Linux Kernel, mbedtls, Python Tools, and Podman updates for SUSE

SUSE 5689 Published by

SUSE and openSUSE issued numerous security advisories to patch vulnerabilities across the Linux kernel, mbedtls libraries, Python packages, and container management tools. The updates resolve dozens of critical issues, including memory corruption flaws, remote code execution risks, and protocol bypass bugs affecting system stability and data protection.

openSUSE-SU-2026:0214-1: important: Security update for mbedtls
openSUSE-SU-2026:0213-1: important: Security update for mbedtls-2
openSUSE-SU-2026:0215-1: moderate: Security update for python-biopython
SUSE-SU-2026:2626-1: important: Security update for python-PyJWT
SUSE-SU-2026:2630-1: important: Security update for the Linux Kernel
openSUSE-SU-2026:11099-1: moderate: python311-python-multipart-0.0.32-1.1 on GA media
openSUSE-SU-2026:11100-1: moderate: python312-3.12.13-6.1 on GA media
openSUSE-SU-2026:11094-1: moderate: libnilfs3-2.3.1-1.1 on GA media
openSUSE-SU-2026:11098-1: moderate: python311-nltk-3.10.0rc1-1.1 on GA media
openSUSE-SU-2026:11097-1: moderate: python311-aiohttp-3.14.1-1.1 on GA media
openSUSE-SU-2026:11093-1: moderate: lrzip-0.660-1.1 on GA media
openSUSE-SU-2026:11096-1: moderate: libopenbabel8-3.2.0-2.1 on GA media
openSUSE-SU-2026:11101-1: moderate: python315-3.15.0~b2-1.1 on GA media
openSUSE-SU-2026:11095-1: moderate: ofono-2.19-3.1 on GA media
openSUSE-SU-2026:11092-1: moderate: libtar-1.2.20-3.1 on GA media
SUSE-SU-2026:2632-1: important: Security update for the Linux Kernel
SUSE-SU-2026:2634-1: important: Security update for python-pip
SUSE-SU-2026:2636-1: important: Security update for podman
openSUSE-SU-2026:0217-1: moderate: Security update for perl-Net-Dropbox-API




openSUSE-SU-2026:0214-1: important: Security update for mbedtls


openSUSE Security Update: Security update for mbedtls
_______________________________

Announcement ID: openSUSE-SU-2026:0214-1
Rating: important
References: #1245808 #1245809 #1245810 #1245811 #1252454
#1261527
Cross-References: CVE-2025-49600 CVE-2025-49601 CVE-2025-52496
CVE-2025-52497 CVE-2025-59438 CVE-2026-34874

CVSS scores:
CVE-2025-59438 (SUSE): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
CVE-2026-34874 (SUSE): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes 6 vulnerabilities is now available.

Description:

This update for mbedtls fixes the following issues:

- Update to the 3.6 LTS line (3.6.6) to fix several security issues; this
bumps the SONAMEs (libmbedtls20 -> libmbedtls21, libmbedcrypto15 ->
libmbedcrypto16, libmbedx509-6 -> libmbedx509-7):
* CVE-2025-49600: possible LMS signature forgery due to unchecked return
values in mbedtls_lms_verify (boo#1245808)
* CVE-2025-49601: out-of-bounds read in mbedtls_lms_import_public_key on
truncated input (boo#1245809)
* CVE-2025-52496: race condition in AESNI detection allowing AES key
extraction or GCM forgery (boo#1245810)
* CVE-2025-52497: one-byte heap buffer underflow in PEM parsing
(boo#1245811)
* CVE-2025-59438: observable timing discrepancy (padding
oracle) in CBC-PKCS7 (boo#1252454)
* CVE-2026-34874: NULL pointer dereference in X.509 distinguished-name
parsing (boo#1261527)
- Ship the pkg-config files in the -devel subpackage

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-214=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64):

libeverest-3.6.6-bp157.2.3.1
libmbedcrypto16-3.6.6-bp157.2.3.1
libmbedtls21-3.6.6-bp157.2.3.1
libmbedx509-7-3.6.6-bp157.2.3.1
libp256m-3.6.6-bp157.2.3.1
mbedtls-devel-3.6.6-bp157.2.3.1

- openSUSE Backports SLE-15-SP7 (aarch64_ilp32):

libeverest-64bit-3.6.6-bp157.2.3.1
libmbedcrypto16-64bit-3.6.6-bp157.2.3.1
libmbedtls21-64bit-3.6.6-bp157.2.3.1
libmbedx509-7-64bit-3.6.6-bp157.2.3.1
libp256m-64bit-3.6.6-bp157.2.3.1

- openSUSE Backports SLE-15-SP7 (x86_64):

libeverest-32bit-3.6.6-bp157.2.3.1
libmbedcrypto16-32bit-3.6.6-bp157.2.3.1
libmbedtls21-32bit-3.6.6-bp157.2.3.1
libmbedx509-7-32bit-3.6.6-bp157.2.3.1
libp256m-32bit-3.6.6-bp157.2.3.1

References:

https://www.suse.com/security/cve/CVE-2025-49600.html
https://www.suse.com/security/cve/CVE-2025-49601.html
https://www.suse.com/security/cve/CVE-2025-52496.html
https://www.suse.com/security/cve/CVE-2025-52497.html
https://www.suse.com/security/cve/CVE-2025-59438.html
https://www.suse.com/security/cve/CVE-2026-34874.html
https://bugzilla.suse.com/1245808
https://bugzilla.suse.com/1245809
https://bugzilla.suse.com/1245810
https://bugzilla.suse.com/1245811
https://bugzilla.suse.com/1252454
https://bugzilla.suse.com/1261527



openSUSE-SU-2026:0213-1: important: Security update for mbedtls-2


openSUSE Security Update: Security update for mbedtls-2
_______________________________

Announcement ID: openSUSE-SU-2026:0213-1
Rating: important
References: #1240051 #1240052
Cross-References: CVE-2025-27809 CVE-2025-27810
Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes two vulnerabilities is now available.

Description:

This update for mbedtls-2 fixes the following issues:

- Update to version 2.28.10 (2.28 LTS line), fixing:
* CVE-2025-27809: the TLS client accepted certificates valid for
arbitrary hostnames unless the application called
mbedtls_ssl_set_hostname() (boo#1240051)
* CVE-2025-27810: use of uninitialized stack memory when composing the
TLS Finished message could lead to an authentication bypass such as a
replay (boo#1240052)
- Sync packaging with Factory: enable MBEDTLS_SSL_DTLS_SRTP and
MBEDTLS_SSL_PROTO_DTLS and ship the everest headers and pkg-config files
in the -devel subpackage

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-213=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64):

libmbedcrypto7-2.28.10-bp157.2.3.1
libmbedtls14-2.28.10-bp157.2.3.1
libmbedx509-1-2.28.10-bp157.2.3.1
mbedtls-2-devel-2.28.10-bp157.2.3.1

- openSUSE Backports SLE-15-SP7 (aarch64_ilp32):

libmbedcrypto7-64bit-2.28.10-bp157.2.3.1
libmbedtls14-64bit-2.28.10-bp157.2.3.1
libmbedx509-1-64bit-2.28.10-bp157.2.3.1

- openSUSE Backports SLE-15-SP7 (x86_64):

libmbedcrypto7-32bit-2.28.10-bp157.2.3.1
libmbedtls14-32bit-2.28.10-bp157.2.3.1
libmbedx509-1-32bit-2.28.10-bp157.2.3.1

References:

https://www.suse.com/security/cve/CVE-2025-27809.html
https://www.suse.com/security/cve/CVE-2025-27810.html
https://bugzilla.suse.com/1240051
https://bugzilla.suse.com/1240052



openSUSE-SU-2026:0215-1: moderate: Security update for python-biopython


openSUSE Security Update: Security update for python-biopython
_______________________________

Announcement ID: openSUSE-SU-2026:0215-1
Rating: moderate
References: #1255465
Cross-References: CVE-2025-68463
Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes one vulnerability is now available.

Description:

This update for python-biopython fixes the following issues:

- CVE-2025-68463: Fixed a information disclosure caused by a XXE
vulnerability (boo#1255465).

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-215=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64):

python3-biopython-1.75-bp157.2.3.1

References:

https://www.suse.com/security/cve/CVE-2025-68463.html
https://bugzilla.suse.com/1255465



SUSE-SU-2026:2626-1: important: Security update for python-PyJWT


# Security update for python-PyJWT

Announcement ID: SUSE-SU-2026:2626-1
Release Date: 2026-06-25T08:11:35Z
Rating: important
References:

* bsc#1266798
* bsc#1266799
* bsc#1266800
* bsc#1266801
* bsc#1266802

Cross-References:

* CVE-2026-48522
* CVE-2026-48523
* CVE-2026-48524
* CVE-2026-48525
* CVE-2026-48526

CVSS scores:

* CVE-2026-48522 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-48522 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-48522 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2026-48523 ( SUSE ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-48523 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-48523 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-48524 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-48524 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-48524 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-48525 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-48525 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-48526 ( SUSE ): 9.1
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-48526 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-48526 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected Products:

* openSUSE Leap 15.4
* Public Cloud Module 15-SP4
* Python 3 Module 15-SP7
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves five vulnerabilities can now be installed.

## Description:

This update for python-PyJWT fixes the following issues

* CVE-2026-48522: `PyJWKClient` passes URI arguments directly to
`urllib.request.urlopen()` and allows for SSRF and token forgery
(bsc#1266798).
* CVE-2026-48523: verifier-side algorithm allow-list bypass when
`jwt.decode()` or `jwt.decode_complete()` are called with a PyJWK key
(bsc#1266799).
* CVE-2026-48524: unlimited processing of JWTs with unknown kid values by
`PyJWKClient.get_signing_key()` leads to unbounded JWKS endpoint requests
and DoS (bsc#1266800).
* CVE-2026-48525: unbounded Base64URL decoding of unused payload segment in
`b64=false` detached JWS allows for DoS (bsc#1266801).
* CVE-2026-48526: no validation of use of JSON Web Keys in HMAC algorithm when
decoding JSON Web Tokens allows for forged HS256 tokens (bsc#1266802).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2626=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2626=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2626=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2626=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2626=1

* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2026-2626=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2626=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2626=1

* Python 3 Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-2626=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2626=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-2626=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2626=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2626=1

## Package List:

* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* python311-PyJWT-2.8.0-150400.8.13.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* python311-PyJWT-2.8.0-150400.8.13.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* python311-PyJWT-2.8.0-150400.8.13.1
* Public Cloud Module 15-SP4 (noarch)
* python311-PyJWT-2.8.0-150400.8.13.1
* openSUSE Leap 15.4 (noarch)
* python311-PyJWT-2.8.0-150400.8.13.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
* python311-PyJWT-2.8.0-150400.8.13.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
* python311-PyJWT-2.8.0-150400.8.13.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
* python311-PyJWT-2.8.0-150400.8.13.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch)
* python311-PyJWT-2.8.0-150400.8.13.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
* python311-PyJWT-2.8.0-150400.8.13.1
* Python 3 Module 15-SP7 (noarch)
* python311-PyJWT-2.8.0-150400.8.13.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
* python311-PyJWT-2.8.0-150400.8.13.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (noarch)
* python311-PyJWT-2.8.0-150400.8.13.1

## References:

* https://www.suse.com/security/cve/CVE-2026-48522.html
* https://www.suse.com/security/cve/CVE-2026-48523.html
* https://www.suse.com/security/cve/CVE-2026-48524.html
* https://www.suse.com/security/cve/CVE-2026-48525.html
* https://www.suse.com/security/cve/CVE-2026-48526.html
* https://bugzilla.suse.com/show_bug.cgi?id=1266798
* https://bugzilla.suse.com/show_bug.cgi?id=1266799
* https://bugzilla.suse.com/show_bug.cgi?id=1266800
* https://bugzilla.suse.com/show_bug.cgi?id=1266801
* https://bugzilla.suse.com/show_bug.cgi?id=1266802



SUSE-SU-2026:2630-1: important: Security update for the Linux Kernel


# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2026:2630-1
Release Date: 2026-06-25T11:55:03Z
Rating: important
References:

* bsc#1247954
* bsc#1255416
* bsc#1258538
* bsc#1260531
* bsc#1261700
* bsc#1262663
* bsc#1262993
* bsc#1263769
* bsc#1263879
* bsc#1263880
* bsc#1264076
* bsc#1264093
* bsc#1264116
* bsc#1264470
* bsc#1264610
* bsc#1265116
* bsc#1265211
* bsc#1265960
* bsc#1266214
* bsc#1266290
* bsc#1266810
* bsc#1266969
* bsc#1267205
* bsc#1267214
* bsc#1267220
* bsc#1267361
* bsc#1267369
* bsc#1267387
* bsc#1267621
* bsc#1267640
* bsc#1267651
* bsc#1267652
* bsc#1267697

Cross-References:

* CVE-2025-10263
* CVE-2025-68324
* CVE-2026-23392
* CVE-2026-31405
* CVE-2026-31473
* CVE-2026-31500
* CVE-2026-31613
* CVE-2026-31697
* CVE-2026-31698
* CVE-2026-31699
* CVE-2026-31758
* CVE-2026-31759
* CVE-2026-43077
* CVE-2026-43198
* CVE-2026-43366
* CVE-2026-43503
* CVE-2026-45886
* CVE-2026-45970
* CVE-2026-45984
* CVE-2026-46021
* CVE-2026-46037
* CVE-2026-46113
* CVE-2026-46116
* CVE-2026-46120
* CVE-2026-46123
* CVE-2026-46150
* CVE-2026-46159
* CVE-2026-46227
* CVE-2026-46273

CVSS scores:

* CVE-2025-10263 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2025-68324 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23392 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23392 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23392 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31405 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-31405 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31473 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31473 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31473 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31500 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31500 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31500 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31613 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31613 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-31613 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
* CVE-2026-31697 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31697 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-31698 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31698 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-31699 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31699 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-31758 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31758 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31758 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31759 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31759 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2026-31759 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43077 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-43077 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-43198 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-43198 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43198 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43366 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-43366 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43366 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43503 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-43503 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2026-43503 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2026-45886 ( SUSE ): 8.4
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-45886 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-45970 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-45970 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-45970 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-45984 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-45984 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-45984 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-46021 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-46021 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-46021 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-46037 ( SUSE ): 8.8
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-46037 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
* CVE-2026-46037 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
* CVE-2026-46113 ( SUSE ): 9.3
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
* CVE-2026-46113 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2026-46113 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2026-46116 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-46116 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-46116 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-46120 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2026-46120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-46123 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-46123 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-46123 ( NVD ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-46150 ( SUSE ): 8.4
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-46150 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-46150 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-46159 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-46159 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-46227 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-46227 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-46227 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-46273 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-46273 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise Micro 5.5

An update that solves 29 vulnerabilities and has four security fixes can now be
installed.

## Description:

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security
issues

The following security issues were fixed:

* CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs
(bsc#1266290).
* CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished
delayed work (bsc#1255416).
* CVE-2026-23392: netfilter: nf_tables: release flowtable after rcu grace
period on error (bsc#1260531).
* CVE-2026-31405: media: dvb-net: fix OOB access in ULE extension header
tables (bsc#1261700).
* CVE-2026-31473: media: mc, v4l2: serialize REINIT and REQBUFS with
req_queue_mutex (bsc#1262663).
* CVE-2026-31500: Bluetooth: btintel: serialize btintel_hw_error() with
hci_req_sync_lock (bsc#1262993).
* CVE-2026-31613: smb: client: fix OOB reads parsing symlink error response
(bsc#1263769).
* CVE-2026-31697: crypto: ccp: Don't attempt to copy ID to userspace if PSP
command failed (bsc#1264116).
* CVE-2026-31698: crypto: ccp: Don't attempt to copy PDH cert to userspace if
PSP command failed (bsc#1263880).
* CVE-2026-31699: crypto: ccp: Don't attempt to copy CSR to userspace if PSP
command failed (bsc#1263879).
* CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmc_release
(bsc#1264093).
* CVE-2026-31759: usb: ulpi: fix double free in ulpi_register_interface()
error path (bsc#1264076).
* CVE-2026-43077: crypto: algif_aead - Fix minimum RX size check for
decryption (bsc#1264470).
* CVE-2026-43198: tcp: fix potential race in tcp_v6_syn_recv_sock()
(bsc#1264610).
* CVE-2026-43366: io_uring/kbuf: check if target buffer list is still legacy
on recycle (bsc#1265116).
* CVE-2026-45886: bpf: Fix bpf_xdp_store_bytes proto for read-only arg
(bsc#1266810).
* CVE-2026-45970: bonding: alb: fix UAF in rlb_arp_recv during bond up/down
(bsc#1267205).
* CVE-2026-45984: gfs2: Move the inode glock locking to
gfs2_file_buffered_write (bsc#1267214).
* CVE-2026-46021: thermal: core: Fix thermal zone governor cleanup issues
(bsc#1267220).
* CVE-2026-46037: ipv4: icmp: validate reply type before using icmp_pointers
(bsc#1267361).
* CVE-2026-46113: KVM: x86/mmu: Add helper to convert SPTE value to its shadow
page (bsc#1266969).
* CVE-2026-46116: xfrm: defensively unhash xfrm_state lists in
__xfrm_state_delete (bsc#1267369).
* CVE-2026-46120: ip6_gre: Use cached t->net in ip6erspan_changelink()
(bsc#1267640).
* CVE-2026-46123: Bluetooth: virtio_bt: clamp rx length before skb_put
(bsc#1267621).
* CVE-2026-46150: fanotify: fix false positive on permission events
(bsc#1267387).
* CVE-2026-46159: btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which
can lead to info-leak (bsc#1267652).
* CVE-2026-46227: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in
SCTP_SENDALL (bsc#1267697).
* CVE-2026-46273: ibmveth: Disable GSO for packets with small MSS (bsc#1265211
bsc#1267651).

The following non security issues were fixed:

* arm64: tlb: Allow XZR argument to TLBI ops (git-fixes).
* arm64: tlb: Optimize ARM64_WORKAROUND_REPEAT_TLBI (git-fixes).
* KVM: x86: Constrain guest-supported xfeatures only at KVM_GET_XSAVE{2}
(bsc#1247954).
* KVM: x86: Remove 'return void' expression for 'void function' (bsc#1247954).
* smb: client: correctly handle ErrorContextData as a flexible array (git-
fixes).
* x86/fpu: Allow caller to constrain xfeatures when copying to uabi buffer
(bsc#1247954).

## Special Instructions and Notes:

* Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-2630=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2026-2630=1

## Package List:

* openSUSE Leap 15.5 (x86_64)
* kernel-rt-devel-debuginfo-5.14.21-150500.13.146.1
* kernel-rt-livepatch-5.14.21-150500.13.146.1
* gfs2-kmp-rt-debuginfo-5.14.21-150500.13.146.1
* dlm-kmp-rt-5.14.21-150500.13.146.1
* kernel-rt-livepatch-devel-5.14.21-150500.13.146.1
* kernel-syms-rt-5.14.21-150500.13.146.1
* kernel-rt-debuginfo-5.14.21-150500.13.146.1
* kernel-rt-extra-5.14.21-150500.13.146.1
* kernel-rt_debug-vdso-5.14.21-150500.13.146.1
* kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.146.1
* kernel-rt-vdso-5.14.21-150500.13.146.1
* kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.146.1
* cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.146.1
* ocfs2-kmp-rt-5.14.21-150500.13.146.1
* reiserfs-kmp-rt-5.14.21-150500.13.146.1
* kernel-rt-optional-5.14.21-150500.13.146.1
* gfs2-kmp-rt-5.14.21-150500.13.146.1
* reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.146.1
* cluster-md-kmp-rt-5.14.21-150500.13.146.1
* kselftests-kmp-rt-debuginfo-5.14.21-150500.13.146.1
* kernel-rt-extra-debuginfo-5.14.21-150500.13.146.1
* dlm-kmp-rt-debuginfo-5.14.21-150500.13.146.1
* kernel-rt_debug-debuginfo-5.14.21-150500.13.146.1
* kernel-rt-devel-5.14.21-150500.13.146.1
* kernel-rt-debugsource-5.14.21-150500.13.146.1
* kernel-rt_debug-debugsource-5.14.21-150500.13.146.1
* kernel-rt-vdso-debuginfo-5.14.21-150500.13.146.1
* kernel-rt-optional-debuginfo-5.14.21-150500.13.146.1
* kselftests-kmp-rt-5.14.21-150500.13.146.1
* kernel-rt_debug-devel-5.14.21-150500.13.146.1
* ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.146.1
* openSUSE Leap 15.5 (noarch)
* kernel-devel-rt-5.14.21-150500.13.146.1
* kernel-source-rt-5.14.21-150500.13.146.1
* openSUSE Leap 15.5 (nosrc x86_64)
* kernel-rt-5.14.21-150500.13.146.1
* kernel-rt_debug-5.14.21-150500.13.146.1
* SUSE Linux Enterprise Micro 5.5 (noarch)
* kernel-devel-rt-5.14.21-150500.13.146.1
* kernel-source-rt-5.14.21-150500.13.146.1
* SUSE Linux Enterprise Micro 5.5 (nosrc x86_64)
* kernel-rt-5.14.21-150500.13.146.1
* SUSE Linux Enterprise Micro 5.5 (x86_64)
* kernel-rt-debugsource-5.14.21-150500.13.146.1
* kernel-rt-debuginfo-5.14.21-150500.13.146.1

## References:

* https://www.suse.com/security/cve/CVE-2025-10263.html
* https://www.suse.com/security/cve/CVE-2025-68324.html
* https://www.suse.com/security/cve/CVE-2026-23392.html
* https://www.suse.com/security/cve/CVE-2026-31405.html
* https://www.suse.com/security/cve/CVE-2026-31473.html
* https://www.suse.com/security/cve/CVE-2026-31500.html
* https://www.suse.com/security/cve/CVE-2026-31613.html
* https://www.suse.com/security/cve/CVE-2026-31697.html
* https://www.suse.com/security/cve/CVE-2026-31698.html
* https://www.suse.com/security/cve/CVE-2026-31699.html
* https://www.suse.com/security/cve/CVE-2026-31758.html
* https://www.suse.com/security/cve/CVE-2026-31759.html
* https://www.suse.com/security/cve/CVE-2026-43077.html
* https://www.suse.com/security/cve/CVE-2026-43198.html
* https://www.suse.com/security/cve/CVE-2026-43366.html
* https://www.suse.com/security/cve/CVE-2026-43503.html
* https://www.suse.com/security/cve/CVE-2026-45886.html
* https://www.suse.com/security/cve/CVE-2026-45970.html
* https://www.suse.com/security/cve/CVE-2026-45984.html
* https://www.suse.com/security/cve/CVE-2026-46021.html
* https://www.suse.com/security/cve/CVE-2026-46037.html
* https://www.suse.com/security/cve/CVE-2026-46113.html
* https://www.suse.com/security/cve/CVE-2026-46116.html
* https://www.suse.com/security/cve/CVE-2026-46120.html
* https://www.suse.com/security/cve/CVE-2026-46123.html
* https://www.suse.com/security/cve/CVE-2026-46150.html
* https://www.suse.com/security/cve/CVE-2026-46159.html
* https://www.suse.com/security/cve/CVE-2026-46227.html
* https://www.suse.com/security/cve/CVE-2026-46273.html
* https://bugzilla.suse.com/show_bug.cgi?id=1247954
* https://bugzilla.suse.com/show_bug.cgi?id=1255416
* https://bugzilla.suse.com/show_bug.cgi?id=1258538
* https://bugzilla.suse.com/show_bug.cgi?id=1260531
* https://bugzilla.suse.com/show_bug.cgi?id=1261700
* https://bugzilla.suse.com/show_bug.cgi?id=1262663
* https://bugzilla.suse.com/show_bug.cgi?id=1262993
* https://bugzilla.suse.com/show_bug.cgi?id=1263769
* https://bugzilla.suse.com/show_bug.cgi?id=1263879
* https://bugzilla.suse.com/show_bug.cgi?id=1263880
* https://bugzilla.suse.com/show_bug.cgi?id=1264076
* https://bugzilla.suse.com/show_bug.cgi?id=1264093
* https://bugzilla.suse.com/show_bug.cgi?id=1264116
* https://bugzilla.suse.com/show_bug.cgi?id=1264470
* https://bugzilla.suse.com/show_bug.cgi?id=1264610
* https://bugzilla.suse.com/show_bug.cgi?id=1265116
* https://bugzilla.suse.com/show_bug.cgi?id=1265211
* https://bugzilla.suse.com/show_bug.cgi?id=1265960
* https://bugzilla.suse.com/show_bug.cgi?id=1266214
* https://bugzilla.suse.com/show_bug.cgi?id=1266290
* https://bugzilla.suse.com/show_bug.cgi?id=1266810
* https://bugzilla.suse.com/show_bug.cgi?id=1266969
* https://bugzilla.suse.com/show_bug.cgi?id=1267205
* https://bugzilla.suse.com/show_bug.cgi?id=1267214
* https://bugzilla.suse.com/show_bug.cgi?id=1267220
* https://bugzilla.suse.com/show_bug.cgi?id=1267361
* https://bugzilla.suse.com/show_bug.cgi?id=1267369
* https://bugzilla.suse.com/show_bug.cgi?id=1267387
* https://bugzilla.suse.com/show_bug.cgi?id=1267621
* https://bugzilla.suse.com/show_bug.cgi?id=1267640
* https://bugzilla.suse.com/show_bug.cgi?id=1267651
* https://bugzilla.suse.com/show_bug.cgi?id=1267652
* https://bugzilla.suse.com/show_bug.cgi?id=1267697



openSUSE-SU-2026:11099-1: moderate: python311-python-multipart-0.0.32-1.1 on GA media


# python311-python-multipart-0.0.32-1.1 on GA media

Announcement ID: openSUSE-SU-2026:11099-1
Rating: moderate

Cross-References:

* CVE-2026-53537
* CVE-2026-53538
* CVE-2026-53540

CVSS scores:

* CVE-2026-53537 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2026-53537 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-53538 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2026-53538 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-53540 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-53540 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 3 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the python311-python-multipart-0.0.32-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* python311-python-multipart 0.0.32-1.1
* python313-python-multipart 0.0.32-1.1
* python314-python-multipart 0.0.32-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-53537.html
* https://www.suse.com/security/cve/CVE-2026-53538.html
* https://www.suse.com/security/cve/CVE-2026-53540.html



openSUSE-SU-2026:11100-1: moderate: python312-3.12.13-6.1 on GA media


# python312-3.12.13-6.1 on GA media

Announcement ID: openSUSE-SU-2026:11100-1
Rating: moderate

Cross-References:

* CVE-2026-1502
* CVE-2026-3446
* CVE-2026-4786
* CVE-2026-6019
* CVE-2026-6100

CVSS scores:

* CVE-2026-1502 ( SUSE ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
* CVE-2026-1502 ( SUSE ): 5.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-3446 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2026-3446 ( SUSE ): 6 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-4786 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L
* CVE-2026-4786 ( SUSE ): 7 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-6019 ( SUSE ): 3.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-6019 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-6100 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-6100 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 5 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the python312-3.12.13-6.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* python312 3.12.13-6.1
* python312-32bit 3.12.13-6.1
* python312-curses 3.12.13-6.1
* python312-dbm 3.12.13-6.1
* python312-idle 3.12.13-6.1
* python312-tk 3.12.13-6.1
* python312-x86-64-v3 3.12.13-6.1

## References:

* https://www.suse.com/security/cve/CVE-2026-1502.html
* https://www.suse.com/security/cve/CVE-2026-3446.html
* https://www.suse.com/security/cve/CVE-2026-4786.html
* https://www.suse.com/security/cve/CVE-2026-6019.html
* https://www.suse.com/security/cve/CVE-2026-6100.html



openSUSE-SU-2026:11094-1: moderate: libnilfs3-2.3.1-1.1 on GA media


# libnilfs3-2.3.1-1.1 on GA media

Announcement ID: openSUSE-SU-2026:11094-1
Rating: moderate

Cross-References:

* CVE-2026-55392

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the libnilfs3-2.3.1-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* libnilfs3 2.3.1-1.1
* libnilfsgc3 2.3.1-1.1
* nilfs-utils 2.3.1-1.1
* nilfs-utils-devel 2.3.1-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-55392.html



openSUSE-SU-2026:11098-1: moderate: python311-nltk-3.10.0rc1-1.1 on GA media


# python311-nltk-3.10.0rc1-1.1 on GA media

Announcement ID: openSUSE-SU-2026:11098-1
Rating: moderate

Cross-References:

* CVE-2026-54293

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the python311-nltk-3.10.0rc1-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* python311-nltk 3.10.0rc1-1.1
* python313-nltk 3.10.0rc1-1.1
* python314-nltk 3.10.0rc1-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-54293.html



openSUSE-SU-2026:11097-1: moderate: python311-aiohttp-3.14.1-1.1 on GA media


# python311-aiohttp-3.14.1-1.1 on GA media

Announcement ID: openSUSE-SU-2026:11097-1
Rating: moderate

Cross-References:

* CVE-2026-50269
* CVE-2026-54273
* CVE-2026-54275
* CVE-2026-54277
* CVE-2026-54279

CVSS scores:

* CVE-2026-50269 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2026-54273 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-54275 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-54277 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-54279 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 5 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the python311-aiohttp-3.14.1-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* python311-aiohttp 3.14.1-1.1
* python313-aiohttp 3.14.1-1.1
* python314-aiohttp 3.14.1-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-50269.html
* https://www.suse.com/security/cve/CVE-2026-54273.html
* https://www.suse.com/security/cve/CVE-2026-54275.html
* https://www.suse.com/security/cve/CVE-2026-54277.html
* https://www.suse.com/security/cve/CVE-2026-54279.html



openSUSE-SU-2026:11093-1: moderate: lrzip-0.660-1.1 on GA media


# lrzip-0.660-1.1 on GA media

Announcement ID: openSUSE-SU-2026:11093-1
Rating: moderate

Cross-References:

* CVE-2025-15570
* CVE-2025-9396

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the lrzip-0.660-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* lrzip 0.660-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-15570.html
* https://www.suse.com/security/cve/CVE-2025-9396.html



openSUSE-SU-2026:11096-1: moderate: libopenbabel8-3.2.0-2.1 on GA media


# libopenbabel8-3.2.0-2.1 on GA media

Announcement ID: openSUSE-SU-2026:11096-1
Rating: moderate

Cross-References:

* CVE-2026-2704
* CVE-2026-3408

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the libopenbabel8-3.2.0-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* libopenbabel8 3.2.0-2.1
* openbabel 3.2.0-2.1
* openbabel-devel 3.2.0-2.1
* openbabel-gui 3.2.0-2.1
* python3-openbabel 3.2.0-2.1

## References:

* https://www.suse.com/security/cve/CVE-2026-2704.html
* https://www.suse.com/security/cve/CVE-2026-3408.html



openSUSE-SU-2026:11101-1: moderate: python315-3.15.0~b2-1.1 on GA media


# python315-3.15.0~b2-1.1 on GA media

Announcement ID: openSUSE-SU-2026:11101-1
Rating: moderate

Cross-References:

* CVE-2021-4189
* CVE-2026-3276
* CVE-2026-7210
* CVE-2026-7774
* CVE-2026-8328

CVSS scores:

* CVE-2021-4189 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2026-3276 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-3276 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-7210 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-7210 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-7774 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2026-7774 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-8328 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2026-8328 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 5 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the python315-3.15.0~b2-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* python315 3.15.0~b2-1.1
* python315-curses 3.15.0~b2-1.1
* python315-dbm 3.15.0~b2-1.1
* python315-idle 3.15.0~b2-1.1
* python315-profiling 3.15.0~b2-1.1
* python315-tk 3.15.0~b2-1.1
* python315-x86-64-v3 3.15.0~b2-1.1

## References:

* https://www.suse.com/security/cve/CVE-2021-4189.html
* https://www.suse.com/security/cve/CVE-2026-3276.html
* https://www.suse.com/security/cve/CVE-2026-7210.html
* https://www.suse.com/security/cve/CVE-2026-7774.html
* https://www.suse.com/security/cve/CVE-2026-8328.html



openSUSE-SU-2026:11095-1: moderate: ofono-2.19-3.1 on GA media


# ofono-2.19-3.1 on GA media

Announcement ID: openSUSE-SU-2026:11095-1
Rating: moderate

Cross-References:

* CVE-2023-2794
* CVE-2023-4232
* CVE-2023-4234
* CVE-2024-7537
* CVE-2024-7538
* CVE-2024-7539
* CVE-2024-7540
* CVE-2024-7541
* CVE-2024-7543
* CVE-2024-7544
* CVE-2024-7546

Affected Products:

* openSUSE Tumbleweed

An update that solves 11 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the ofono-2.19-3.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* ofono 2.19-3.1
* ofono-devel 2.19-3.1
* ofono-tests 2.19-3.1

## References:

* https://www.suse.com/security/cve/CVE-2023-2794.html
* https://www.suse.com/security/cve/CVE-2023-4232.html
* https://www.suse.com/security/cve/CVE-2023-4234.html
* https://www.suse.com/security/cve/CVE-2024-7537.html
* https://www.suse.com/security/cve/CVE-2024-7538.html
* https://www.suse.com/security/cve/CVE-2024-7539.html
* https://www.suse.com/security/cve/CVE-2024-7540.html
* https://www.suse.com/security/cve/CVE-2024-7541.html
* https://www.suse.com/security/cve/CVE-2024-7543.html
* https://www.suse.com/security/cve/CVE-2024-7544.html
* https://www.suse.com/security/cve/CVE-2024-7546.html



openSUSE-SU-2026:11092-1: moderate: libtar-1.2.20-3.1 on GA media


# libtar-1.2.20-3.1 on GA media

Announcement ID: openSUSE-SU-2026:11092-1
Rating: moderate

Cross-References:

* CVE-2021-33640
* CVE-2021-33643
* CVE-2021-33645

Affected Products:

* openSUSE Tumbleweed

An update that solves 3 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the libtar-1.2.20-3.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* libtar 1.2.20-3.1
* libtar-devel 1.2.20-3.1
* libtar1 1.2.20-3.1

## References:

* https://www.suse.com/security/cve/CVE-2021-33640.html
* https://www.suse.com/security/cve/CVE-2021-33643.html
* https://www.suse.com/security/cve/CVE-2021-33645.html



SUSE-SU-2026:2632-1: important: Security update for the Linux Kernel


# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2026:2632-1
Release Date: 2026-06-25T12:36:10Z
Rating: important
References:

* bsc#1255416
* bsc#1258538
* bsc#1260531
* bsc#1261256
* bsc#1262993
* bsc#1263879
* bsc#1263880
* bsc#1264076
* bsc#1264116
* bsc#1264137
* bsc#1264145
* bsc#1264263
* bsc#1264470
* bsc#1264610
* bsc#1265170
* bsc#1265211
* bsc#1265579
* bsc#1266214
* bsc#1266290
* bsc#1266767
* bsc#1266810
* bsc#1266827
* bsc#1267214
* bsc#1267361
* bsc#1267381
* bsc#1267387
* bsc#1267388
* bsc#1267531
* bsc#1267621
* bsc#1267640
* bsc#1267651
* bsc#1267652
* bsc#1267663
* bsc#1267682
* bsc#1267697
* bsc#1268307

Cross-References:

* CVE-2025-10263
* CVE-2025-68324
* CVE-2026-23392
* CVE-2026-31500
* CVE-2026-31697
* CVE-2026-31698
* CVE-2026-31699
* CVE-2026-31759
* CVE-2026-31771
* CVE-2026-43023
* CVE-2026-43074
* CVE-2026-43077
* CVE-2026-43198
* CVE-2026-45878
* CVE-2026-45886
* CVE-2026-45932
* CVE-2026-45984
* CVE-2026-46037
* CVE-2026-46090
* CVE-2026-46120
* CVE-2026-46123
* CVE-2026-46150
* CVE-2026-46159
* CVE-2026-46197
* CVE-2026-46209
* CVE-2026-46227
* CVE-2026-46273

CVSS scores:

* CVE-2025-10263 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2025-68324 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23392 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23392 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23392 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31500 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31500 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31500 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31697 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31697 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-31698 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31698 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-31699 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31699 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-31759 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31759 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2026-31759 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31771 ( SUSE ): 8.7
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31771 ( SUSE ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-31771 ( NVD ): 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-43023 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-43023 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43023 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43074 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-43074 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43074 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43077 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-43077 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-43198 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-43198 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43198 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-45878 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-45878 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-45886 ( SUSE ): 8.4
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-45886 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-45932 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-45932 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-45932 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
* CVE-2026-45984 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-45984 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-45984 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-46037 ( SUSE ): 8.8
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-46037 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
* CVE-2026-46037 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
* CVE-2026-46090 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-46090 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-46120 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2026-46120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-46123 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-46123 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-46123 ( NVD ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-46150 ( SUSE ): 8.4
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-46150 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-46150 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-46159 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-46159 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-46197 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-46197 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-46197 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-46209 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-46209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-46227 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-46227 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-46227 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-46273 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-46273 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise High Availability Extension 15 SP6
* SUSE Linux Enterprise Live Patching 15-SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves 27 vulnerabilities and has nine security fixes can now be
installed.

## Description:

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security
issues

The following security issues were fixed:

* CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs
(bsc#1266290).
* CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished
delayed work (bsc#1255416).
* CVE-2026-23392: netfilter: nf_tables: release flowtable after rcu grace
period on error (bsc#1260531).
* CVE-2026-31500: Bluetooth: btintel: serialize btintel_hw_error() with
hci_req_sync_lock (bsc#1262993).
* CVE-2026-31697: crypto: ccp: Don't attempt to copy ID to userspace if PSP
command failed (bsc#1264116).
* CVE-2026-31698: crypto: ccp: Don't attempt to copy PDH cert to userspace if
PSP command failed (bsc#1263880).
* CVE-2026-31699: crypto: ccp: Don't attempt to copy CSR to userspace if PSP
command failed (bsc#1263879).
* CVE-2026-31759: usb: ulpi: fix double free in ulpi_register_interface()
error path (bsc#1264076).
* CVE-2026-31771: Bluetooth: hci_event: move wake reason storage into
validated event handlers (bsc#1264145).
* CVE-2026-43023: Bluetooth: SCO: fix race conditions in sco_sock_connect()
(bsc#1264137).
* CVE-2026-43074: eventpoll: defer struct eventpoll free to RCU grace period
(bsc#1264263).
* CVE-2026-43077: crypto: algif_aead - Fix minimum RX size check for
decryption (bsc#1264470).
* CVE-2026-43198: tcp: fix potential race in tcp_v6_syn_recv_sock()
(bsc#1264610).
* CVE-2026-45878: drm/amdkfd: Fix watch_id bounds checking in debug address
watch v2 (bsc#1266767).
* CVE-2026-45886: bpf: Fix bpf_xdp_store_bytes proto for read-only arg
(bsc#1266810).
* CVE-2026-45932: bpf: Fix tcx/netkit detach permissions when prog fd isn't
given (bsc#1266827).
* CVE-2026-45984: gfs2: Move the inode glock locking to
gfs2_file_buffered_write (bsc#1267214).
* CVE-2026-46037: ipv4: icmp: validate reply type before using icmp_pointers
(bsc#1267361).
* CVE-2026-46090: ALSA: aloop: Use guard() for spin locks (bsc#1267531).
* CVE-2026-46120: ip6_gre: Use cached t->net in ip6erspan_changelink()
(bsc#1267640).
* CVE-2026-46123: Bluetooth: virtio_bt: clamp rx length before skb_put
(bsc#1267621).
* CVE-2026-46150: fanotify: fix false positive on permission events
(bsc#1267387).
* CVE-2026-46159: btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which
can lead to info-leak (bsc#1267652).
* CVE-2026-46197: drm/amdkfd: validate SVM ioctl nattr against buffer size
(bsc#1267381).
* CVE-2026-46209: drm/gem: Fix inconsistent plane dimension calculation in
drm_gem_fb_init_with_funcs() (bsc#1267663).
* CVE-2026-46227: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in
SCTP_SENDALL (bsc#1267697).
* CVE-2026-46273: ibmveth: Disable GSO for packets with small MSS (bsc#1265211
bsc#1267651).

The following non security issues were fixed:

* bnxt_en: Fix NULL pointer dereference (bsc#1268307).
* Drivers: hv: vmbus: Improve the logic of reserving fb_mmio on Gen2 VMs (git-
fixes).
* ethtool: provide customized dim profile management (bsc#1261256).
* hv: utils: handle and propagate errors in kvp_register (git-fixes).
* hyperv: Clean up and fix the guest ID comment in hvgdk.h (git-fixes).
* linux/dim: move useful macros to .h file (bsc#1261256).
* net: ethtool: add ethtool COALESCE_RX_CQE_FRAMES/NSECS (bsc#1261256).
* net: mana: Add ethtool counters for RX CQEs in coalesced type (bsc#1261256).
* net: mana: Add support for RX CQE Coalescing (bsc#1261256).

## Special Instructions and Notes:

* Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2632=1

* SUSE Linux Enterprise High Availability Extension 15 SP6
zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2026-2632=1

* SUSE Linux Enterprise Live Patching 15-SP6
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-2632=1

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-2632=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2632=1

## Package List:

* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* kernel-default-debugsource-6.4.0-150600.23.118.1
* kernel-syms-6.4.0-150600.23.118.1
* ocfs2-kmp-default-debuginfo-6.4.0-150600.23.118.1
* kernel-obs-build-debugsource-6.4.0-150600.23.118.1
* kernel-default-base-6.4.0-150600.23.118.1.150600.12.56.1
* cluster-md-kmp-default-debuginfo-6.4.0-150600.23.118.1
* kernel-obs-build-6.4.0-150600.23.118.1
* dlm-kmp-default-6.4.0-150600.23.118.1
* reiserfs-kmp-default-6.4.0-150600.23.118.1
* dlm-kmp-default-debuginfo-6.4.0-150600.23.118.1
* cluster-md-kmp-default-6.4.0-150600.23.118.1
* gfs2-kmp-default-debuginfo-6.4.0-150600.23.118.1
* reiserfs-kmp-default-debuginfo-6.4.0-150600.23.118.1
* kernel-default-devel-debuginfo-6.4.0-150600.23.118.1
* kernel-default-debuginfo-6.4.0-150600.23.118.1
* gfs2-kmp-default-6.4.0-150600.23.118.1
* ocfs2-kmp-default-6.4.0-150600.23.118.1
* kernel-default-devel-6.4.0-150600.23.118.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (nosrc ppc64le
x86_64)
* kernel-default-6.4.0-150600.23.118.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch)
* kernel-devel-6.4.0-150600.23.118.1
* kernel-macros-6.4.0-150600.23.118.1
* kernel-source-6.4.0-150600.23.118.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch nosrc)
* kernel-docs-6.4.0-150600.23.118.1
* SUSE Linux Enterprise High Availability Extension 15 SP6 (nosrc)
* kernel-default-6.4.0-150600.23.118.1
* SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le
s390x x86_64)
* kernel-default-debuginfo-6.4.0-150600.23.118.1
* kernel-default-debugsource-6.4.0-150600.23.118.1
* SUSE Linux Enterprise Live Patching 15-SP6 (nosrc)
* kernel-default-6.4.0-150600.23.118.1
* SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64)
* kernel-livepatch-6_4_0-150600_23_118-default-1-150600.13.3.1
* kernel-default-debugsource-6.4.0-150600.23.118.1
* kernel-default-livepatch-devel-6.4.0-150600.23.118.1
* kernel-default-livepatch-6.4.0-150600.23.118.1
* kernel-livepatch-6_4_0-150600_23_118-default-debuginfo-1-150600.13.3.1
* kernel-default-debuginfo-6.4.0-150600.23.118.1
* kernel-livepatch-SLE15-SP6_Update_28-debugsource-1-150600.13.3.1
* openSUSE Leap 15.6 (aarch64)
* dtb-amd-6.4.0-150600.23.118.1
* reiserfs-kmp-64kb-6.4.0-150600.23.118.1
* dtb-apple-6.4.0-150600.23.118.1
* dtb-freescale-6.4.0-150600.23.118.1
* dtb-sprd-6.4.0-150600.23.118.1
* dtb-apm-6.4.0-150600.23.118.1
* kernel-64kb-extra-6.4.0-150600.23.118.1
* dtb-renesas-6.4.0-150600.23.118.1
* kernel-64kb-extra-debuginfo-6.4.0-150600.23.118.1
* gfs2-kmp-64kb-6.4.0-150600.23.118.1
* kernel-64kb-debuginfo-6.4.0-150600.23.118.1
* dtb-lg-6.4.0-150600.23.118.1
* dtb-cavium-6.4.0-150600.23.118.1
* dtb-amazon-6.4.0-150600.23.118.1
* cluster-md-kmp-64kb-6.4.0-150600.23.118.1
* dtb-socionext-6.4.0-150600.23.118.1
* dtb-xilinx-6.4.0-150600.23.118.1
* dlm-kmp-64kb-debuginfo-6.4.0-150600.23.118.1
* cluster-md-kmp-64kb-debuginfo-6.4.0-150600.23.118.1
* dtb-marvell-6.4.0-150600.23.118.1
* dlm-kmp-64kb-6.4.0-150600.23.118.1
* dtb-allwinner-6.4.0-150600.23.118.1
* kselftests-kmp-64kb-6.4.0-150600.23.118.1
* reiserfs-kmp-64kb-debuginfo-6.4.0-150600.23.118.1
* dtb-broadcom-6.4.0-150600.23.118.1
* kernel-64kb-optional-6.4.0-150600.23.118.1
* kselftests-kmp-64kb-debuginfo-6.4.0-150600.23.118.1
* dtb-amlogic-6.4.0-150600.23.118.1
* dtb-hisilicon-6.4.0-150600.23.118.1
* dtb-mediatek-6.4.0-150600.23.118.1
* kernel-64kb-devel-debuginfo-6.4.0-150600.23.118.1
* dtb-altera-6.4.0-150600.23.118.1
* dtb-nvidia-6.4.0-150600.23.118.1
* gfs2-kmp-64kb-debuginfo-6.4.0-150600.23.118.1
* kernel-64kb-debugsource-6.4.0-150600.23.118.1
* kernel-64kb-optional-debuginfo-6.4.0-150600.23.118.1
* ocfs2-kmp-64kb-debuginfo-6.4.0-150600.23.118.1
* dtb-rockchip-6.4.0-150600.23.118.1
* ocfs2-kmp-64kb-6.4.0-150600.23.118.1
* kernel-64kb-devel-6.4.0-150600.23.118.1
* dtb-exynos-6.4.0-150600.23.118.1
* dtb-arm-6.4.0-150600.23.118.1
* dtb-qcom-6.4.0-150600.23.118.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* dlm-kmp-default-debuginfo-6.4.0-150600.23.118.1
* cluster-md-kmp-default-6.4.0-150600.23.118.1
* kernel-default-optional-debuginfo-6.4.0-150600.23.118.1
* kernel-default-debugsource-6.4.0-150600.23.118.1
* kernel-syms-6.4.0-150600.23.118.1
* ocfs2-kmp-default-debuginfo-6.4.0-150600.23.118.1
* kernel-default-extra-debuginfo-6.4.0-150600.23.118.1
* cluster-md-kmp-default-debuginfo-6.4.0-150600.23.118.1
* reiserfs-kmp-default-6.4.0-150600.23.118.1
* kselftests-kmp-default-6.4.0-150600.23.118.1
* kernel-default-devel-debuginfo-6.4.0-150600.23.118.1
* gfs2-kmp-default-6.4.0-150600.23.118.1
* kernel-obs-build-debugsource-6.4.0-150600.23.118.1
* kernel-obs-build-6.4.0-150600.23.118.1
* dlm-kmp-default-6.4.0-150600.23.118.1
* kernel-default-optional-6.4.0-150600.23.118.1
* kernel-default-livepatch-6.4.0-150600.23.118.1
* kernel-obs-qa-6.4.0-150600.23.118.1
* kselftests-kmp-default-debuginfo-6.4.0-150600.23.118.1
* kernel-default-extra-6.4.0-150600.23.118.1
* gfs2-kmp-default-debuginfo-6.4.0-150600.23.118.1
* reiserfs-kmp-default-debuginfo-6.4.0-150600.23.118.1
* kernel-default-debuginfo-6.4.0-150600.23.118.1
* ocfs2-kmp-default-6.4.0-150600.23.118.1
* kernel-default-devel-6.4.0-150600.23.118.1
* openSUSE Leap 15.6 (nosrc)
* dtb-aarch64-6.4.0-150600.23.118.1
* openSUSE Leap 15.6 (aarch64 nosrc)
* kernel-64kb-6.4.0-150600.23.118.1
* openSUSE Leap 15.6 (nosrc ppc64le x86_64)
* kernel-debug-6.4.0-150600.23.118.1
* openSUSE Leap 15.6 (ppc64le x86_64)
* kernel-debug-devel-debuginfo-6.4.0-150600.23.118.1
* kernel-debug-debuginfo-6.4.0-150600.23.118.1
* kernel-debug-debugsource-6.4.0-150600.23.118.1
* kernel-debug-devel-6.4.0-150600.23.118.1
* openSUSE Leap 15.6 (x86_64)
* kernel-default-vdso-6.4.0-150600.23.118.1
* kernel-default-vdso-debuginfo-6.4.0-150600.23.118.1
* kernel-kvmsmall-vdso-6.4.0-150600.23.118.1
* kernel-debug-vdso-6.4.0-150600.23.118.1
* kernel-kvmsmall-vdso-debuginfo-6.4.0-150600.23.118.1
* kernel-debug-vdso-debuginfo-6.4.0-150600.23.118.1
* openSUSE Leap 15.6 (aarch64 nosrc ppc64le s390x x86_64)
* kernel-default-6.4.0-150600.23.118.1
* openSUSE Leap 15.6 (aarch64 ppc64le x86_64)
* kernel-kvmsmall-debuginfo-6.4.0-150600.23.118.1
* kernel-default-base-rebuild-6.4.0-150600.23.118.1.150600.12.56.1
* kernel-default-base-6.4.0-150600.23.118.1.150600.12.56.1
* kernel-kvmsmall-devel-debuginfo-6.4.0-150600.23.118.1
* kernel-kvmsmall-devel-6.4.0-150600.23.118.1
* kernel-kvmsmall-debugsource-6.4.0-150600.23.118.1
* openSUSE Leap 15.6 (ppc64le s390x x86_64)
* kernel-default-livepatch-devel-6.4.0-150600.23.118.1
* kernel-livepatch-6_4_0-150600_23_118-default-1-150600.13.3.1
* kernel-livepatch-SLE15-SP6_Update_28-debugsource-1-150600.13.3.1
* kernel-livepatch-6_4_0-150600_23_118-default-debuginfo-1-150600.13.3.1
* openSUSE Leap 15.6 (noarch)
* kernel-devel-6.4.0-150600.23.118.1
* kernel-macros-6.4.0-150600.23.118.1
* kernel-source-vanilla-6.4.0-150600.23.118.1
* kernel-source-6.4.0-150600.23.118.1
* kernel-docs-html-6.4.0-150600.23.118.1
* openSUSE Leap 15.6 (noarch nosrc)
* kernel-docs-6.4.0-150600.23.118.1
* openSUSE Leap 15.6 (aarch64 nosrc ppc64le x86_64)
* kernel-kvmsmall-6.4.0-150600.23.118.1
* openSUSE Leap 15.6 (nosrc s390x)
* kernel-zfcpdump-6.4.0-150600.23.118.1
* openSUSE Leap 15.6 (s390x)
* kernel-zfcpdump-debugsource-6.4.0-150600.23.118.1
* kernel-zfcpdump-debuginfo-6.4.0-150600.23.118.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* kernel-default-debugsource-6.4.0-150600.23.118.1
* kernel-syms-6.4.0-150600.23.118.1
* ocfs2-kmp-default-debuginfo-6.4.0-150600.23.118.1
* kernel-obs-build-debugsource-6.4.0-150600.23.118.1
* cluster-md-kmp-default-debuginfo-6.4.0-150600.23.118.1
* kernel-obs-build-6.4.0-150600.23.118.1
* dlm-kmp-default-6.4.0-150600.23.118.1
* reiserfs-kmp-default-6.4.0-150600.23.118.1
* dlm-kmp-default-debuginfo-6.4.0-150600.23.118.1
* cluster-md-kmp-default-6.4.0-150600.23.118.1
* gfs2-kmp-default-debuginfo-6.4.0-150600.23.118.1
* reiserfs-kmp-default-debuginfo-6.4.0-150600.23.118.1
* kernel-default-devel-debuginfo-6.4.0-150600.23.118.1
* kernel-default-debuginfo-6.4.0-150600.23.118.1
* gfs2-kmp-default-6.4.0-150600.23.118.1
* ocfs2-kmp-default-6.4.0-150600.23.118.1
* kernel-default-devel-6.4.0-150600.23.118.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 nosrc ppc64le s390x
x86_64)
* kernel-default-6.4.0-150600.23.118.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (noarch)
* kernel-devel-6.4.0-150600.23.118.1
* kernel-macros-6.4.0-150600.23.118.1
* kernel-source-6.4.0-150600.23.118.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (noarch nosrc)
* kernel-docs-6.4.0-150600.23.118.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (nosrc s390x)
* kernel-zfcpdump-6.4.0-150600.23.118.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (s390x)
* kernel-zfcpdump-debugsource-6.4.0-150600.23.118.1
* kernel-zfcpdump-debuginfo-6.4.0-150600.23.118.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 nosrc)
* kernel-64kb-6.4.0-150600.23.118.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64)
* kernel-64kb-devel-6.4.0-150600.23.118.1
* kernel-64kb-debugsource-6.4.0-150600.23.118.1
* kernel-64kb-debuginfo-6.4.0-150600.23.118.1
* kernel-64kb-devel-debuginfo-6.4.0-150600.23.118.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le x86_64)
* kernel-default-base-6.4.0-150600.23.118.1.150600.12.56.1

## References:

* https://www.suse.com/security/cve/CVE-2025-10263.html
* https://www.suse.com/security/cve/CVE-2025-68324.html
* https://www.suse.com/security/cve/CVE-2026-23392.html
* https://www.suse.com/security/cve/CVE-2026-31500.html
* https://www.suse.com/security/cve/CVE-2026-31697.html
* https://www.suse.com/security/cve/CVE-2026-31698.html
* https://www.suse.com/security/cve/CVE-2026-31699.html
* https://www.suse.com/security/cve/CVE-2026-31759.html
* https://www.suse.com/security/cve/CVE-2026-31771.html
* https://www.suse.com/security/cve/CVE-2026-43023.html
* https://www.suse.com/security/cve/CVE-2026-43074.html
* https://www.suse.com/security/cve/CVE-2026-43077.html
* https://www.suse.com/security/cve/CVE-2026-43198.html
* https://www.suse.com/security/cve/CVE-2026-45878.html
* https://www.suse.com/security/cve/CVE-2026-45886.html
* https://www.suse.com/security/cve/CVE-2026-45932.html
* https://www.suse.com/security/cve/CVE-2026-45984.html
* https://www.suse.com/security/cve/CVE-2026-46037.html
* https://www.suse.com/security/cve/CVE-2026-46090.html
* https://www.suse.com/security/cve/CVE-2026-46120.html
* https://www.suse.com/security/cve/CVE-2026-46123.html
* https://www.suse.com/security/cve/CVE-2026-46150.html
* https://www.suse.com/security/cve/CVE-2026-46159.html
* https://www.suse.com/security/cve/CVE-2026-46197.html
* https://www.suse.com/security/cve/CVE-2026-46209.html
* https://www.suse.com/security/cve/CVE-2026-46227.html
* https://www.suse.com/security/cve/CVE-2026-46273.html
* https://bugzilla.suse.com/show_bug.cgi?id=1255416
* https://bugzilla.suse.com/show_bug.cgi?id=1258538
* https://bugzilla.suse.com/show_bug.cgi?id=1260531
* https://bugzilla.suse.com/show_bug.cgi?id=1261256
* https://bugzilla.suse.com/show_bug.cgi?id=1262993
* https://bugzilla.suse.com/show_bug.cgi?id=1263879
* https://bugzilla.suse.com/show_bug.cgi?id=1263880
* https://bugzilla.suse.com/show_bug.cgi?id=1264076
* https://bugzilla.suse.com/show_bug.cgi?id=1264116
* https://bugzilla.suse.com/show_bug.cgi?id=1264137
* https://bugzilla.suse.com/show_bug.cgi?id=1264145
* https://bugzilla.suse.com/show_bug.cgi?id=1264263
* https://bugzilla.suse.com/show_bug.cgi?id=1264470
* https://bugzilla.suse.com/show_bug.cgi?id=1264610
* https://bugzilla.suse.com/show_bug.cgi?id=1265170
* https://bugzilla.suse.com/show_bug.cgi?id=1265211
* https://bugzilla.suse.com/show_bug.cgi?id=1265579
* https://bugzilla.suse.com/show_bug.cgi?id=1266214
* https://bugzilla.suse.com/show_bug.cgi?id=1266290
* https://bugzilla.suse.com/show_bug.cgi?id=1266767
* https://bugzilla.suse.com/show_bug.cgi?id=1266810
* https://bugzilla.suse.com/show_bug.cgi?id=1266827
* https://bugzilla.suse.com/show_bug.cgi?id=1267214
* https://bugzilla.suse.com/show_bug.cgi?id=1267361
* https://bugzilla.suse.com/show_bug.cgi?id=1267381
* https://bugzilla.suse.com/show_bug.cgi?id=1267387
* https://bugzilla.suse.com/show_bug.cgi?id=1267388
* https://bugzilla.suse.com/show_bug.cgi?id=1267531
* https://bugzilla.suse.com/show_bug.cgi?id=1267621
* https://bugzilla.suse.com/show_bug.cgi?id=1267640
* https://bugzilla.suse.com/show_bug.cgi?id=1267651
* https://bugzilla.suse.com/show_bug.cgi?id=1267652
* https://bugzilla.suse.com/show_bug.cgi?id=1267663
* https://bugzilla.suse.com/show_bug.cgi?id=1267682
* https://bugzilla.suse.com/show_bug.cgi?id=1267697
* https://bugzilla.suse.com/show_bug.cgi?id=1268307



SUSE-SU-2026:2634-1: important: Security update for python-pip


# Security update for python-pip

Announcement ID: SUSE-SU-2026:2634-1
Release Date: 2026-06-25T13:55:49Z
Rating: important
References:

* bsc#1262429
* bsc#1263442
* bsc#1266669

Cross-References:

* CVE-2026-3219
* CVE-2026-6357
* CVE-2026-8643

CVSS scores:

* CVE-2026-3219 ( SUSE ): 4.6
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-3219 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
* CVE-2026-3219 ( NVD ): 4.6
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-6357 ( SUSE ): 5.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-6357 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
* CVE-2026-6357 ( NVD ): 5.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-8643 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
* CVE-2026-8643 ( NVD ): 4.1
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-8643 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Affected Products:

* openSUSE Leap 15.4
* Public Cloud Module 15-SP4
* Python 3 Module 15-SP7
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves three vulnerabilities can now be installed.

## Description:

This update for python-pip fixes the following issues

* CVE-2026-3219: pip doesn't reject concatenated ZIP (bsc#1262429).
* CVE-2026-6357: pip self-update functionality can import newly installed
modules after wheel installation (bsc#1263442).
* CVE-2026-8643: path traversal via malicious entry point name in pip wheel
installation allows arbitrary file overwrite (bsc#1266669).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2634=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2634=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2634=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-2634=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2634=1

* Python 3 Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-2634=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2634=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2634=1

* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2026-2634=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2634=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2634=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2634=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2634=1

## Package List:

* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* python311-pip-22.3.1-150400.17.26.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* python311-pip-22.3.1-150400.17.26.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* python311-pip-22.3.1-150400.17.26.1
* Public Cloud Module 15-SP4 (noarch)
* python311-pip-22.3.1-150400.17.26.1
* openSUSE Leap 15.4 (noarch)
* python311-pip-22.3.1-150400.17.26.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
* python311-pip-22.3.1-150400.17.26.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
* python311-pip-22.3.1-150400.17.26.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
* python311-pip-22.3.1-150400.17.26.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch)
* python311-pip-22.3.1-150400.17.26.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
* python311-pip-22.3.1-150400.17.26.1
* Python 3 Module 15-SP7 (noarch)
* python311-pip-22.3.1-150400.17.26.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
* python311-pip-22.3.1-150400.17.26.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (noarch)
* python311-pip-22.3.1-150400.17.26.1

## References:

* https://www.suse.com/security/cve/CVE-2026-3219.html
* https://www.suse.com/security/cve/CVE-2026-6357.html
* https://www.suse.com/security/cve/CVE-2026-8643.html
* https://bugzilla.suse.com/show_bug.cgi?id=1262429
* https://bugzilla.suse.com/show_bug.cgi?id=1263442
* https://bugzilla.suse.com/show_bug.cgi?id=1266669



SUSE-SU-2026:2636-1: important: Security update for podman


# Security update for podman

Announcement ID: SUSE-SU-2026:2636-1
Release Date: 2026-06-25T15:18:47Z
Rating: important
References:

* bsc#1262856
* bsc#1266125

Cross-References:

* CVE-2026-34986
* CVE-2026-39829
* CVE-2026-39830
* CVE-2026-42508
* CVE-2026-46598

CVSS scores:

* CVE-2026-34986 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-34986 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-34986 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-39829 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-39829 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-39829 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-39830 ( SUSE ): 7.1
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-39830 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-39830 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-42508 ( SUSE ): 8.6
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-42508 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-42508 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-46598 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-46598 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-46598 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* openSUSE Leap 15.3
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Server 15 SP3

An update that solves five vulnerabilities can now be installed.

## Description:

This update for podman fixes the following issues

* CVE-2026-34986: github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3:
crafted JWE input with a missing encrypted key can lead to a denial of
service (bsc#1262856).
* CVE-2026-39829,CVE-2026-39830,CVE-2026-42508,CVE-2026-46598:
golang.org/x/crypto/ssh: multiple issues (bsc#1266125).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2026-2636=1

* openSUSE Leap 15.3
zypper in -t patch SUSE-2026-2636=1

## Package List:

* openSUSE Leap 15.3 (aarch64 i586 ppc64le s390x x86_64)
* podman-remote-debuginfo-4.9.5-150300.9.78.1
* podman-debuginfo-4.9.5-150300.9.78.1
* podman-4.9.5-150300.9.78.1
* podman-remote-4.9.5-150300.9.78.1
* podmansh-4.9.5-150300.9.78.1
* openSUSE Leap 15.3 (noarch)
* podman-docker-4.9.5-150300.9.78.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* podman-4.9.5-150300.9.78.1
* podman-debuginfo-4.9.5-150300.9.78.1

## References:

* https://www.suse.com/security/cve/CVE-2026-34986.html
* https://www.suse.com/security/cve/CVE-2026-39829.html
* https://www.suse.com/security/cve/CVE-2026-39830.html
* https://www.suse.com/security/cve/CVE-2026-42508.html
* https://www.suse.com/security/cve/CVE-2026-46598.html
* https://bugzilla.suse.com/show_bug.cgi?id=1262856
* https://bugzilla.suse.com/show_bug.cgi?id=1266125



openSUSE-SU-2026:0217-1: moderate: Security update for perl-Net-Dropbox-API


openSUSE Security Update: Security update for perl-Net-Dropbox-API
_______________________________

Announcement ID: openSUSE-SU-2026:0217-1
Rating: moderate
References: #1240884
Cross-References: CVE-2024-58036
Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes one vulnerability is now available.

Description:

This update for perl-Net-Dropbox-API fixes the following issues:

- Improve entropy for secure tokens CVE-2024-58036 boo#1240884 Add
cpanspec.yml file used by cpanspec for autogenerating the spec.

- Normalize CPAN version See
https://github.com/openSUSE/cpanspec/issues/47 for details

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-217=1

Package List:

- openSUSE Backports SLE-15-SP7 (noarch):

perl-Net-Dropbox-API-1.900.0-bp157.2.3.1

References:

https://www.suse.com/security/cve/CVE-2024-58036.html
https://bugzilla.suse.com/1240884


Kernel, Firefox, and PostgreSQL updates for Rocky Linux

CPP-Httplib, ImageMagick, containerd, xrdp, and AMD Microcode updates for Ubuntu

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...