Ovmf, Kernel-Devel, Firefox, and more updates for SUSE

SUSE 5530 Published 2026-01-15 08:48 by Philipp Esselbach

News

Several security updates have been released for SUSE Linux, addressing various vulnerabilities. These updates include a security update for ovmf and several other important fixes for openSUSE's kernel-devel, mcphost, fluidsynth, firefox-esr, and libsoup-3_0-0 packages. The updates range from moderate to important severity, indicating the need for prompt installation to ensure system security. Users are advised to review these updates and install them as necessary to maintain their system's security.

SUSE-SU-2026:0120-1: important: Security update for ovmf
openSUSE-SU-2026:10039-1: moderate: kernel-devel-6.18.5-1.1 on GA media
openSUSE-SU-2026:10042-1: moderate: mcphost-0.32.0-1.1 on GA media
openSUSE-SU-2026:10038-1: moderate: fluidsynth-2.5.2-2.1 on GA media
openSUSE-SU-2026:10037-1: moderate: firefox-esr-140.7.0-1.1 on GA media
openSUSE-SU-2026:10040-1: moderate: libsoup-3_0-0-3.6.5-11.1 on GA media

SUSE-SU-2026:0120-1: important: Security update for ovmf

# Security update for ovmf

Announcement ID: SUSE-SU-2026:0120-1
Release Date: 2026-01-14T06:46:46Z
Rating: important
References:

* bsc#1218680

Cross-References:

* CVE-2022-36765

CVSS scores:

* CVE-2022-36765 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H
* CVE-2022-36765 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-36765 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for ovmf fixes the following issues:

* CVE-2022-36765: Fixed integer overflow to buffer overflow via local network
vulnerability (bsc#1218680).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-120=1 openSUSE-SLE-15.6-2026-120=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-120=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-120=1

## Package List:

* openSUSE Leap 15.6 (aarch64 x86_64)
* ovmf-202308-150600.5.25.1
* ovmf-tools-202308-150600.5.25.1
* openSUSE Leap 15.6 (noarch)
* qemu-uefi-aarch32-202308-150600.5.25.1
* qemu-ovmf-ia32-202308-150600.5.25.1
* qemu-uefi-aarch64-202308-150600.5.25.1
* qemu-ovmf-x86_64-202308-150600.5.25.1
* openSUSE Leap 15.6 (x86_64)
* qemu-ovmf-x86_64-debug-202308-150600.5.25.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 x86_64)
* ovmf-202308-150600.5.25.1
* ovmf-tools-202308-150600.5.25.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (noarch)
* qemu-uefi-aarch64-202308-150600.5.25.1
* qemu-ovmf-x86_64-202308-150600.5.25.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64)
* ovmf-202308-150600.5.25.1
* ovmf-tools-202308-150600.5.25.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch)
* qemu-ovmf-x86_64-202308-150600.5.25.1

## References:

* https://www.suse.com/security/cve/CVE-2022-36765.html
* https://bugzilla.suse.com/show_bug.cgi?id=1218680

openSUSE-SU-2026:10039-1: moderate: kernel-devel-6.18.5-1.1 on GA media

# kernel-devel-6.18.5-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10039-1
Rating: moderate

Cross-References:

* CVE-2025-68332
* CVE-2025-68335
* CVE-2025-68336
* CVE-2025-68337
* CVE-2025-68344
* CVE-2025-68345
* CVE-2025-68346
* CVE-2025-68347
* CVE-2025-68348
* CVE-2025-68349
* CVE-2025-68350
* CVE-2025-68351
* CVE-2025-68352
* CVE-2025-68353
* CVE-2025-68354
* CVE-2025-68355
* CVE-2025-68356
* CVE-2025-68357
* CVE-2025-68358
* CVE-2025-68359
* CVE-2025-68360
* CVE-2025-68361
* CVE-2025-68362
* CVE-2025-68363
* CVE-2025-68364
* CVE-2025-68365
* CVE-2025-68366
* CVE-2025-68367
* CVE-2025-68368
* CVE-2025-68369
* CVE-2025-68370
* CVE-2025-68371
* CVE-2025-68372
* CVE-2025-68373
* CVE-2025-68374
* CVE-2025-68375
* CVE-2025-68376
* CVE-2025-68377
* CVE-2025-68378
* CVE-2025-68379
* CVE-2025-68380
* CVE-2025-68724
* CVE-2025-68725
* CVE-2025-68726
* CVE-2025-68727
* CVE-2025-68728
* CVE-2025-68729
* CVE-2025-68730
* CVE-2025-68731
* CVE-2025-68732
* CVE-2025-68733
* CVE-2025-68735
* CVE-2025-68736
* CVE-2025-68737
* CVE-2025-68738
* CVE-2025-68739
* CVE-2025-68740
* CVE-2025-68741
* CVE-2025-68742
* CVE-2025-68743
* CVE-2025-68744
* CVE-2025-68745
* CVE-2025-68746
* CVE-2025-68747
* CVE-2025-68748
* CVE-2025-68749
* CVE-2025-68751
* CVE-2025-68752
* CVE-2025-68753
* CVE-2025-68754
* CVE-2025-68755
* CVE-2025-68756
* CVE-2025-68757
* CVE-2025-68758
* CVE-2025-68759
* CVE-2025-68760
* CVE-2025-68761
* CVE-2025-68762
* CVE-2025-68763
* CVE-2025-68764
* CVE-2025-68765
* CVE-2025-68766

CVSS scores:

* CVE-2025-68332 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68335 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68336 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68337 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68344 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2025-68344 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68345 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68346 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68347 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-68347 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68348 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68348 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68349 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68350 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68351 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68352 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68353 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68353 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68354 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68355 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68356 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68357 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68357 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68358 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68358 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68359 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68360 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68360 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68361 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68361 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68364 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68365 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68366 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68367 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68368 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68368 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68369 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68369 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68370 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68370 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68371 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68372 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68372 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68373 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68374 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68374 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68375 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68376 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68376 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68377 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68378 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68379 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68379 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68380 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68724 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68725 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68726 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68727 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68728 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68728 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68729 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2025-68729 ( SUSE ): 6.8 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68730 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68731 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2025-68731 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-68732 ( SUSE ): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-68732 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68735 ( SUSE ): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-68735 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68736 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N
* CVE-2025-68736 ( SUSE ): 7 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-68737 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N
* CVE-2025-68737 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-68738 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68738 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68739 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-68739 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68740 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68740 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68741 ( SUSE ): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
* CVE-2025-68741 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68742 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68742 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68743 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-68743 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68744 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68744 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68745 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68745 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68746 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68746 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68747 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-68747 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68748 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-68748 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68749 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68749 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68751 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-68751 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-68752 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/S:U/UI:N/C:N/I:N/A:H
* CVE-2025-68753 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2025-68753 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-68754 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-68754 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68755 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68755 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68756 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68756 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68757 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68757 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68758 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-68758 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68759 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68759 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68760 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2025-68760 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68761 ( SUSE ): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-68761 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68762 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-68762 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-68763 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2025-68763 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68764 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2025-68764 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-68765 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68765 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68766 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2025-68766 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 82 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the kernel-devel-6.18.5-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* kernel-devel 6.18.5-1.1
* kernel-macros 6.18.5-1.1
* kernel-source 6.18.5-1.1
* kernel-source-vanilla 6.18.5-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-68332.html
* https://www.suse.com/security/cve/CVE-2025-68335.html
* https://www.suse.com/security/cve/CVE-2025-68336.html
* https://www.suse.com/security/cve/CVE-2025-68337.html
* https://www.suse.com/security/cve/CVE-2025-68344.html
* https://www.suse.com/security/cve/CVE-2025-68345.html
* https://www.suse.com/security/cve/CVE-2025-68346.html
* https://www.suse.com/security/cve/CVE-2025-68347.html
* https://www.suse.com/security/cve/CVE-2025-68348.html
* https://www.suse.com/security/cve/CVE-2025-68349.html
* https://www.suse.com/security/cve/CVE-2025-68350.html
* https://www.suse.com/security/cve/CVE-2025-68351.html
* https://www.suse.com/security/cve/CVE-2025-68352.html
* https://www.suse.com/security/cve/CVE-2025-68353.html
* https://www.suse.com/security/cve/CVE-2025-68354.html
* https://www.suse.com/security/cve/CVE-2025-68355.html
* https://www.suse.com/security/cve/CVE-2025-68356.html
* https://www.suse.com/security/cve/CVE-2025-68357.html
* https://www.suse.com/security/cve/CVE-2025-68358.html
* https://www.suse.com/security/cve/CVE-2025-68359.html
* https://www.suse.com/security/cve/CVE-2025-68360.html
* https://www.suse.com/security/cve/CVE-2025-68361.html
* https://www.suse.com/security/cve/CVE-2025-68362.html
* https://www.suse.com/security/cve/CVE-2025-68363.html
* https://www.suse.com/security/cve/CVE-2025-68364.html
* https://www.suse.com/security/cve/CVE-2025-68365.html
* https://www.suse.com/security/cve/CVE-2025-68366.html
* https://www.suse.com/security/cve/CVE-2025-68367.html
* https://www.suse.com/security/cve/CVE-2025-68368.html
* https://www.suse.com/security/cve/CVE-2025-68369.html
* https://www.suse.com/security/cve/CVE-2025-68370.html
* https://www.suse.com/security/cve/CVE-2025-68371.html
* https://www.suse.com/security/cve/CVE-2025-68372.html
* https://www.suse.com/security/cve/CVE-2025-68373.html
* https://www.suse.com/security/cve/CVE-2025-68374.html
* https://www.suse.com/security/cve/CVE-2025-68375.html
* https://www.suse.com/security/cve/CVE-2025-68376.html
* https://www.suse.com/security/cve/CVE-2025-68377.html
* https://www.suse.com/security/cve/CVE-2025-68378.html
* https://www.suse.com/security/cve/CVE-2025-68379.html
* https://www.suse.com/security/cve/CVE-2025-68380.html
* https://www.suse.com/security/cve/CVE-2025-68724.html
* https://www.suse.com/security/cve/CVE-2025-68725.html
* https://www.suse.com/security/cve/CVE-2025-68726.html
* https://www.suse.com/security/cve/CVE-2025-68727.html
* https://www.suse.com/security/cve/CVE-2025-68728.html
* https://www.suse.com/security/cve/CVE-2025-68729.html
* https://www.suse.com/security/cve/CVE-2025-68730.html
* https://www.suse.com/security/cve/CVE-2025-68731.html
* https://www.suse.com/security/cve/CVE-2025-68732.html
* https://www.suse.com/security/cve/CVE-2025-68733.html
* https://www.suse.com/security/cve/CVE-2025-68735.html
* https://www.suse.com/security/cve/CVE-2025-68736.html
* https://www.suse.com/security/cve/CVE-2025-68737.html
* https://www.suse.com/security/cve/CVE-2025-68738.html
* https://www.suse.com/security/cve/CVE-2025-68739.html
* https://www.suse.com/security/cve/CVE-2025-68740.html
* https://www.suse.com/security/cve/CVE-2025-68741.html
* https://www.suse.com/security/cve/CVE-2025-68742.html
* https://www.suse.com/security/cve/CVE-2025-68743.html
* https://www.suse.com/security/cve/CVE-2025-68744.html
* https://www.suse.com/security/cve/CVE-2025-68745.html
* https://www.suse.com/security/cve/CVE-2025-68746.html
* https://www.suse.com/security/cve/CVE-2025-68747.html
* https://www.suse.com/security/cve/CVE-2025-68748.html
* https://www.suse.com/security/cve/CVE-2025-68749.html
* https://www.suse.com/security/cve/CVE-2025-68751.html
* https://www.suse.com/security/cve/CVE-2025-68752.html
* https://www.suse.com/security/cve/CVE-2025-68753.html
* https://www.suse.com/security/cve/CVE-2025-68754.html
* https://www.suse.com/security/cve/CVE-2025-68755.html
* https://www.suse.com/security/cve/CVE-2025-68756.html
* https://www.suse.com/security/cve/CVE-2025-68757.html
* https://www.suse.com/security/cve/CVE-2025-68758.html
* https://www.suse.com/security/cve/CVE-2025-68759.html
* https://www.suse.com/security/cve/CVE-2025-68760.html
* https://www.suse.com/security/cve/CVE-2025-68761.html
* https://www.suse.com/security/cve/CVE-2025-68762.html
* https://www.suse.com/security/cve/CVE-2025-68763.html
* https://www.suse.com/security/cve/CVE-2025-68764.html
* https://www.suse.com/security/cve/CVE-2025-68765.html
* https://www.suse.com/security/cve/CVE-2025-68766.html

openSUSE-SU-2026:10042-1: moderate: mcphost-0.32.0-1.1 on GA media

# mcphost-0.32.0-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10042-1
Rating: moderate

Cross-References:

* CVE-2025-47913
* CVE-2025-47914
* CVE-2025-58181

CVSS scores:

* CVE-2025-47913 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-47913 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-47914 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-47914 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-58181 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-58181 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 3 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the mcphost-0.32.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* mcphost 0.32.0-1.1
* mcphost-bash-completion 0.32.0-1.1
* mcphost-fish-completion 0.32.0-1.1
* mcphost-zsh-completion 0.32.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-47913.html
* https://www.suse.com/security/cve/CVE-2025-47914.html
* https://www.suse.com/security/cve/CVE-2025-58181.html

openSUSE-SU-2026:10038-1: moderate: fluidsynth-2.5.2-2.1 on GA media

# fluidsynth-2.5.2-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10038-1
Rating: moderate

Cross-References:

* CVE-2025-56225

CVSS scores:

* CVE-2025-56225 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-56225 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the fluidsynth-2.5.2-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* fluidsynth 2.5.2-2.1
* fluidsynth-devel 2.5.2-2.1
* libfluidsynth3 2.5.2-2.1
* libfluidsynth3-32bit 2.5.2-2.1

## References:

* https://www.suse.com/security/cve/CVE-2025-56225.html

openSUSE-SU-2026:10037-1: moderate: firefox-esr-140.7.0-1.1 on GA media

# firefox-esr-140.7.0-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10037-1
Rating: moderate

Cross-References:

* CVE-2025-14327
* CVE-2026-0877
* CVE-2026-0878
* CVE-2026-0879
* CVE-2026-0880
* CVE-2026-0882
* CVE-2026-0883
* CVE-2026-0884
* CVE-2026-0885
* CVE-2026-0886
* CVE-2026-0887
* CVE-2026-0890
* CVE-2026-0891

CVSS scores:

* CVE-2025-14327 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2025-14327 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 13 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the firefox-esr-140.7.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* firefox-esr 140.7.0-1.1
* firefox-esr-branding-upstream 140.7.0-1.1
* firefox-esr-translations-common 140.7.0-1.1
* firefox-esr-translations-other 140.7.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-14327.html
* https://www.suse.com/security/cve/CVE-2026-0877.html
* https://www.suse.com/security/cve/CVE-2026-0878.html
* https://www.suse.com/security/cve/CVE-2026-0879.html
* https://www.suse.com/security/cve/CVE-2026-0880.html
* https://www.suse.com/security/cve/CVE-2026-0882.html
* https://www.suse.com/security/cve/CVE-2026-0883.html
* https://www.suse.com/security/cve/CVE-2026-0884.html
* https://www.suse.com/security/cve/CVE-2026-0885.html
* https://www.suse.com/security/cve/CVE-2026-0886.html
* https://www.suse.com/security/cve/CVE-2026-0887.html
* https://www.suse.com/security/cve/CVE-2026-0890.html
* https://www.suse.com/security/cve/CVE-2026-0891.html

openSUSE-SU-2026:10040-1: moderate: libsoup-3_0-0-3.6.5-11.1 on GA media

# libsoup-3_0-0-3.6.5-11.1 on GA media

Announcement ID: openSUSE-SU-2026:10040-1
Rating: moderate

Cross-References:

* CVE-2026-0716
* CVE-2026-0719

CVSS scores:

* CVE-2026-0716 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L
* CVE-2026-0716 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-0719 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-0719 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the libsoup-3_0-0-3.6.5-11.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* libsoup-3_0-0 3.6.5-11.1
* libsoup-3_0-0-32bit 3.6.5-11.1
* libsoup-devel 3.6.5-11.1
* libsoup-devel-32bit 3.6.5-11.1
* libsoup-lang 3.6.5-11.1
* typelib-1_0-Soup-3_0 3.6.5-11.1

## References:

* https://www.suse.com/security/cve/CVE-2026-0716.html
* https://www.suse.com/security/cve/CVE-2026-0719.html

Firefox, Libpng, Thunderbird updates for Slackware

AngularJS, Erlang, Klibc, Libpng updates for Ubuntu

Ovmf, Kernel-Devel, Firefox, and more updates for SUSE

SUSE-SU-2026:0120-1: important: Security update for ovmf

openSUSE-SU-2026:10039-1: moderate: kernel-devel-6.18.5-1.1 on GA media

openSUSE-SU-2026:10042-1: moderate: mcphost-0.32.0-1.1 on GA media

openSUSE-SU-2026:10038-1: moderate: fluidsynth-2.5.2-2.1 on GA media

openSUSE-SU-2026:10037-1: moderate: firefox-esr-140.7.0-1.1 on GA media

openSUSE-SU-2026:10040-1: moderate: libsoup-3_0-0-3.6.5-11.1 on GA media

Windows

Linux

macOS

Community