Kernel, Dcmtk, Rsync, and more updates for SUSE

SUSE 5524 Published by

Security updates have been released for SUSE Linux, addressing various vulnerabilities and security issues. The updates include patches for the Linux Kernel (important), dcmtk (moderate), libpcap (low), govulncheck-vulndb (moderate), qemu (important), rsync (moderate), and usbmuxd (moderate).

SUSE-SU-2026:0034-1: important: Security update for the Linux Kernel
openSUSE-SU-2026:10006-1: moderate: dcmtk-3.7.0-1.1 on GA media
SUSE-SU-2026:0036-1: low: Security update for libpcap
SUSE-SU-2026:0037-1: moderate: Security update for govulncheck-vulndb
SUSE-SU-2026:0039-1: important: Security update for qemu
SUSE-SU-2026:0041-1: moderate: Security update for rsync
SUSE-SU-2026:0042-1: moderate: Security update for usbmuxd




SUSE-SU-2026:0034-1: important: Security update for the Linux Kernel


# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2026:0034-1
Release Date: 2026-01-05T19:29:30Z
Rating: important
References:

* bsc#1233640
* bsc#1249806
* bsc#1251786
* bsc#1252267
* bsc#1252780
* bsc#1252862
* bsc#1253367
* bsc#1253431
* bsc#1253436

Cross-References:

* CVE-2022-50280
* CVE-2023-53676
* CVE-2024-53093
* CVE-2025-40040
* CVE-2025-40048
* CVE-2025-40121
* CVE-2025-40154
* CVE-2025-40204

CVSS scores:

* CVE-2022-50280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50280 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-53676 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53676 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-53093 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-53093 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-53093 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-40040 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-40040 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-40048 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-40121 ( SUSE ): 7.1
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-40121 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-40154 ( SUSE ): 7.1
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-40154 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-40204 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-40204 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise Micro 5.5

An update that solves eight vulnerabilities and has one security fix can now be
installed.

## Description:

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various
security bugfixes.

The following security bugs were fixed:

* CVE-2022-50280: pnode: terminate at peers of source (bsc#1249806).
* CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in
lio_target_nacl_info_show() (bsc#1251786).
* CVE-2024-53093: nvme-multipath: defer partition scanning (bsc#1233640).
* CVE-2025-40040: mm/ksm: fix flag-dropping behavior in ksm_madvise
(bsc#1252780).
* CVE-2025-40048: uio_hv_generic: Let userspace take care of interrupt mask
(bsc#1252862).
* CVE-2025-40121: ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping
(bsc#1253367).
* CVE-2025-40154: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping
(bsc#1253431).
* CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253436).

The following non-security bugs were fixed:

* Fix type signess in fbcon_set_font() (bsc#1252033).
* scsi: storvsc: Prefer returning channel with the same CPU as on the I/O
issuing CPU (bsc#1252267).

## Special Instructions and Notes:

* Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-34=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2026-34=1

## Package List:

* openSUSE Leap 15.5 (noarch)
* kernel-devel-rt-5.14.21-150500.13.115.1
* kernel-source-rt-5.14.21-150500.13.115.1
* openSUSE Leap 15.5 (x86_64)
* kernel-rt-devel-debuginfo-5.14.21-150500.13.115.2
* kernel-rt_debug-debuginfo-5.14.21-150500.13.115.2
* ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.115.2
* kernel-rt-vdso-debuginfo-5.14.21-150500.13.115.2
* reiserfs-kmp-rt-5.14.21-150500.13.115.2
* kernel-rt_debug-vdso-5.14.21-150500.13.115.2
* kernel-syms-rt-5.14.21-150500.13.115.1
* kselftests-kmp-rt-debuginfo-5.14.21-150500.13.115.2
* kernel-rt-extra-5.14.21-150500.13.115.2
* kernel-rt-optional-5.14.21-150500.13.115.2
* kernel-rt-livepatch-devel-5.14.21-150500.13.115.2
* ocfs2-kmp-rt-5.14.21-150500.13.115.2
* kernel-rt-livepatch-5.14.21-150500.13.115.2
* dlm-kmp-rt-5.14.21-150500.13.115.2
* kernel-rt-debugsource-5.14.21-150500.13.115.2
* kernel-rt-vdso-5.14.21-150500.13.115.2
* cluster-md-kmp-rt-5.14.21-150500.13.115.2
* kernel-rt_debug-debugsource-5.14.21-150500.13.115.2
* kernel-rt-devel-5.14.21-150500.13.115.2
* reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.115.2
* dlm-kmp-rt-debuginfo-5.14.21-150500.13.115.2
* kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.115.2
* kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.115.2
* cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.115.2
* kernel-rt-extra-debuginfo-5.14.21-150500.13.115.2
* gfs2-kmp-rt-5.14.21-150500.13.115.2
* kernel-rt_debug-devel-5.14.21-150500.13.115.2
* gfs2-kmp-rt-debuginfo-5.14.21-150500.13.115.2
* kselftests-kmp-rt-5.14.21-150500.13.115.2
* kernel-rt-debuginfo-5.14.21-150500.13.115.2
* kernel-rt-optional-debuginfo-5.14.21-150500.13.115.2
* openSUSE Leap 15.5 (nosrc x86_64)
* kernel-rt-5.14.21-150500.13.115.2
* kernel-rt_debug-5.14.21-150500.13.115.2
* SUSE Linux Enterprise Micro 5.5 (noarch)
* kernel-devel-rt-5.14.21-150500.13.115.1
* kernel-source-rt-5.14.21-150500.13.115.1
* SUSE Linux Enterprise Micro 5.5 (nosrc x86_64)
* kernel-rt-5.14.21-150500.13.115.2
* SUSE Linux Enterprise Micro 5.5 (x86_64)
* kernel-rt-debugsource-5.14.21-150500.13.115.2
* kernel-rt-debuginfo-5.14.21-150500.13.115.2

## References:

* https://www.suse.com/security/cve/CVE-2022-50280.html
* https://www.suse.com/security/cve/CVE-2023-53676.html
* https://www.suse.com/security/cve/CVE-2024-53093.html
* https://www.suse.com/security/cve/CVE-2025-40040.html
* https://www.suse.com/security/cve/CVE-2025-40048.html
* https://www.suse.com/security/cve/CVE-2025-40121.html
* https://www.suse.com/security/cve/CVE-2025-40154.html
* https://www.suse.com/security/cve/CVE-2025-40204.html
* https://bugzilla.suse.com/show_bug.cgi?id=1233640
* https://bugzilla.suse.com/show_bug.cgi?id=1249806
* https://bugzilla.suse.com/show_bug.cgi?id=1251786
* https://bugzilla.suse.com/show_bug.cgi?id=1252267
* https://bugzilla.suse.com/show_bug.cgi?id=1252780
* https://bugzilla.suse.com/show_bug.cgi?id=1252862
* https://bugzilla.suse.com/show_bug.cgi?id=1253367
* https://bugzilla.suse.com/show_bug.cgi?id=1253431
* https://bugzilla.suse.com/show_bug.cgi?id=1253436



openSUSE-SU-2026:10006-1: moderate: dcmtk-3.7.0-1.1 on GA media


# dcmtk-3.7.0-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10006-1
Rating: moderate

Cross-References:

* CVE-2025-14607
* CVE-2025-14841

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the dcmtk-3.7.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* dcmtk 3.7.0-1.1
* dcmtk-devel 3.7.0-1.1
* libdcmtk20 3.7.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-14607.html
* https://www.suse.com/security/cve/CVE-2025-14841.html



SUSE-SU-2026:0036-1: low: Security update for libpcap


# Security update for libpcap

Announcement ID: SUSE-SU-2026:0036-1
Release Date: 2026-01-06T10:22:41Z
Rating: low
References:

* bsc#1255765

Cross-References:

* CVE-2025-11961

CVSS scores:

* CVE-2025-11961 ( SUSE ): 4.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-11961 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2025-11961 ( NVD ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N

Affected Products:

* openSUSE Leap 15.6

An update that solves one vulnerability can now be installed.

## Description:

This update for libpcap fixes the following issues:

* CVE-2025-11961: missing validation of provided MAC-48 address string in
`pcap_ether_aton()` can lead to out-of-bounds read and write (bsc#1255765).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-36=1 openSUSE-SLE-15.6-2026-36=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* libpcap1-debuginfo-1.10.4-150600.3.9.1
* libpcap1-1.10.4-150600.3.9.1
* libpcap-debugsource-1.10.4-150600.3.9.1
* libpcap-devel-static-1.10.4-150600.3.9.1
* libpcap-devel-1.10.4-150600.3.9.1
* openSUSE Leap 15.6 (x86_64)
* libpcap1-32bit-debuginfo-1.10.4-150600.3.9.1
* libpcap1-32bit-1.10.4-150600.3.9.1
* libpcap-devel-32bit-1.10.4-150600.3.9.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* libpcap1-64bit-debuginfo-1.10.4-150600.3.9.1
* libpcap-devel-64bit-1.10.4-150600.3.9.1
* libpcap1-64bit-1.10.4-150600.3.9.1

## References:

* https://www.suse.com/security/cve/CVE-2025-11961.html
* https://bugzilla.suse.com/show_bug.cgi?id=1255765



SUSE-SU-2026:0037-1: moderate: Security update for govulncheck-vulndb


# Security update for govulncheck-vulndb

Announcement ID: SUSE-SU-2026:0037-1
Release Date: 2026-01-06T10:24:38Z
Rating: moderate
References:

* jsc#PED-11136

Affected Products:

* openSUSE Leap 15.6

An update that contains one feature can now be installed.

## Description:

This update for govulncheck-vulndb fixes the following issues:

* Update to version 0.0.20251230T014957 2025-12-30T01:49:57Z (jsc#PED-11136).

Go CVE Numbering Authority IDs added or updated with aliases: * GO-2025-4249
CVE-2025-68120 CVE-2025-68120 * GO-2025-4254 CVE-2025-62190 GHSA-gmx5-frv9-9m9f
* GO-2025-4255 CVE-2025-12689 GHSA-j5vq-62gr-8v3r * GO-2025-4256 CVE-2025-13324
GHSA-x3r8-2hmh-89f5 * GO-2025-4257 CVE-2025-68476 GHSA-c4p6-qg4m-9jmr *
GO-2025-4258 CVE-2025-68938 GHSA-cm54-pfmc-xrwx * GO-2025-4261 CVE-2025-68939
GHSA-263q-5cv3-xq9g * GO-2025-4262 CVE-2025-68945 GHSA-7xq4-mwcp-q8fx *
GO-2025-4263 CVE-2025-68942 GHSA-898p-hh3p-hf9r * GO-2025-4264 CVE-2025-68944
GHSA-f85h-c7m6-cfpm * GO-2025-4265 CVE-2025-68946 GHSA-hq57-c72x-4774 *
GO-2025-4266 CVE-2025-68943 GHSA-jhx5-4vr4-f327 * GO-2025-4267 CVE-2025-68940
GHSA-rrcw-5rjv-vj26 * GO-2025-4268 CVE-2025-68941 GHSA-xfq3-qj7j-4565

* Update to version 0.0.20251222T181535 2025-12-22T18:15:35Z (jsc#PED-11136).

Go CVE Numbering Authority IDs added or updated with aliases: * GO-2025-4241
CVE-2025-11393 GHSA-cc8c-28gj-px38 * GO-2025-4242 CVE-2025-13888 GHSA-
pcqx-8qww-7f4v * GO-2025-4243 GHSA-wh6m-h6f4-rjf4 * GO-2025-4244 CVE-2025-68274
GHSA-c623-f998-8hhv * GO-2025-4245 CVE-2025-68156 GHSA-cfpf-hrx2-8rv6 *
GO-2025-4247 CVE-2025-13352 GHSA-jf5h-xfw4-p8gp * GO-2025-4250 CVE-2025-14764
GHSA-3g75-q268-r9r6

* Update to version 0.0.20251216T193914 2025-12-16T19:39:14Z (jsc#PED-11136).

Go CVE Numbering Authority IDs added or updated with aliases: * GO-2025-4239
CVE-2025-68113 GHSA-6gvq-jcmp-8959 * GO-2025-4240 CVE-2025-13281
GHSA-r6j8-c6r2-37rr

* Update to version 0.0.20251216T162327 2025-12-16T16:23:27Z (jsc#PED-11136).

Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3036
CVE-2024-41265 GHSA-vw7g-3cc7-7rmh * GO-2024-3057 CVE-2024-41260
GHSA-9v35-4xcr-w9ph * GO-2025-3437 GHSA-274v-mgcv-cm8j * GO-2025-3465
CVE-2025-0426 GHSA-jgfp-53c3-624w * GO-2025-3764 CVE-2024-44905
GHSA-6xp3-p59p-q4fj * GO-2025-3829 CVE-2025-54410 GHSA-4vq8-7jfc-9cvp *
GO-2025-4116 CVE-2025-47913 * GO-2025-4122 CVE-2025-11777 GHSA-mqcj-8c2g-h97q *
GO-2025-4178 CVE-2025-13870 GHSA-58w6-w55x-6wq8

* Update to version 0.0.20251215T203741 2025-12-15T20:37:41Z (jsc#PED-11136).

Go CVE Numbering Authority IDs added or updated with aliases: * GO-2025-4136
CVE-2025-64708 GHSA-ch7q-53v8-73pc * GO-2025-4137 CVE-2025-64521 GHSA-
xr73-jq5p-ch8r * GO-2025-4148 CVE-2017-18874 GHSA-8qg8-c7mw-6fj7 * GO-2025-4154
CVE-2025-62155 GHSA-9f46-w24h-69w4 * GO-2025-4161 CVE-2025-65942
GHSA-66jq-2c23-2xh5 * GO-2025-4162 CVE-2025-60633 GHSA-3j9f-7w24-pcqg *
GO-2025-4167 CVE-2025-64715 GHSA-38pp-6gcp-rqvm * GO-2025-4168 CVE-2025-12419
GHSA-3x39-62h4-f8j6 * GO-2025-4169 CVE-2025-12559 GHSA-4g87-9x45-cx2h *
GO-2025-4170 CVE-2025-12421 GHSA-mp6x-97xj-9x62 * GO-2025-4173 CVE-2025-10543
GHSA-32fw-gq77-f2f2 * GO-2025-4188 CVE-2025-65637 GHSA-4f99-4q7p-p3gh *
GO-2025-4191 CVE-2017-18878 GHSA-h564-6gc2-fcc6 * GO-2025-4199 CVE-2017-18887
GHSA-35c4-5qfp-wxj6 * GO-2025-4200 CVE-2017-18885 GHSA-g78f-6xq7-rrhq *
GO-2025-4201 CVE-2017-18889 GHSA-jp57-4x34-5v94 * GO-2025-4202 CVE-2017-18890
GHSA-m497-hq5x-6jcv * GO-2025-4203 CVE-2017-18888 GHSA-v2vm-hq26-5jv6 *
GO-2025-4204 CVE-2017-18886 GHSA-wvjg-33p9-938h * GO-2025-4205 CVE-2025-66491
GHSA-7vww-mvcr-x6vj * GO-2025-4206 CVE-2025-66490 GHSA-gm3x-23wp-hc2c *
GO-2025-4207 CVE-2025-66508 GHSA-7cqv-qcq2-r765 * GO-2025-4208 CVE-2025-66565
GHSA-m98w-cqp3-qcqr * GO-2025-4209 CVE-2025-66507 GHSA-qmg5-v42x-qqhq *
GO-2025-4210 CVE-2025-67494 GHSA-7wfc-4796-gmg5 * GO-2025-4211
GHSA-m6wq-66p2-c8pc * GO-2025-4212 GHSA-pfrf-9r5f-73f5 * GO-2025-4213
CVE-2025-67495 GHSA-v959-qxv6-6f8p * GO-2025-4214 GHSA-4rmq-mc2c-r495 *
GO-2025-4215 CVE-2025-65796 GHSA-8jcj-g9f4-qx42 * GO-2025-4216 CVE-2025-65798
GHSA-8p44-g572-557h * GO-2025-4217 CVE-2025-65795 GHSA-mg56-wc4q-rw4w *
GO-2025-4218 CVE-2025-65799 GHSA-qgjp-5g5x-vhq2 * GO-2025-4219
GHSA-4r66-7rcv-x46x * GO-2025-4220 CVE-2025-65797 GHSA-99m2-qwx6-2w6f *
GO-2025-4221 CVE-2025-67488 GHSA-gqfv-g4v7-m366 * GO-2025-4222 CVE-2025-67499
GHSA-jv3w-x3r3-g6rm * GO-2025-4223 CVE-2025-66626 GHSA-xrqc-7xgx-c9vh *
GO-2025-4224 GHSA-mjcp-gpgx-ggcg * GO-2025-4225 CVE-2025-8110 GHSA-mq8m-42gh-
wq7r * GO-2025-4226 CVE-2025-67713 GHSA-wqv2-4wpg-8hc9 * GO-2025-4227
CVE-2025-67717 GHSA-f4cf-9rvr-2rcx * GO-2025-4228 CVE-2025-65754
GHSA-8jqm-8qm3-qgqm * GO-2025-4229 CVE-2025-34410 GHSA-rpr2-4hqj-hc4q *
GO-2025-4230 CVE-2025-34430 GHSA-5xpq-2vmc-5cqp * GO-2025-4231 CVE-2025-34429
GHSA-wrvc-x3wf-j5f5 * GO-2025-4232 CVE-2025-67508 GHSA-fw33-qpx7-rhx2 *
GO-2025-4233 CVE-2025-64702 GHSA-g754-hx8w-x2g6 * GO-2025-4235 CVE-2025-66001
GHSA-4jj9-cgqc-x9h5 * GO-2025-4236 GHSA-4jmp-x7mh-rgmr * GO-2025-4237
CVE-2025-67818 GHSA-7v39-2hx7-7c43 * GO-2025-4238 CVE-2025-67819 GHSA-
hmmh-292h-3364

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2026-37=1

## Package List:

* openSUSE Leap 15.6 (noarch)
* govulncheck-vulndb-0.0.20251230T014957-150000.1.134.1

## References:

* https://jira.suse.com/browse/PED-11136



SUSE-SU-2026:0039-1: important: Security update for qemu


# Security update for qemu

Announcement ID: SUSE-SU-2026:0039-1
Release Date: 2026-01-06T10:31:24Z
Rating: important
References:

* bsc#1227397
* bsc#1250984
* bsc#1252768
* bsc#1253002
* bsc#1254286

Cross-References:

* CVE-2024-6505
* CVE-2025-11234
* CVE-2025-12464

CVSS scores:

* CVE-2024-6505 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
* CVE-2024-6505 ( NVD ): 6.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
* CVE-2024-6505 ( NVD ): 6.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
* CVE-2025-11234 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-11234 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-11234 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-12464 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-12464 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-12464 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.5
* Server Applications Module 15-SP7
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves three vulnerabilities and has two security fixes can now
be installed.

## Description:

This update for qemu fixes the following issues:

* CVE-2024-6505: qemu-kvm: virtio-net: Fixed queue index out-of-bounds access
in software RSS (bsc#1227397)
* CVE-2025-12464: net: pad packets to minimum length in qemu_receive_packet()
(bsc#1253002)
* CVE-2025-11234: qemu-kvm: Fixed use-after-free in websocket handshake code
leading to denial of service (bsc#1250984)

Other fixes: \- Fixed *-virtio-gpu-pci dependency on ARM (bsc#1254286) \-
block/curl: Fixed curl internal handles handling (bsc#1252768)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-39=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2026-39=1

* Server Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-39=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-39=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-39=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-39=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-39=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* qemu-block-ssh-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-usb-host-7.1.0-150500.49.36.2
* qemu-tools-7.1.0-150500.49.36.2
* qemu-accel-qtest-7.1.0-150500.49.36.2
* qemu-chardev-baum-debuginfo-7.1.0-150500.49.36.2
* qemu-s390x-7.1.0-150500.49.36.2
* qemu-audio-alsa-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.36.2
* qemu-ksm-7.1.0-150500.49.36.2
* qemu-ui-spice-core-7.1.0-150500.49.36.2
* qemu-ui-opengl-7.1.0-150500.49.36.2
* qemu-accel-qtest-debuginfo-7.1.0-150500.49.36.2
* qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.36.2
* qemu-block-curl-7.1.0-150500.49.36.2
* qemu-guest-agent-7.1.0-150500.49.36.2
* qemu-audio-alsa-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-dbus-debuginfo-7.1.0-150500.49.36.2
* qemu-ppc-debuginfo-7.1.0-150500.49.36.2
* qemu-audio-spice-7.1.0-150500.49.36.2
* qemu-extra-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-usb-redirect-7.1.0-150500.49.36.2
* qemu-linux-user-debugsource-7.1.0-150500.49.36.2
* qemu-7.1.0-150500.49.36.2
* qemu-x86-debuginfo-7.1.0-150500.49.36.2
* qemu-chardev-spice-7.1.0-150500.49.36.2
* qemu-ui-gtk-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-gpu-7.1.0-150500.49.36.2
* qemu-block-nfs-7.1.0-150500.49.36.2
* qemu-block-gluster-7.1.0-150500.49.36.2
* qemu-ui-dbus-7.1.0-150500.49.36.2
* qemu-block-ssh-7.1.0-150500.49.36.2
* qemu-ui-spice-core-debuginfo-7.1.0-150500.49.36.2
* qemu-block-iscsi-7.1.0-150500.49.36.2
* qemu-hw-display-qxl-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-vga-7.1.0-150500.49.36.2
* qemu-audio-dbus-7.1.0-150500.49.36.2
* qemu-chardev-spice-debuginfo-7.1.0-150500.49.36.2
* qemu-block-gluster-debuginfo-7.1.0-150500.49.36.2
* qemu-audio-oss-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.36.2
* qemu-audio-pa-debuginfo-7.1.0-150500.49.36.2
* qemu-x86-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.36.2
* qemu-tools-debuginfo-7.1.0-150500.49.36.2
* qemu-linux-user-7.1.0-150500.49.36.2
* qemu-hw-usb-host-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-usb-smartcard-debuginfo-7.1.0-150500.49.36.2
* qemu-audio-spice-debuginfo-7.1.0-150500.49.36.2
* qemu-arm-7.1.0-150500.49.36.2
* qemu-accel-tcg-x86-7.1.0-150500.49.36.2
* qemu-block-dmg-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.36.2
* qemu-audio-jack-7.1.0-150500.49.36.2
* qemu-linux-user-debuginfo-7.1.0-150500.49.36.2
* qemu-debuginfo-7.1.0-150500.49.36.2
* qemu-block-iscsi-debuginfo-7.1.0-150500.49.36.2
* qemu-ppc-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.36.2
* qemu-audio-dbus-debuginfo-7.1.0-150500.49.36.2
* qemu-block-nfs-debuginfo-7.1.0-150500.49.36.2
* qemu-block-curl-debuginfo-7.1.0-150500.49.36.2
* qemu-audio-oss-debuginfo-7.1.0-150500.49.36.2
* qemu-vhost-user-gpu-7.1.0-150500.49.36.2
* qemu-ivshmem-tools-7.1.0-150500.49.36.2
* qemu-chardev-baum-7.1.0-150500.49.36.2
* qemu-debugsource-7.1.0-150500.49.36.2
* qemu-audio-jack-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-spice-app-7.1.0-150500.49.36.2
* qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.36.2
* qemu-extra-7.1.0-150500.49.36.2
* qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-spice-app-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-curses-debuginfo-7.1.0-150500.49.36.2
* qemu-arm-debuginfo-7.1.0-150500.49.36.2
* qemu-headless-7.1.0-150500.49.36.2
* qemu-s390x-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-gtk-debuginfo-7.1.0-150500.49.36.2
* qemu-audio-pa-7.1.0-150500.49.36.2
* qemu-ui-opengl-debuginfo-7.1.0-150500.49.36.2
* qemu-block-dmg-7.1.0-150500.49.36.2
* qemu-guest-agent-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.36.2
* qemu-ivshmem-tools-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-usb-smartcard-7.1.0-150500.49.36.2
* qemu-ui-curses-7.1.0-150500.49.36.2
* qemu-vhost-user-gpu-debuginfo-7.1.0-150500.49.36.2
* openSUSE Leap 15.5 (s390x x86_64 i586)
* qemu-kvm-7.1.0-150500.49.36.2
* openSUSE Leap 15.5 (noarch)
* qemu-SLOF-7.1.0-150500.49.36.2
* qemu-vgabios-1.16.0_0_gd239552-150500.49.36.2
* qemu-sgabios-8-150500.49.36.2
* qemu-skiboot-7.1.0-150500.49.36.2
* qemu-microvm-7.1.0-150500.49.36.2
* qemu-lang-7.1.0-150500.49.36.2
* qemu-ipxe-1.0.0+-150500.49.36.2
* qemu-seabios-1.16.0_0_gd239552-150500.49.36.2
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* qemu-block-rbd-debuginfo-7.1.0-150500.49.36.2
* qemu-block-rbd-7.1.0-150500.49.36.2
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-usb-redirect-7.1.0-150500.49.36.2
* qemu-tools-debuginfo-7.1.0-150500.49.36.2
* qemu-tools-7.1.0-150500.49.36.2
* qemu-7.1.0-150500.49.36.2
* qemu-chardev-spice-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-gpu-7.1.0-150500.49.36.2
* qemu-audio-spice-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-spice-core-7.1.0-150500.49.36.2
* qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-opengl-7.1.0-150500.49.36.2
* qemu-ui-spice-core-debuginfo-7.1.0-150500.49.36.2
* qemu-block-curl-7.1.0-150500.49.36.2
* qemu-debuginfo-7.1.0-150500.49.36.2
* qemu-guest-agent-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-display-qxl-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-vga-7.1.0-150500.49.36.2
* qemu-ui-opengl-debuginfo-7.1.0-150500.49.36.2
* qemu-chardev-spice-debuginfo-7.1.0-150500.49.36.2
* qemu-audio-spice-7.1.0-150500.49.36.2
* qemu-block-curl-debuginfo-7.1.0-150500.49.36.2
* qemu-guest-agent-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.36.2
* qemu-debugsource-7.1.0-150500.49.36.2
* SUSE Linux Enterprise Micro 5.5 (aarch64)
* qemu-arm-debuginfo-7.1.0-150500.49.36.2
* qemu-arm-7.1.0-150500.49.36.2
* SUSE Linux Enterprise Micro 5.5 (noarch)
* qemu-SLOF-7.1.0-150500.49.36.2
* qemu-vgabios-1.16.0_0_gd239552-150500.49.36.2
* qemu-sgabios-8-150500.49.36.2
* qemu-ipxe-1.0.0+-150500.49.36.2
* qemu-seabios-1.16.0_0_gd239552-150500.49.36.2
* SUSE Linux Enterprise Micro 5.5 (ppc64le)
* qemu-ppc-debuginfo-7.1.0-150500.49.36.2
* qemu-ppc-7.1.0-150500.49.36.2
* SUSE Linux Enterprise Micro 5.5 (s390x)
* qemu-s390x-debuginfo-7.1.0-150500.49.36.2
* qemu-s390x-7.1.0-150500.49.36.2
* SUSE Linux Enterprise Micro 5.5 (x86_64)
* qemu-accel-tcg-x86-7.1.0-150500.49.36.2
* qemu-x86-debuginfo-7.1.0-150500.49.36.2
* qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.36.2
* qemu-x86-7.1.0-150500.49.36.2
* Server Applications Module 15-SP7 (noarch)
* qemu-sgabios-8-150500.49.36.2
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* qemu-block-ssh-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-usb-redirect-7.1.0-150500.49.36.2
* qemu-tools-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-usb-host-7.1.0-150500.49.36.2
* qemu-tools-7.1.0-150500.49.36.2
* qemu-7.1.0-150500.49.36.2
* qemu-chardev-baum-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-usb-host-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-spice-app-7.1.0-150500.49.36.2
* qemu-chardev-spice-7.1.0-150500.49.36.2
* qemu-block-rbd-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-gtk-7.1.0-150500.49.36.2
* qemu-ksm-7.1.0-150500.49.36.2
* qemu-audio-spice-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-spice-core-7.1.0-150500.49.36.2
* qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-opengl-7.1.0-150500.49.36.2
* qemu-ui-dbus-7.1.0-150500.49.36.2
* qemu-block-ssh-7.1.0-150500.49.36.2
* qemu-ui-spice-core-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-spice-app-debuginfo-7.1.0-150500.49.36.2
* qemu-block-curl-7.1.0-150500.49.36.2
* qemu-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-curses-debuginfo-7.1.0-150500.49.36.2
* qemu-block-iscsi-debuginfo-7.1.0-150500.49.36.2
* qemu-guest-agent-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.36.2
* qemu-block-iscsi-7.1.0-150500.49.36.2
* qemu-hw-display-qxl-7.1.0-150500.49.36.2
* qemu-ui-dbus-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-vga-7.1.0-150500.49.36.2
* qemu-audio-dbus-debuginfo-7.1.0-150500.49.36.2
* qemu-audio-dbus-7.1.0-150500.49.36.2
* qemu-block-rbd-7.1.0-150500.49.36.2
* qemu-ui-gtk-debuginfo-7.1.0-150500.49.36.2
* qemu-chardev-spice-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-opengl-debuginfo-7.1.0-150500.49.36.2
* qemu-audio-spice-7.1.0-150500.49.36.2
* qemu-block-curl-debuginfo-7.1.0-150500.49.36.2
* qemu-guest-agent-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.36.2
* qemu-chardev-baum-7.1.0-150500.49.36.2
* qemu-ui-curses-7.1.0-150500.49.36.2
* qemu-debugsource-7.1.0-150500.49.36.2
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64)
* qemu-arm-debuginfo-7.1.0-150500.49.36.2
* qemu-arm-7.1.0-150500.49.36.2
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
* qemu-vgabios-1.16.0_0_gd239552-150500.49.36.2
* qemu-sgabios-8-150500.49.36.2
* qemu-ipxe-1.0.0+-150500.49.36.2
* qemu-lang-7.1.0-150500.49.36.2
* qemu-seabios-1.16.0_0_gd239552-150500.49.36.2
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
* qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.36.2
* qemu-accel-tcg-x86-7.1.0-150500.49.36.2
* qemu-x86-debuginfo-7.1.0-150500.49.36.2
* qemu-audio-alsa-debuginfo-7.1.0-150500.49.36.2
* qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.36.2
* qemu-kvm-7.1.0-150500.49.36.2
* qemu-audio-pa-7.1.0-150500.49.36.2
* qemu-audio-alsa-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-gpu-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.36.2
* qemu-audio-pa-debuginfo-7.1.0-150500.49.36.2
* qemu-x86-7.1.0-150500.49.36.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* qemu-block-ssh-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-usb-redirect-7.1.0-150500.49.36.2
* qemu-tools-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-usb-host-7.1.0-150500.49.36.2
* qemu-tools-7.1.0-150500.49.36.2
* qemu-7.1.0-150500.49.36.2
* qemu-chardev-baum-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-usb-host-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-spice-app-7.1.0-150500.49.36.2
* qemu-chardev-spice-7.1.0-150500.49.36.2
* qemu-block-rbd-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-gtk-7.1.0-150500.49.36.2
* qemu-ksm-7.1.0-150500.49.36.2
* qemu-audio-spice-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-spice-core-7.1.0-150500.49.36.2
* qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-opengl-7.1.0-150500.49.36.2
* qemu-ui-dbus-7.1.0-150500.49.36.2
* qemu-block-ssh-7.1.0-150500.49.36.2
* qemu-ui-spice-core-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-spice-app-debuginfo-7.1.0-150500.49.36.2
* qemu-block-curl-7.1.0-150500.49.36.2
* qemu-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-curses-debuginfo-7.1.0-150500.49.36.2
* qemu-block-iscsi-debuginfo-7.1.0-150500.49.36.2
* qemu-guest-agent-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.36.2
* qemu-block-iscsi-7.1.0-150500.49.36.2
* qemu-hw-display-qxl-7.1.0-150500.49.36.2
* qemu-ui-dbus-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-vga-7.1.0-150500.49.36.2
* qemu-audio-dbus-debuginfo-7.1.0-150500.49.36.2
* qemu-audio-dbus-7.1.0-150500.49.36.2
* qemu-block-rbd-7.1.0-150500.49.36.2
* qemu-ui-gtk-debuginfo-7.1.0-150500.49.36.2
* qemu-chardev-spice-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-opengl-debuginfo-7.1.0-150500.49.36.2
* qemu-audio-spice-7.1.0-150500.49.36.2
* qemu-block-curl-debuginfo-7.1.0-150500.49.36.2
* qemu-guest-agent-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.36.2
* qemu-chardev-baum-7.1.0-150500.49.36.2
* qemu-ui-curses-7.1.0-150500.49.36.2
* qemu-debugsource-7.1.0-150500.49.36.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64)
* qemu-arm-debuginfo-7.1.0-150500.49.36.2
* qemu-arm-7.1.0-150500.49.36.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
* qemu-vgabios-1.16.0_0_gd239552-150500.49.36.2
* qemu-sgabios-8-150500.49.36.2
* qemu-ipxe-1.0.0+-150500.49.36.2
* qemu-lang-7.1.0-150500.49.36.2
* qemu-seabios-1.16.0_0_gd239552-150500.49.36.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
* qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.36.2
* qemu-accel-tcg-x86-7.1.0-150500.49.36.2
* qemu-x86-debuginfo-7.1.0-150500.49.36.2
* qemu-audio-alsa-debuginfo-7.1.0-150500.49.36.2
* qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.36.2
* qemu-kvm-7.1.0-150500.49.36.2
* qemu-audio-pa-7.1.0-150500.49.36.2
* qemu-audio-alsa-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-gpu-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.36.2
* qemu-audio-pa-debuginfo-7.1.0-150500.49.36.2
* qemu-x86-7.1.0-150500.49.36.2
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* qemu-block-ssh-debuginfo-7.1.0-150500.49.36.2
* qemu-tools-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-usb-host-7.1.0-150500.49.36.2
* qemu-tools-7.1.0-150500.49.36.2
* qemu-7.1.0-150500.49.36.2
* qemu-chardev-baum-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-usb-host-debuginfo-7.1.0-150500.49.36.2
* qemu-block-rbd-debuginfo-7.1.0-150500.49.36.2
* qemu-ksm-7.1.0-150500.49.36.2
* qemu-ui-dbus-7.1.0-150500.49.36.2
* qemu-block-ssh-7.1.0-150500.49.36.2
* qemu-block-curl-7.1.0-150500.49.36.2
* qemu-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-curses-debuginfo-7.1.0-150500.49.36.2
* qemu-block-iscsi-debuginfo-7.1.0-150500.49.36.2
* qemu-guest-agent-7.1.0-150500.49.36.2
* qemu-block-iscsi-7.1.0-150500.49.36.2
* qemu-ui-dbus-debuginfo-7.1.0-150500.49.36.2
* qemu-audio-dbus-debuginfo-7.1.0-150500.49.36.2
* qemu-audio-dbus-7.1.0-150500.49.36.2
* qemu-block-rbd-7.1.0-150500.49.36.2
* qemu-block-curl-debuginfo-7.1.0-150500.49.36.2
* qemu-guest-agent-debuginfo-7.1.0-150500.49.36.2
* qemu-chardev-baum-7.1.0-150500.49.36.2
* qemu-ui-curses-7.1.0-150500.49.36.2
* qemu-debugsource-7.1.0-150500.49.36.2
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64)
* qemu-arm-debuginfo-7.1.0-150500.49.36.2
* qemu-arm-7.1.0-150500.49.36.2
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le x86_64)
* qemu-hw-usb-redirect-7.1.0-150500.49.36.2
* qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-opengl-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-display-qxl-7.1.0-150500.49.36.2
* qemu-ui-spice-core-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-vga-7.1.0-150500.49.36.2
* qemu-ui-spice-app-7.1.0-150500.49.36.2
* qemu-chardev-spice-7.1.0-150500.49.36.2
* qemu-ui-gtk-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-gtk-7.1.0-150500.49.36.2
* qemu-chardev-spice-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-opengl-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-spice-app-debuginfo-7.1.0-150500.49.36.2
* qemu-audio-spice-7.1.0-150500.49.36.2
* qemu-audio-spice-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-spice-core-7.1.0-150500.49.36.2
* SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
* qemu-SLOF-7.1.0-150500.49.36.2
* qemu-vgabios-1.16.0_0_gd239552-150500.49.36.2
* qemu-sgabios-8-150500.49.36.2
* qemu-skiboot-7.1.0-150500.49.36.2
* qemu-ipxe-1.0.0+-150500.49.36.2
* qemu-lang-7.1.0-150500.49.36.2
* qemu-seabios-1.16.0_0_gd239552-150500.49.36.2
* SUSE Linux Enterprise Server 15 SP5 LTSS (ppc64le)
* qemu-ppc-debuginfo-7.1.0-150500.49.36.2
* qemu-ppc-7.1.0-150500.49.36.2
* SUSE Linux Enterprise Server 15 SP5 LTSS (s390x x86_64)
* qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.36.2
* qemu-kvm-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-gpu-7.1.0-150500.49.36.2
* SUSE Linux Enterprise Server 15 SP5 LTSS (s390x)
* qemu-s390x-7.1.0-150500.49.36.2
* qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.36.2
* qemu-s390x-debuginfo-7.1.0-150500.49.36.2
* SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
* qemu-accel-tcg-x86-7.1.0-150500.49.36.2
* qemu-x86-debuginfo-7.1.0-150500.49.36.2
* qemu-audio-alsa-debuginfo-7.1.0-150500.49.36.2
* qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.36.2
* qemu-audio-pa-7.1.0-150500.49.36.2
* qemu-audio-alsa-7.1.0-150500.49.36.2
* qemu-audio-pa-debuginfo-7.1.0-150500.49.36.2
* qemu-x86-7.1.0-150500.49.36.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* qemu-block-ssh-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-usb-redirect-7.1.0-150500.49.36.2
* qemu-tools-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-usb-host-7.1.0-150500.49.36.2
* qemu-tools-7.1.0-150500.49.36.2
* qemu-7.1.0-150500.49.36.2
* qemu-chardev-baum-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-usb-host-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-spice-app-7.1.0-150500.49.36.2
* qemu-chardev-spice-7.1.0-150500.49.36.2
* qemu-block-rbd-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-gtk-7.1.0-150500.49.36.2
* qemu-ksm-7.1.0-150500.49.36.2
* qemu-audio-spice-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-spice-core-7.1.0-150500.49.36.2
* qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-opengl-7.1.0-150500.49.36.2
* qemu-ui-dbus-7.1.0-150500.49.36.2
* qemu-block-ssh-7.1.0-150500.49.36.2
* qemu-ui-spice-core-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-spice-app-debuginfo-7.1.0-150500.49.36.2
* qemu-block-curl-7.1.0-150500.49.36.2
* qemu-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-curses-debuginfo-7.1.0-150500.49.36.2
* qemu-block-iscsi-debuginfo-7.1.0-150500.49.36.2
* qemu-guest-agent-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.36.2
* qemu-block-iscsi-7.1.0-150500.49.36.2
* qemu-hw-display-qxl-7.1.0-150500.49.36.2
* qemu-ui-dbus-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-vga-7.1.0-150500.49.36.2
* qemu-audio-dbus-debuginfo-7.1.0-150500.49.36.2
* qemu-audio-dbus-7.1.0-150500.49.36.2
* qemu-block-rbd-7.1.0-150500.49.36.2
* qemu-ui-gtk-debuginfo-7.1.0-150500.49.36.2
* qemu-chardev-spice-debuginfo-7.1.0-150500.49.36.2
* qemu-ui-opengl-debuginfo-7.1.0-150500.49.36.2
* qemu-audio-spice-7.1.0-150500.49.36.2
* qemu-block-curl-debuginfo-7.1.0-150500.49.36.2
* qemu-guest-agent-debuginfo-7.1.0-150500.49.36.2
* qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.36.2
* qemu-chardev-baum-7.1.0-150500.49.36.2
* qemu-ui-curses-7.1.0-150500.49.36.2
* qemu-debugsource-7.1.0-150500.49.36.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
* qemu-SLOF-7.1.0-150500.49.36.2
* qemu-vgabios-1.16.0_0_gd239552-150500.49.36.2
* qemu-sgabios-8-150500.49.36.2
* qemu-skiboot-7.1.0-150500.49.36.2
* qemu-ipxe-1.0.0+-150500.49.36.2
* qemu-lang-7.1.0-150500.49.36.2
* qemu-seabios-1.16.0_0_gd239552-150500.49.36.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le)
* qemu-ppc-debuginfo-7.1.0-150500.49.36.2
* qemu-ppc-7.1.0-150500.49.36.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
* qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.36.2
* qemu-accel-tcg-x86-7.1.0-150500.49.36.2
* qemu-x86-debuginfo-7.1.0-150500.49.36.2
* qemu-audio-alsa-debuginfo-7.1.0-150500.49.36.2
* qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.36.2
* qemu-kvm-7.1.0-150500.49.36.2
* qemu-audio-pa-7.1.0-150500.49.36.2
* qemu-audio-alsa-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-gpu-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.36.2
* qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.36.2
* qemu-audio-pa-debuginfo-7.1.0-150500.49.36.2
* qemu-x86-7.1.0-150500.49.36.2

## References:

* https://www.suse.com/security/cve/CVE-2024-6505.html
* https://www.suse.com/security/cve/CVE-2025-11234.html
* https://www.suse.com/security/cve/CVE-2025-12464.html
* https://bugzilla.suse.com/show_bug.cgi?id=1227397
* https://bugzilla.suse.com/show_bug.cgi?id=1250984
* https://bugzilla.suse.com/show_bug.cgi?id=1252768
* https://bugzilla.suse.com/show_bug.cgi?id=1253002
* https://bugzilla.suse.com/show_bug.cgi?id=1254286



SUSE-SU-2026:0041-1: moderate: Security update for rsync


# Security update for rsync

Announcement ID: SUSE-SU-2026:0041-1
Release Date: 2026-01-06T10:33:35Z
Rating: moderate
References:

* bsc#1254441

Cross-References:

* CVE-2025-10158

CVSS scores:

* CVE-2025-10158 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2025-10158 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4

An update that solves one vulnerability can now be installed.

## Description:

This update for rsync fixes the following issues:

* CVE-2025-10158: Fixed out of bounds array access via negative index
(bsc#1254441)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-41=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2026-41=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2026-41=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2026-41=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2026-41=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2026-41=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* rsync-debuginfo-3.2.3-150400.3.26.1
* rsync-debugsource-3.2.3-150400.3.26.1
* rsync-3.2.3-150400.3.26.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* rsync-debuginfo-3.2.3-150400.3.26.1
* rsync-debugsource-3.2.3-150400.3.26.1
* rsync-3.2.3-150400.3.26.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* rsync-debuginfo-3.2.3-150400.3.26.1
* rsync-debugsource-3.2.3-150400.3.26.1
* rsync-3.2.3-150400.3.26.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* rsync-debuginfo-3.2.3-150400.3.26.1
* rsync-debugsource-3.2.3-150400.3.26.1
* rsync-3.2.3-150400.3.26.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* rsync-debuginfo-3.2.3-150400.3.26.1
* rsync-debugsource-3.2.3-150400.3.26.1
* rsync-3.2.3-150400.3.26.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* rsync-debuginfo-3.2.3-150400.3.26.1
* rsync-debugsource-3.2.3-150400.3.26.1
* rsync-3.2.3-150400.3.26.1

## References:

* https://www.suse.com/security/cve/CVE-2025-10158.html
* https://bugzilla.suse.com/show_bug.cgi?id=1254441



SUSE-SU-2026:0042-1: moderate: Security update for usbmuxd


# Security update for usbmuxd

Announcement ID: SUSE-SU-2026:0042-1
Release Date: 2026-01-06T10:35:00Z
Rating: moderate
References:

* bsc#1254302

Cross-References:

* CVE-2025-66004

CVSS scores:

* CVE-2025-66004 ( SUSE ): 5.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L
* CVE-2025-66004 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L
* CVE-2025-66004 ( NVD ): 5.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-66004 ( NVD ): 5.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Linux Enterprise Workstation Extension 15 SP7
* SUSE Package Hub 15 15-SP7

An update that solves one vulnerability can now be installed.

## Description:

This update for usbmuxd fixes the following issues:

* CVE-2025-66004: Fixed LPE from nobody to usbmux (bsc#1254302)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Package Hub 15 15-SP7
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-42=1

* SUSE Linux Enterprise Workstation Extension 15 SP7
zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2026-42=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-42=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2026-42=1

## Package List:

* SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x)
* usbmuxd-1.1.1-150400.3.3.1
* usbmuxd-debugsource-1.1.1-150400.3.3.1
* usbmuxd-debuginfo-1.1.1-150400.3.3.1
* SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64)
* usbmuxd-1.1.1-150400.3.3.1
* usbmuxd-debugsource-1.1.1-150400.3.3.1
* usbmuxd-debuginfo-1.1.1-150400.3.3.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* usbmuxd-1.1.1-150400.3.3.1
* usbmuxd-debugsource-1.1.1-150400.3.3.1
* usbmuxd-debuginfo-1.1.1-150400.3.3.1
* openSUSE Leap 15.4 (x86_64)
* usbmuxd-32bit-debuginfo-1.1.1-150400.3.3.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* usbmuxd-64bit-debuginfo-1.1.1-150400.3.3.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* usbmuxd-1.1.1-150400.3.3.1
* usbmuxd-debugsource-1.1.1-150400.3.3.1
* usbmuxd-debuginfo-1.1.1-150400.3.3.1
* openSUSE Leap 15.6 (x86_64)
* usbmuxd-32bit-debuginfo-1.1.1-150400.3.3.1

## References:

* https://www.suse.com/security/cve/CVE-2025-66004.html
* https://bugzilla.suse.com/show_bug.cgi?id=1254302


Libsodium update for Slackware

GLib and Kernel (Raspberry Pi) updates for Ubuntu

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...