-debuginfo-2.31-150300.101.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.101.1 * glibc-locale-base-32bit-2.31-150300.101.1 ## References: * https://www.suse.com/security/cve/CVE-2026-4046.html * https://www.suse.com/security/cve/CVE-2026-5450.html * https://www.suse.com/security/cve/CVE-2026-5928.html * https://bugzilla.suse.com/show_bug.cgi?id=1261206 * https://bugzilla.suse.com/show_bug.cgi?id=1262464 * https://bugzilla.suse.com/show_bug.cgi?id=1262465 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 16:30:52 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 16:30:52 -0000 Subject: SUSE-SU-2026:2332-1: important: Security update for the Linux Kernel Message-ID: <178110905201.377.10080512849400168593@7a13588ea82f> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:2332-1 Release Date: 2026-06-10T08:41:19Z Rating: important References: * bsc#1263790 * bsc#1263995 * bsc#1264551 * bsc#1266001 * bsc#1266009 * bsc#1266238 * bsc#1266711 * bsc#1266901 Cross-References: * CVE-2026-31629 * CVE-2026-43037 * CVE-2026-43206 * CVE-2026-43499 * CVE-2026-43501 * CVE-2026-45852 * CVE-2026-46043 * CVE-2026-46243 CVSS scores: * CVE-2026-31629 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31629 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31629 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43206 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43206 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43499 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43499 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43499 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43501 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43501 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43501 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45852 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45852 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46043 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46043 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46043 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-46243 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Micro 5.5 An update that solves eight vulnerabilities can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: * CVE-2026-31629: nfc: llcp: add missing return after LLCP_CLOSED checks (bsc#1263790). * CVE-2026-43037: ip6_tunnel: clear skb2->cb in ip4ip6_err() (bsc#1263995). * CVE-2026-43206: drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set() (bsc#1264551). * CVE-2026-43499: rtmutex: Use waiter::task instead of current in remove_waiter() (bsc#1266001). * CVE-2026-43501: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (bsc#1266009). * CVE-2026-45852: RDMA/rxe: Fix double free in rxe_srq_from_init (bsc#1266711). * CVE-2026-46043: RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv (bsc#1266901). * CVE-2026-46243: smb: client: reject userspace cifs.spnego descriptions (bsc#1266238). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2332=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2332=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * dlm-kmp-rt-debuginfo-5.14.21-150500.13.143.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.143.1 * kernel-syms-rt-5.14.21-150500.13.143.1 * gfs2-kmp-rt-5.14.21-150500.13.143.1 * kernel-rt-debugsource-5.14.21-150500.13.143.1 * kernel-rt-extra-5.14.21-150500.13.143.1 * kernel-rt-extra-debuginfo-5.14.21-150500.13.143.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.143.1 * ocfs2-kmp-rt-5.14.21-150500.13.143.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.143.1 * kernel-rt-livepatch-5.14.21-150500.13.143.1 * kernel-rt_debug-vdso-5.14.21-150500.13.143.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.143.1 * kernel-rt-debuginfo-5.14.21-150500.13.143.1 * kernel-rt-devel-5.14.21-150500.13.143.1 * kselftests-kmp-rt-5.14.21-150500.13.143.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.143.1 * kernel-rt-optional-5.14.21-150500.13.143.1 * dlm-kmp-rt-5.14.21-150500.13.143.1 * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.143.1 * cluster-md-kmp-rt-5.14.21-150500.13.143.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.143.1 * kernel-rt_debug-devel-5.14.21-150500.13.143.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.143.1 * kernel-rt-optional-debuginfo-5.14.21-150500.13.143.1 * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.143.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.143.1 * reiserfs-kmp-rt-5.14.21-150500.13.143.1 * kernel-rt-vdso-5.14.21-150500.13.143.1 * kernel-rt-livepatch-devel-5.14.21-150500.13.143.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.143.1 * openSUSE Leap 15.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.143.1 * kernel-rt_debug-5.14.21-150500.13.143.1 * openSUSE Leap 15.5 (noarch) * kernel-source-rt-5.14.21-150500.13.143.1 * kernel-devel-rt-5.14.21-150500.13.143.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-source-rt-5.14.21-150500.13.143.1 * kernel-devel-rt-5.14.21-150500.13.143.1 * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.143.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kernel-rt-debuginfo-5.14.21-150500.13.143.1 * kernel-rt-debugsource-5.14.21-150500.13.143.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31629.html * https://www.suse.com/security/cve/CVE-2026-43037.html * https://www.suse.com/security/cve/CVE-2026-43206.html * https://www.suse.com/security/cve/CVE-2026-43499.html * https://www.suse.com/security/cve/CVE-2026-43501.html * https://www.suse.com/security/cve/CVE-2026-45852.html * https://www.suse.com/security/cve/CVE-2026-46043.html * https://www.suse.com/security/cve/CVE-2026-46243.html * https://bugzilla.suse.com/show_bug.cgi?id=1263790 * https://bugzilla.suse.com/show_bug.cgi?id=1263995 * https://bugzilla.suse.com/show_bug.cgi?id=1264551 * https://bugzilla.suse.com/show_bug.cgi?id=1266001 * https://bugzilla.suse.com/show_bug.cgi?id=1266009 * https://bugzilla.suse.com/show_bug.cgi?id=1266238 * https://bugzilla.suse.com/show_bug.cgi?id=1266711 * https://bugzilla.suse.com/show_bug.cgi?id=1266901 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 16:31:19 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 16:31:19 -0000 Subject: SUSE-SU-2026:2331-1: important: Security update for the Linux Kernel Message-ID: <178110907955.377.16145511703916306341@7a13588ea82f> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:2331-1 Release Date: 2026-06-10T08:40:38Z Rating: important References: * bsc#1261700 * bsc#1263790 * bsc#1263995 * bsc#1264093 * bsc#1264551 * bsc#1266001 * bsc#1266009 * bsc#1266238 * bsc#1266711 * bsc#1266901 * bsc#1266969 * bsc#1267205 * bsc#1267220 Cross-References: * CVE-2026-31405 * CVE-2026-31629 * CVE-2026-31758 * CVE-2026-43037 * CVE-2026-43206 * CVE-2026-43499 * CVE-2026-43501 * CVE-2026-45852 * CVE-2026-45970 * CVE-2026-46021 * CVE-2026-46043 * CVE-2026-46113 * CVE-2026-46243 CVSS scores: * CVE-2026-31405 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31405 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31629 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31629 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31629 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31758 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31758 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31758 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43206 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43206 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43499 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43499 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43499 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43501 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43501 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43501 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45852 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45852 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45970 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46021 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46021 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46043 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46043 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46043 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-46113 ( SUSE ): 9.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-46113 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46113 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46243 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves 13 vulnerabilities can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: * CVE-2026-31405: media: dvb-net: fix OOB access in ULE extension header tables (bsc#1261700). * CVE-2026-31629: nfc: llcp: add missing return after LLCP_CLOSED checks (bsc#1263790). * CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmc_release (bsc#1264093). * CVE-2026-43037: ip6_tunnel: clear skb2->cb in ip4ip6_err() (bsc#1263995). * CVE-2026-43206: drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set() (bsc#1264551). * CVE-2026-43499: rtmutex: Use waiter::task instead of current in remove_waiter() (bsc#1266001). * CVE-2026-43501: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (bsc#1266009). * CVE-2026-45852: RDMA/rxe: Fix double free in rxe_srq_from_init (bsc#1266711). * CVE-2026-45970: bonding: alb: fix UAF in rlb_arp_recv during bond up/down (bsc#1267205). * CVE-2026-46021: thermal: core: Fix thermal zone governor cleanup issues (bsc#1267220). * CVE-2026-46043: RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv (bsc#1266901). * CVE-2026-46113: KVM: x86/mmu: Add helper to convert SPTE value to its shadow page (bsc#1266969). * CVE-2026-46243: smb: client: reject userspace cifs.spnego descriptions (bsc#1266238). The following non security issues were fixed: * arm64: tlb: Allow XZR argument to TLBI ops (git-fixes). * arm64: tlb: Optimize ARM64_WORKAROUND_REPEAT_TLBI (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2331=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2331=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2331=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2331=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.170.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.170.1 * kernel-rt-debugsource-5.14.21-150400.15.170.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.170.1 * SUSE Linux Enterprise Micro 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.170.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.170.1 * kernel-rt-debugsource-5.14.21-150400.15.170.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.170.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.170.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.170.1 * kernel-rt-debugsource-5.14.21-150400.15.170.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.170.1 * SUSE Linux Enterprise Micro 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.170.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.170.1 * kernel-rt-debugsource-5.14.21-150400.15.170.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.170.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31405.html * https://www.suse.com/security/cve/CVE-2026-31629.html * https://www.suse.com/security/cve/CVE-2026-31758.html * https://www.suse.com/security/cve/CVE-2026-43037.html * https://www.suse.com/security/cve/CVE-2026-43206.html * https://www.suse.com/security/cve/CVE-2026-43499.html * https://www.suse.com/security/cve/CVE-2026-43501.html * https://www.suse.com/security/cve/CVE-2026-45852.html * https://www.suse.com/security/cve/CVE-2026-45970.html * https://www.suse.com/security/cve/CVE-2026-46021.html * https://www.suse.com/security/cve/CVE-2026-46043.html * https://www.suse.com/security/cve/CVE-2026-46113.html * https://www.suse.com/security/cve/CVE-2026-46243.html * https://bugzilla.suse.com/show_bug.cgi?id=1261700 * https://bugzilla.suse.com/show_bug.cgi?id=1263790 * https://bugzilla.suse.com/show_bug.cgi?id=1263995 * https://bugzilla.suse.com/show_bug.cgi?id=1264093 * https://bugzilla.suse.com/show_bug.cgi?id=1264551 * https://bugzilla.suse.com/show_bug.cgi?id=1266001 * https://bugzilla.suse.com/show_bug.cgi?id=1266009 * https://bugzilla.suse.com/show_bug.cgi?id=1266238 * https://bugzilla.suse.com/show_bug.cgi?id=1266711 * https://bugzilla.suse.com/show_bug.cgi?id=1266901 * https://bugzilla.suse.com/show_bug.cgi?id=1266969 * https://bugzilla.suse.com/show_bug.cgi?id=1267205 * https://bugzilla.suse.com/show_bug.cgi?id=1267220 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 20:30:07 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 20:30:07 -0000 Subject: SUSE-SU-2026:2355-1: moderate: Security update for openCryptoki Message-ID: <178112340795.391.7481182597701196727@003816f08d43> # Security update for openCryptoki Announcement ID: SUSE-SU-2026:2355-1 Release Date: 2026-06-10T15:08:36Z Rating: moderate References: * bsc#1262283 Cross-References: * CVE-2026-40253 CVSS scores: * CVE-2026-40253 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-40253 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-40253 ( NVD ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-40253 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for openCryptoki fixes the following issue: * CVE-2026-40253: malformed BER-encoded cryptographic objects can lead to information disclosure and denial of service (bsc#1262283). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2355=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2355=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2355=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * openCryptoki-3.17.0-150400.4.16.1 * openCryptoki-debugsource-3.17.0-150400.4.16.1 * openCryptoki-devel-3.17.0-150400.4.16.1 * openCryptoki-debuginfo-3.17.0-150400.4.16.1 * openSUSE Leap 15.4 (i586) * openCryptoki-32bit-debuginfo-3.17.0-150400.4.16.1 * openCryptoki-32bit-3.17.0-150400.4.16.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * openCryptoki-64bit-debuginfo-3.17.0-150400.4.16.1 * openCryptoki-64bit-3.17.0-150400.4.16.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (s390x) * openCryptoki-3.17.0-150400.4.16.1 * openCryptoki-debugsource-3.17.0-150400.4.16.1 * openCryptoki-debuginfo-3.17.0-150400.4.16.1 * SUSE Linux Enterprise Micro 5.4 (s390x) * openCryptoki-3.17.0-150400.4.16.1 * openCryptoki-debugsource-3.17.0-150400.4.16.1 * openCryptoki-debuginfo-3.17.0-150400.4.16.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40253.html * https://bugzilla.suse.com/show_bug.cgi?id=1262283 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 20:30:14 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 20:30:14 -0000 Subject: SUSE-SU-2026:2354-1: important: Security update for wicked Message-ID: <178112341477.391.12889618558558669017@003816f08d43> # Security update for wicked Announcement ID: SUSE-SU-2026:2354-1 Release Date: 2026-06-10T14:56:00Z Rating: important References: * bsc#1265221 * jsc#PED-1942 Cross-References: * CVE-2026-44932 CVSS scores: * CVE-2026-44932 ( SUSE ): 5.8 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H * CVE-2026-44932 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability and contains one feature can now be installed. ## Description: This update for wicked fixes the following issues: * CVE-2026-44932: Fixed indirect remote shell command injection via unsanitized DHCP options (bsc#1265221). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2354=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2354=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2354=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2354=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2354=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2354=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2354=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2354=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2354=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * wicked-debugsource-0.6.79-150400.3.39.1 * wicked-0.6.79-150400.3.39.1 * wicked-debuginfo-0.6.79-150400.3.39.1 * wicked-service-0.6.79-150400.3.39.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * wicked-debugsource-0.6.79-150400.3.39.1 * wicked-0.6.79-150400.3.39.1 * wicked-debuginfo-0.6.79-150400.3.39.1 * wicked-service-0.6.79-150400.3.39.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * wicked-debugsource-0.6.79-150400.3.39.1 * wicked-0.6.79-150400.3.39.1 * wicked-debuginfo-0.6.79-150400.3.39.1 * wicked-service-0.6.79-150400.3.39.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * wicked-debugsource-0.6.79-150400.3.39.1 * wicked-0.6.79-150400.3.39.1 * wicked-debuginfo-0.6.79-150400.3.39.1 * wicked-service-0.6.79-150400.3.39.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * wicked-debugsource-0.6.79-150400.3.39.1 * wicked-0.6.79-150400.3.39.1 * wicked-debuginfo-0.6.79-150400.3.39.1 * wicked-service-0.6.79-150400.3.39.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * wicked-debugsource-0.6.79-150400.3.39.1 * wicked-0.6.79-150400.3.39.1 * wicked-debuginfo-0.6.79-150400.3.39.1 * wicked-service-0.6.79-150400.3.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * wicked-debugsource-0.6.79-150400.3.39.1 * wicked-0.6.79-150400.3.39.1 * wicked-debuginfo-0.6.79-150400.3.39.1 * wicked-service-0.6.79-150400.3.39.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * wicked-debugsource-0.6.79-150400.3.39.1 * wicked-0.6.79-150400.3.39.1 * wicked-debuginfo-0.6.79-150400.3.39.1 * wicked-service-0.6.79-150400.3.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * wicked-debugsource-0.6.79-150400.3.39.1 * wicked-0.6.79-150400.3.39.1 * wicked-debuginfo-0.6.79-150400.3.39.1 * wicked-service-0.6.79-150400.3.39.1 ## References: * https://www.suse.com/security/cve/CVE-2026-44932.html * https://bugzilla.suse.com/show_bug.cgi?id=1265221 * https://jira.suse.com/browse/PED-1942 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 20:30:19 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 20:30:19 -0000 Subject: SUSE-SU-2026:2353-1: important: Security update for wicked Message-ID: <178112341985.391.5785162537234210093@003816f08d43> # Security update for wicked Announcement ID: SUSE-SU-2026:2353-1 Release Date: 2026-06-10T14:55:06Z Rating: important References: * bsc#1265221 * jsc#PED-1942 Cross-References: * CVE-2026-44932 CVSS scores: * CVE-2026-44932 ( SUSE ): 5.8 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H * CVE-2026-44932 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability and contains one feature can now be installed. ## Description: This update for wicked fixes the following issues: * CVE-2026-44932: Fixed indirect remote shell command injection via unsanitized DHCP options (bsc#1265221). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2353=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2353=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2353=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2353=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2353=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2353=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * wicked-debugsource-0.6.79-150500.3.42.1 * wicked-nbft-0.6.79-150500.3.42.1 * wicked-0.6.79-150500.3.42.1 * wicked-debuginfo-0.6.79-150500.3.42.1 * wicked-service-0.6.79-150500.3.42.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * wicked-0.6.79-150500.3.42.1 * wicked-service-0.6.79-150500.3.42.1 * wicked-debugsource-0.6.79-150500.3.42.1 * wicked-debuginfo-0.6.79-150500.3.42.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * wicked-debugsource-0.6.79-150500.3.42.1 * wicked-nbft-0.6.79-150500.3.42.1 * wicked-0.6.79-150500.3.42.1 * wicked-debuginfo-0.6.79-150500.3.42.1 * wicked-service-0.6.79-150500.3.42.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * wicked-debugsource-0.6.79-150500.3.42.1 * wicked-nbft-0.6.79-150500.3.42.1 * wicked-0.6.79-150500.3.42.1 * wicked-debuginfo-0.6.79-150500.3.42.1 * wicked-service-0.6.79-150500.3.42.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * wicked-debugsource-0.6.79-150500.3.42.1 * wicked-nbft-0.6.79-150500.3.42.1 * wicked-0.6.79-150500.3.42.1 * wicked-debuginfo-0.6.79-150500.3.42.1 * wicked-service-0.6.79-150500.3.42.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * wicked-debugsource-0.6.79-150500.3.42.1 * wicked-nbft-0.6.79-150500.3.42.1 * wicked-0.6.79-150500.3.42.1 * wicked-debuginfo-0.6.79-150500.3.42.1 * wicked-service-0.6.79-150500.3.42.1 ## References: * https://www.suse.com/security/cve/CVE-2026-44932.html * https://bugzilla.suse.com/show_bug.cgi?id=1265221 * https://jira.suse.com/browse/PED-1942 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 20:30:24 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 20:30:24 -0000 Subject: SUSE-SU-2026:2350-1: important: Security update for wicked Message-ID: <178112342484.391.2076048080107855171@003816f08d43> # Security update for wicked Announcement ID: SUSE-SU-2026:2350-1 Release Date: 2026-06-10T14:54:01Z Rating: important References: * bsc#1265221 * jsc#PED-1942 Cross-References: * CVE-2026-44932 CVSS scores: * CVE-2026-44932 ( SUSE ): 5.8 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H * CVE-2026-44932 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability and contains one feature can now be installed. ## Description: This update for wicked fixes the following issues: * CVE-2026-44932: Fixed indirect remote shell command injection via unsanitized DHCP options (bsc#1265221). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-2350=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2350=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * wicked-0.6.79-3.56.1 * wicked-debuginfo-0.6.79-3.56.1 * wicked-service-0.6.79-3.56.1 * wicked-debugsource-0.6.79-3.56.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * wicked-0.6.79-3.56.1 * wicked-debuginfo-0.6.79-3.56.1 * wicked-service-0.6.79-3.56.1 * wicked-debugsource-0.6.79-3.56.1 ## References: * https://www.suse.com/security/cve/CVE-2026-44932.html * https://bugzilla.suse.com/show_bug.cgi?id=1265221 * https://jira.suse.com/browse/PED-1942 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 20:30:29 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 20:30:29 -0000 Subject: SUSE-SU-2026:2349-1: important: Security update for wicked Message-ID: <178112342945.391.12713431552483975247@003816f08d43> # Security update for wicked Announcement ID: SUSE-SU-2026:2349-1 Release Date: 2026-06-10T14:53:51Z Rating: important References: * bsc#1265221 Cross-References: * CVE-2026-44932 CVSS scores: * CVE-2026-44932 ( SUSE ): 5.8 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H * CVE-2026-44932 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for wicked fixes the following issue * CVE-2026-44932: indirect remote shell command injection via unsanitized DHCP options (bsc#1265221). Changes for wicked: * Update to version 0.6.79 * Fix to escape single-quotes in leaseinfo dump output used by the `wicked test dhcp4` and `wicked test dhcp6` and written to the /run/wicked/leaseinfo.* files, e.g. to pass them to netconfig. A netconfig modify filtered for strict key='value' lines without any escaped quotes and discarded these lines already before. * Fix posix-tz-dbname and tz-string option processing checks to permit only valid characters according to RFC4833. * Discard string values containing single-quotes in other options. * Trigger to regenerate initrd that may contain wicked binaries on updates from wicked versions <= 0.6.78. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2349=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * wicked-debugsource-0.6.79-150700.3.3.1 * wicked-0.6.79-150700.3.3.1 * wicked-debuginfo-0.6.79-150700.3.3.1 * wicked-nbft-0.6.79-150700.3.3.1 * wicked-service-0.6.79-150700.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-44932.html * https://bugzilla.suse.com/show_bug.cgi?id=1265221 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 20:30:35 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 20:30:35 -0000 Subject: SUSE-SU-2026:2348-1: important: Security update for google-cloud-sap-agent Message-ID: <178112343571.391.13554829020703991076@003816f08d43> # Security update for google-cloud-sap-agent Announcement ID: SUSE-SU-2026:2348-1 Release Date: 2026-06-10T13:22:37Z Rating: important References: * bsc#1265764 * bsc#1265991 Cross-References: * CVE-2026-33814 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Public Cloud Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for google-cloud-sap-agent fixes the following issue * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265764). Changes for google-cloud-sap-agent: * Update to version 3.14 (bsc#1265991) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 12 zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2026-2348=1 ## Package List: * Public Cloud Module 12 (aarch64 ppc64le s390x x86_64) * google-cloud-sap-agent-3.14-6.69.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://bugzilla.suse.com/show_bug.cgi?id=1265764 * https://bugzilla.suse.com/show_bug.cgi?id=1265991 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 20:30:43 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 20:30:43 -0000 Subject: SUSE-SU-2026:2347-1: important: Security update for google-osconfig-agent Message-ID: <178112344391.391.4404427052935082322@003816f08d43> # Security update for google-osconfig-agent Announcement ID: SUSE-SU-2026:2347-1 Release Date: 2026-06-10T13:22:28Z Rating: important References: * bsc#1260264 Cross-References: * CVE-2026-33186 CVSS scores: * CVE-2026-33186 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-33186 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33186 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * Public Cloud Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for google-osconfig-agent fixes the following issue * CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header (bsc#1260264). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 12 zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2026-2347=1 ## Package List: * Public Cloud Module 12 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20250416.02-1.44.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33186.html * https://bugzilla.suse.com/show_bug.cgi?id=1260264 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 20:30:51 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 20:30:51 -0000 Subject: SUSE-SU-2026:2345-1: important: Security update for kubernetes1.25 Message-ID: <178112345133.391.6390651623990469774@003816f08d43> # Security update for kubernetes1.25 Announcement ID: SUSE-SU-2026:2345-1 Release Date: 2026-06-10T13:16:39Z Rating: important References: * bsc#1251168 * bsc#1262271 * bsc#1265740 Cross-References: * CVE-2026-33814 * CVE-2026-35469 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35469 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-35469 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35469 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for kubernetes1.25 fixes the following issues: Security fixes: * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265740). * CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service (bsc#1262271). Other fixes: * Adding `Requires: diffutils` dependency to Kubernetes*-client package (bsc#1251168) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2345=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2345=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2345=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2345=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2345=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2345=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2345=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2345=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2345=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kubernetes1.25-scheduler-1.25.16-150400.9.27.1 * kubernetes1.25-kubeadm-1.25.16-150400.9.27.1 * kubernetes1.25-kubelet-common-1.25.16-150400.9.27.1 * kubernetes1.25-apiserver-1.25.16-150400.9.27.1 * kubernetes1.25-client-common-1.25.16-150400.9.27.1 * kubernetes1.25-client-1.25.16-150400.9.27.1 * kubernetes1.25-kubelet-1.25.16-150400.9.27.1 * kubernetes1.25-proxy-1.25.16-150400.9.27.1 * kubernetes1.25-controller-manager-1.25.16-150400.9.27.1 * openSUSE Leap 15.4 (noarch) * kubernetes1.25-client-bash-completion-1.25.16-150400.9.27.1 * kubernetes1.25-client-fish-completion-1.25.16-150400.9.27.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kubernetes1.25-client-1.25.16-150400.9.27.1 * kubernetes1.25-client-common-1.25.16-150400.9.27.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kubernetes1.25-client-1.25.16-150400.9.27.1 * kubernetes1.25-client-common-1.25.16-150400.9.27.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * kubernetes1.25-client-1.25.16-150400.9.27.1 * kubernetes1.25-client-common-1.25.16-150400.9.27.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * kubernetes1.25-client-1.25.16-150400.9.27.1 * kubernetes1.25-client-common-1.25.16-150400.9.27.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * kubernetes1.25-client-1.25.16-150400.9.27.1 * kubernetes1.25-client-common-1.25.16-150400.9.27.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * kubernetes1.25-client-1.25.16-150400.9.27.1 * kubernetes1.25-client-common-1.25.16-150400.9.27.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kubernetes1.25-client-1.25.16-150400.9.27.1 * kubernetes1.25-client-common-1.25.16-150400.9.27.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * kubernetes1.25-client-1.25.16-150400.9.27.1 * kubernetes1.25-client-common-1.25.16-150400.9.27.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://www.suse.com/security/cve/CVE-2026-35469.html * https://bugzilla.suse.com/show_bug.cgi?id=1251168 * https://bugzilla.suse.com/show_bug.cgi?id=1262271 * https://bugzilla.suse.com/show_bug.cgi?id=1265740 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 20:30:59 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 20:30:59 -0000 Subject: SUSE-SU-2026:2344-1: important: Security update for kubernetes1.28 Message-ID: <178112345962.391.7510516130152036291@003816f08d43> # Security update for kubernetes1.28 Announcement ID: SUSE-SU-2026:2344-1 Release Date: 2026-06-10T13:16:04Z Rating: important References: * bsc#1251168 * bsc#1262271 * bsc#1265740 Cross-References: * CVE-2026-33814 * CVE-2026-35469 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35469 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-35469 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35469 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for kubernetes1.28 fixes the following issues: Security fixes: * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265740). * CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service (bsc#1262271). Other fixes: * Adding `Requires: diffutils` dependency to Kubernetes*-client package (bsc#1251168) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2344=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2344=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2344=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2344=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2344=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2344=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2344=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2344=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2344=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.19.1 * kubernetes1.28-client-1.28.13-150400.9.19.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.19.1 * kubernetes1.28-client-1.28.13-150400.9.19.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.19.1 * kubernetes1.28-client-1.28.13-150400.9.19.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.19.1 * kubernetes1.28-client-1.28.13-150400.9.19.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kubernetes1.28-proxy-1.28.13-150400.9.19.1 * kubernetes1.28-kubelet-1.28.13-150400.9.19.1 * kubernetes1.28-kubeadm-1.28.13-150400.9.19.1 * kubernetes1.28-client-common-1.28.13-150400.9.19.1 * kubernetes1.28-client-1.28.13-150400.9.19.1 * kubernetes1.28-apiserver-1.28.13-150400.9.19.1 * kubernetes1.28-kubelet-common-1.28.13-150400.9.19.1 * kubernetes1.28-scheduler-1.28.13-150400.9.19.1 * kubernetes1.28-controller-manager-1.28.13-150400.9.19.1 * openSUSE Leap 15.4 (noarch) * kubernetes1.28-client-bash-completion-1.28.13-150400.9.19.1 * kubernetes1.28-client-fish-completion-1.28.13-150400.9.19.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.19.1 * kubernetes1.28-client-1.28.13-150400.9.19.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.19.1 * kubernetes1.28-client-1.28.13-150400.9.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.19.1 * kubernetes1.28-client-1.28.13-150400.9.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.19.1 * kubernetes1.28-client-1.28.13-150400.9.19.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://www.suse.com/security/cve/CVE-2026-35469.html * https://bugzilla.suse.com/show_bug.cgi?id=1251168 * https://bugzilla.suse.com/show_bug.cgi?id=1262271 * https://bugzilla.suse.com/show_bug.cgi?id=1265740 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 20:31:07 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 20:31:07 -0000 Subject: SUSE-SU-2026:2343-1: important: Security update for kubernetes1.24 Message-ID: <178112346725.391.16141293162652737239@003816f08d43> # Security update for kubernetes1.24 Announcement ID: SUSE-SU-2026:2343-1 Release Date: 2026-06-10T13:15:21Z Rating: important References: * bsc#1251168 * bsc#1262271 * bsc#1265740 Cross-References: * CVE-2026-33814 * CVE-2026-35469 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35469 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-35469 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35469 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for kubernetes1.24 fixes the following issues * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265740). * CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service (bsc#1262271). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2343=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2343=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2343=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2343=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2343=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-apiserver-1.24.17-150500.3.33.1 * kubernetes1.24-client-1.24.17-150500.3.33.1 * kubernetes1.24-kubeadm-1.24.17-150500.3.33.1 * kubernetes1.24-scheduler-1.24.17-150500.3.33.1 * kubernetes1.24-kubelet-common-1.24.17-150500.3.33.1 * kubernetes1.24-controller-manager-1.24.17-150500.3.33.1 * kubernetes1.24-kubelet-1.24.17-150500.3.33.1 * kubernetes1.24-proxy-1.24.17-150500.3.33.1 * kubernetes1.24-client-common-1.24.17-150500.3.33.1 * openSUSE Leap 15.5 (noarch) * kubernetes1.24-client-fish-completion-1.24.17-150500.3.33.1 * kubernetes1.24-client-bash-completion-1.24.17-150500.3.33.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * kubernetes1.24-client-common-1.24.17-150500.3.33.1 * kubernetes1.24-client-1.24.17-150500.3.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * kubernetes1.24-client-common-1.24.17-150500.3.33.1 * kubernetes1.24-client-1.24.17-150500.3.33.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * kubernetes1.24-client-common-1.24.17-150500.3.33.1 * kubernetes1.24-client-1.24.17-150500.3.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * kubernetes1.24-client-common-1.24.17-150500.3.33.1 * kubernetes1.24-client-1.24.17-150500.3.33.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://www.suse.com/security/cve/CVE-2026-35469.html * https://bugzilla.suse.com/show_bug.cgi?id=1251168 * https://bugzilla.suse.com/show_bug.cgi?id=1262271 * https://bugzilla.suse.com/show_bug.cgi?id=1265740 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 20:31:12 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 20:31:12 -0000 Subject: SUSE-SU-2026:2342-1: important: Security update for kubernetes Message-ID: <178112347272.391.1663551327583786361@003816f08d43> # Security update for kubernetes Announcement ID: SUSE-SU-2026:2342-1 Release Date: 2026-06-10T13:15:04Z Rating: important References: * bsc#1262270 * bsc#1265748 Cross-References: * CVE-2026-33814 * CVE-2026-35469 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35469 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-35469 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35469 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Containers Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for kubernetes fixes the following issues * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265748). * CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service (bsc#1262270). Changes for kubernetes: * Update to version 1.35.4: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2342=1 * Containers Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2026-2342=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kubernetes1.35-client-common-1.35.4-150600.13.34.1 * kubernetes1.35-client-1.35.4-150600.13.34.1 * openSUSE Leap 15.6 (noarch) * kubernetes1.35-client-bash-completion-1.35.4-150600.13.34.1 * kubernetes1.35-client-fish-completion-1.35.4-150600.13.34.1 * Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64) * kubernetes1.35-client-common-1.35.4-150600.13.34.1 * kubernetes1.35-client-1.35.4-150600.13.34.1 * Containers Module 15-SP7 (noarch) * kubernetes1.35-client-bash-completion-1.35.4-150600.13.34.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://www.suse.com/security/cve/CVE-2026-35469.html * https://bugzilla.suse.com/show_bug.cgi?id=1262270 * https://bugzilla.suse.com/show_bug.cgi?id=1265748 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 20:31:20 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 20:31:20 -0000 Subject: SUSE-SU-2026:2340-1: important: Security update for kubernetes1.23 Message-ID: <178112348054.391.16650778682760541248@003816f08d43> # Security update for kubernetes1.23 Announcement ID: SUSE-SU-2026:2340-1 Release Date: 2026-06-10T13:14:46Z Rating: important References: * bsc#1251168 * bsc#1262271 * bsc#1265740 Cross-References: * CVE-2026-33814 * CVE-2026-35469 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35469 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-35469 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35469 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for kubernetes1.23 fixes the following issues * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265740). * CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service (bsc#1262271). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2340=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2340=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2340=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2340=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2340=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kubernetes1.23-client-1.23.17-150500.3.26.1 * kubernetes1.23-apiserver-1.23.17-150500.3.26.1 * kubernetes1.23-scheduler-1.23.17-150500.3.26.1 * kubernetes1.23-kubelet-1.23.17-150500.3.26.1 * kubernetes1.23-kubeadm-1.23.17-150500.3.26.1 * kubernetes1.23-kubelet-common-1.23.17-150500.3.26.1 * kubernetes1.23-proxy-1.23.17-150500.3.26.1 * kubernetes1.23-client-common-1.23.17-150500.3.26.1 * kubernetes1.23-controller-manager-1.23.17-150500.3.26.1 * openSUSE Leap 15.5 (noarch) * kubernetes1.23-client-bash-completion-1.23.17-150500.3.26.1 * kubernetes1.23-client-fish-completion-1.23.17-150500.3.26.1 * openSUSE Leap 15.5 (ppc64le) * kubernetes1.23-scheduler-debuginfo-1.23.17-150500.3.26.1 * kubernetes1.23-client-debuginfo-1.23.17-150500.3.26.1 * kubernetes1.23-kubeadm-debuginfo-1.23.17-150500.3.26.1 * kubernetes1.23-proxy-debuginfo-1.23.17-150500.3.26.1 * kubernetes1.23-controller-manager-debuginfo-1.23.17-150500.3.26.1 * kubernetes1.23-apiserver-debuginfo-1.23.17-150500.3.26.1 * kubernetes1.23-kubelet-debuginfo-1.23.17-150500.3.26.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * kubernetes1.23-client-1.23.17-150500.3.26.1 * kubernetes1.23-client-common-1.23.17-150500.3.26.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * kubernetes1.23-client-1.23.17-150500.3.26.1 * kubernetes1.23-client-common-1.23.17-150500.3.26.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * kubernetes1.23-client-1.23.17-150500.3.26.1 * kubernetes1.23-client-common-1.23.17-150500.3.26.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (ppc64le) * kubernetes1.23-client-debuginfo-1.23.17-150500.3.26.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * kubernetes1.23-client-1.23.17-150500.3.26.1 * kubernetes1.23-client-common-1.23.17-150500.3.26.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le) * kubernetes1.23-client-debuginfo-1.23.17-150500.3.26.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://www.suse.com/security/cve/CVE-2026-35469.html * https://bugzilla.suse.com/show_bug.cgi?id=1251168 * https://bugzilla.suse.com/show_bug.cgi?id=1262271 * https://bugzilla.suse.com/show_bug.cgi?id=1265740 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jun 10 20:31:28 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jun 2026 20:31:28 -0000 Subject: SUSE-SU-2026:2339-1: important: Security update for kubernetes1.27 Message-ID: <178112348819.391.11933183754992602126@003816f08d43> # Security update for kubernetes1.27 Announcement ID: SUSE-SU-2026:2339-1 Release Date: 2026-06-10T13:14:18Z Rating: important References: * bsc#1251168 * bsc#1262271 * bsc#1265740 Cross-References: * CVE-2026-33814 * CVE-2026-35469 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35469 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-35469 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35469 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for kubernetes1.27 fixes the following issues * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265740). * CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service (bsc#1262271). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2339=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2339=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2339=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2339=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2339=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2339=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2339=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2339=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2339=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kubernetes1.27-proxy-1.27.16-150400.9.21.1 * kubernetes1.27-client-1.27.16-150400.9.21.1 * kubernetes1.27-apiserver-1.27.16-150400.9.21.1 * kubernetes1.27-kubeadm-1.27.16-150400.9.21.1 * kubernetes1.27-kubelet-1.27.16-150400.9.21.1 * kubernetes1.27-scheduler-1.27.16-150400.9.21.1 * kubernetes1.27-kubelet-common-1.27.16-150400.9.21.1 * kubernetes1.27-controller-manager-1.27.16-150400.9.21.1 * kubernetes1.27-client-common-1.27.16-150400.9.21.1 * openSUSE Leap 15.4 (noarch) * kubernetes1.27-client-fish-completion-1.27.16-150400.9.21.1 * kubernetes1.27-client-bash-completion-1.27.16-150400.9.21.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * kubernetes1.27-client-1.27.16-150400.9.21.1 * kubernetes1.27-client-common-1.27.16-150400.9.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * kubernetes1.27-client-1.27.16-150400.9.21.1 * kubernetes1.27-client-common-1.27.16-150400.9.21.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * kubernetes1.27-client-1.27.16-150400.9.21.1 * kubernetes1.27-client-common-1.27.16-150400.9.21.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * kubernetes1.27-client-1.27.16-150400.9.21.1 * kubernetes1.27-client-common-1.27.16-150400.9.21.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kubernetes1.27-client-1.27.16-150400.9.21.1 * kubernetes1.27-client-common-1.27.16-150400.9.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kubernetes1.27-client-1.27.16-150400.9.21.1 * kubernetes1.27-client-common-1.27.16-150400.9.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * kubernetes1.27-client-1.27.16-150400.9.21.1 * kubernetes1.27-client-common-1.27.16-150400.9.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kubernetes1.27-client-1.27.16-150400.9.21.1 * kubernetes1.27-client-common-1.27.16-150400.9.21.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://www.suse.com/security/cve/CVE-2026-35469.html * https://bugzilla.suse.com/show_bug.cgi?id=1251168 * https://bugzilla.suse.com/show_bug.cgi?id=1262271 * https://bugzilla.suse.com/show_bug.cgi?id=1265740 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jun 11 12:30:07 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Jun 2026 12:30:07 -0000 Subject: SUSE-SU-2026:2365-1: moderate: Security update for cosign Message-ID: <178118100760.558.14390862963676196531@003816f08d43> # Security update for cosign Announcement ID: SUSE-SU-2026:2365-1 Release Date: 2026-06-11T07:58:20Z Rating: moderate References: * bsc#1261859 Cross-References: * CVE-2026-39395 CVSS scores: * CVE-2026-39395 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39395 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2026-39395 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2026-39395 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for cosign fixes the following issue * CVE-2026-39395: Incorrect attestation verification due to malformed payloads or mismatched predicate types (bsc#1261859). Changes for cosign: * update to 3.0.6: * Fix DSSE predicate check (GHSA-w6c6-c85g-mmv6) (#4801) * Handle whitespace-only certificate annotation (#4760) * fix(sign): closing SignerVerifier too early when signing with a security key (#4761) * Disallow --new-bundle-format and --rfc3161-timestamp (#4762) * support managed keys in conformance testing (#4728) * Add support for GCE metadata server env var (#4732) * fix: preserve per-layer annotations in WriteAttestationsReferrer (#4709) * Fix parsing of in-toto for string predicates * Mark batch of flags for deprecation (#4698) * disallow key and cert identity being used together during verification (#4636) * support key creation in GitLab group (#4704) * Set CGO_ENABLED=1 for fixing s390x failed build * build against a maintained golang version (upstream uses go1.20) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2365=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2365=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * cosign-3.0.6-150400.3.42.1 * cosign-debuginfo-3.0.6-150400.3.42.1 * openSUSE Leap 15.4 (noarch) * cosign-bash-completion-3.0.6-150400.3.42.1 * cosign-zsh-completion-3.0.6-150400.3.42.1 * cosign-fish-completion-3.0.6-150400.3.42.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * cosign-3.0.6-150400.3.42.1 * cosign-debuginfo-3.0.6-150400.3.42.1 * Basesystem Module 15-SP7 (noarch) * cosign-bash-completion-3.0.6-150400.3.42.1 * cosign-zsh-completion-3.0.6-150400.3.42.1 ## References: * https://www.suse.com/security/cve/CVE-2026-39395.html * https://bugzilla.suse.com/show_bug.cgi?id=1261859 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jun 11 12:30:17 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Jun 2026 12:30:17 -0000 Subject: SUSE-SU-2026:2364-1: important: Security update for xen Message-ID: <178118101717.558.4938895402181274458@003816f08d43> # Security update for xen Announcement ID: SUSE-SU-2026:2364-1 Release Date: 2026-06-11T06:54:28Z Rating: important References: * bsc#1266952 * bsc#1266953 * bsc#1266955 Cross-References: * CVE-2026-42487 * CVE-2026-42488 * CVE-2026-42489 * CVE-2026-42490 CVSS scores: * CVE-2026-42487 ( SUSE ): 8.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-42487 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-42488 ( SUSE ): 8.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-42488 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-42489 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2026-42489 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2026-42490 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2026-42490 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves four vulnerabilities can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2026-42487: x86 HVM I/O port list traversal (bsc#1266952). * CVE-2026-42488: x86: mismatched mapcache metadata (bsc#1266955). * CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse (bsc#1266953). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2364=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-2364=1 ## Package List: * Basesystem Module 15-SP7 (x86_64) * xen-libs-debuginfo-4.20.3_06-150700.3.41.1 * xen-tools-domU-debuginfo-4.20.3_06-150700.3.41.1 * xen-libs-4.20.3_06-150700.3.41.1 * xen-tools-domU-4.20.3_06-150700.3.41.1 * xen-debugsource-4.20.3_06-150700.3.41.1 * Server Applications Module 15-SP7 (x86_64) * xen-tools-4.20.3_06-150700.3.41.1 * xen-devel-4.20.3_06-150700.3.41.1 * xen-tools-debuginfo-4.20.3_06-150700.3.41.1 * xen-debugsource-4.20.3_06-150700.3.41.1 * xen-4.20.3_06-150700.3.41.1 * Server Applications Module 15-SP7 (noarch) * xen-tools-xendomains-wait-disk-4.20.3_06-150700.3.41.1 ## References: * https://www.suse.com/security/cve/CVE-2026-42487.html * https://www.suse.com/security/cve/CVE-2026-42488.html * https://www.suse.com/security/cve/CVE-2026-42489.html * https://www.suse.com/security/cve/CVE-2026-42490.html * https://bugzilla.suse.com/show_bug.cgi?id=1266952 * https://bugzilla.suse.com/show_bug.cgi?id=1266953 * https://bugzilla.suse.com/show_bug.cgi?id=1266955 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jun 11 12:30:26 2026 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Jun 2026 12:30:26 -0000 Subject: SUSE-SU-2026:2363-1: important: Security update for cockpit Message-ID: <178118102641.558.9438318461220587827@003816f08d43> # Security update for cockpit Announcement ID: SUSE-SU-2026:2363-1 Release Date: 2026-06-11T06:54:19Z Rating: important References: * bsc#1257838 * bsc#1258900 * bsc#1259015 * bsc#1265040 Cross-References: * CVE-2026-25547 * CVE-2026-27606 * CVE-2026-27904 * CVE-2026-4802 CVSS scores: * CVE-2026-25547 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-25547 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25547 ( NVD ): 9.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27606 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-27606 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-27606 ( NVD ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27606 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-27904 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-27904 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-27904 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-4802 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-4802 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-4802 ( NVD ): 8.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves four vulnerabilities can now be installed. ## Description: This update for cockpit fixes the following issues * CVE-2026-4802: remote command execution via unsanitized user-controlled parameters within crafted links in system logs UI (bsc#1265040). * CVE-2026-25547: brace-expansion: unbounded brace range expansion can lead to excessive CPU and memory consumption and may crash a Node.js process (bsc#1257838). * CVE-2026-27606: rollup: Arbitrary File Write via Path Traversal in Rollup 4 (bsc#1258900). * CVE-2026-27904: minimatch: nested *() extglobs can lead to regular expressions with exponential backtracking complexity and a ReDoS (bsc#1259015). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2363=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * cockpit-debugsource-298-150500.3.12.1 * cockpit-ws-298-150500.3.12.1 * cockpit-bridge-debuginfo-298-150500.3.12.1 * cockpit-debuginfo-298-150500.3.12.1 * cockpit-bridge-298-150500.3.12.1 * cockpit-ws-debuginfo-298-150500.3.12.1 * cockpit-298-150500.3.12.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * cockpit-selinux-298-150500.3.12.1 * cockpit-system-298-150500.3.12.1 * cockpit-storaged-298-150500.3.12.1 * cockpit-networkmanager-298-150500.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25547.html * https://www.suse.com/security/cve/CVE-2026-27606.html * https://www.suse.com/security/cve/CVE-2026-27904.html * https://www.suse.com/security/cve/CVE-2026-4802.html * https://bugzilla.suse.com/show_bug.cgi?id=1257838 * https://bugzilla.suse.com/show_bug.cgi?id=1258900 * https://bugzilla.suse.com/show_bug.cgi?id=1259015 * https://bugzilla.suse.com/show_bug.cgi?id=1265040 -------------- next part -------------- An HTML attachment was scrubbed... URL: