Python-cbor2, Kernel, PostgreSQL, and more updates for SUSE

SUSE 5600 Published by

SUSE Linux has released a significant number of security updates affecting both openSUSE and Enterprise systems. The majority of these advisories carry an important rating due to vulnerabilities found in the Linux Kernel and essential packages like salt or postgresql17. Administrators should note that specific live patches are available for SUSE Linux Enterprise 15 SP5 alongside standard kernel maintenance releases. Lower severity fixes also exist for applications such as firefox ESR and mumble to help maintain overall system stability across the distribution.

openSUSE-SU-2026:0095-1: important: Security update for python-cbor2
SUSE-SU-2026:1000-1: important: Security update for the Linux Kernel (Live Patch 24 for SUSE Linux Enterprise 15 SP5)
SUSE-SU-2026:1041-1: important: Security update for the Linux Kernel
SUSE-SU-2026:1042-1: important: Security update for govulncheck-vulndb
SUSE-SU-2026:1039-1: important: Security update for the Linux Kernel (Live Patch 29 for SUSE Linux Enterprise 15 SP5)
openSUSE-SU-2026:20390-1: moderate: Security update for protobuf
openSUSE-SU-2026:20394-1: low: Security update for mumble
openSUSE-SU-2026:20383-1: important: Security update for net-snmp
openSUSE-SU-2026:20380-1: important: Security update for snpguest
openSUSE-SU-2026:20388-1: important: Security update for postgresql17
openSUSE-SU-2026:20393-1: important: Security update for python-simpleeval
openSUSE-SU-2026:20378-1: important: Security update for libpng16
SUSE-SU-2026:1003-1: important: Security update for the Linux Kernel
SUSE-SU-2026:1008-1: important: Security update for Prometheus
openSUSE-SU-2026:10415-1: moderate: glances-common-4.5.2-1.1 on GA media
openSUSE-SU-2026:10413-1: moderate: firefox-esr-140.9.0-1.1 on GA media
openSUSE-SU-2026:10416-1: moderate: python313-PyMuPDF-1.27.2.2-1.1 on GA media
openSUSE-SU-2026:10407-1: moderate: azure-storage-azcopy-10.32.2-1.1 on GA media
openSUSE-SU-2026:10410-1: moderate: pnpm-10.32.1-1.1 on GA media
openSUSE-SU-2026:10412-1: moderate: python311-pydicom-3.0.2-1.1 on GA media
openSUSE-SU-2026:10414-1: moderate: perl-Crypt-URandom-0.550.0-1.1 on GA media
openSUSE-SU-2026:10409-1: moderate: pgvector-devel-0.8.2-1.1 on GA media
openSUSE-SU-2026:10411-1: moderate: python311-dynaconf-3.2.13-1.1 on GA media
SUSE-SU-2026:1013-1: important: Security update 5.0.7 for Multi-Linux Manager Client Tools
SUSE-SU-2026:1027-1: important: Security update for salt
SUSE-SU-2026:1028-1: important: Security update for salt
SUSE-SU-2026:1029-1: important: Security update for salt
SUSE-SU-2026:1035-1: important: Maintenance update for Multi-Linux Manager 4.3 Release Notes Release Notes
SUSE-SU-2026:1037-1: important: Security update for grafana
SUSE-SU-2026:1002-1: important: Security update for the Linux Kernel (Live Patch 28 for SUSE Linux Enterprise 15 SP5)



openSUSE-SU-2026:0095-1: important: Security update for python-cbor2


openSUSE Security Update: Security update for python-cbor2
_______________________________

Announcement ID: openSUSE-SU-2026:0095-1
Rating: important
References: #1260367
Cross-References: CVE-2026-26209
CVSS scores:
CVE-2026-26209 (SUSE): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes one vulnerability is now available.

Description:

This update for python-cbor2 fixes the following issues:

- CVE-2026-26209: Fixed uncontrolled recursion via crafted CBOR payloads
that could cause a denial of service (boo#1260367)

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-95=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64):

python311-cbor2-5.5.1-bp157.2.6.1

References:

https://www.suse.com/security/cve/CVE-2026-26209.html
https://bugzilla.suse.com/1260367



SUSE-SU-2026:1000-1: important: Security update for the Linux Kernel (Live Patch 24 for SUSE Linux Enterprise 15 SP5)


# Security update for the Linux Kernel (Live Patch 24 for SUSE Linux Enterprise
15 SP5)

Announcement ID: SUSE-SU-2026:1000-1
Release Date: 2026-03-25T07:34:28Z
Rating: important
References:

* bsc#1247240
* bsc#1250730
* bsc#1254755
* bsc#1255053
* bsc#1255378
* bsc#1255402
* bsc#1255595
* bsc#1256624
* bsc#1256644
* bsc#1257118
* bsc#1257629

Cross-References:

* CVE-2022-50697
* CVE-2023-53257
* CVE-2023-53781
* CVE-2025-21738
* CVE-2025-38159
* CVE-2025-38488
* CVE-2025-40258
* CVE-2025-68284
* CVE-2025-68285
* CVE-2025-68813
* CVE-2025-71085

CVSS scores:

* CVE-2022-50697 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50697 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-53257 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53257 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-53257 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-53257 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-53781 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53781 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-21738 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-21738 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-21738 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38159 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38159 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38159 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2025-38488 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38488 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38488 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-40258 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-40258 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-68284 ( SUSE ): 7.0
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68284 ( SUSE ): 7.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2025-68285 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68285 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-68813 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68813 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-71085 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-71085 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves 11 vulnerabilities can now be installed.

## Description:

This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.97 fixes
various security issues

The following security issues were fixed:

* CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant
uninit (bsc#1255595).
* CVE-2023-53257: wifi: mac80211: check S1G action frame size (bsc#1250730).
* CVE-2023-53781: smc: Fix use-after-free in tcp_write_timer_handler()
(bsc#1254755).
* CVE-2025-21738: ata: libata-sff: ensure that we cannot write outside the
allocated buffer (bsc#1257118).
* CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out
of bounds (bsc#1257629).
* CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using
async crypto (bsc#1247240).
* CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work()
(bsc#1255053).
* CVE-2025-68284: libceph: prevent potential out-of-bounds writes in
handle_auth_session_key() (bsc#1255378).
* CVE-2025-68285: libceph: fix potential use-after-free in
have_mon_and_osd_map() (bsc#1255402).
* CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path
(bsc#1256644).
* CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of
calipso_skbuff_setattr() (bsc#1256624).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-999=1 SUSE-SLE-
Module-Live-Patching-15-SP5-2026-1000=1

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-1000=1 SUSE-2026-999=1

## Package List:

* SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150500_55_97-default-debuginfo-16-150500.2.2
* kernel-livepatch-SLE15-SP5_Update_23-debugsource-16-150500.2.2
* kernel-livepatch-5_14_21-150500_55_97-default-16-150500.2.2
* kernel-livepatch-5_14_21-150500_55_94-default-16-150500.2.2
* kernel-livepatch-SLE15-SP5_Update_24-debugsource-16-150500.2.2
* kernel-livepatch-5_14_21-150500_55_94-default-debuginfo-16-150500.2.2
* openSUSE Leap 15.5 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150500_55_97-default-debuginfo-16-150500.2.2
* kernel-livepatch-SLE15-SP5_Update_23-debugsource-16-150500.2.2
* kernel-livepatch-5_14_21-150500_55_97-default-16-150500.2.2
* kernel-livepatch-5_14_21-150500_55_94-default-16-150500.2.2
* kernel-livepatch-SLE15-SP5_Update_24-debugsource-16-150500.2.2
* kernel-livepatch-5_14_21-150500_55_94-default-debuginfo-16-150500.2.2

## References:

* https://www.suse.com/security/cve/CVE-2022-50697.html
* https://www.suse.com/security/cve/CVE-2023-53257.html
* https://www.suse.com/security/cve/CVE-2023-53781.html
* https://www.suse.com/security/cve/CVE-2025-21738.html
* https://www.suse.com/security/cve/CVE-2025-38159.html
* https://www.suse.com/security/cve/CVE-2025-38488.html
* https://www.suse.com/security/cve/CVE-2025-40258.html
* https://www.suse.com/security/cve/CVE-2025-68284.html
* https://www.suse.com/security/cve/CVE-2025-68285.html
* https://www.suse.com/security/cve/CVE-2025-68813.html
* https://www.suse.com/security/cve/CVE-2025-71085.html
* https://bugzilla.suse.com/show_bug.cgi?id=1247240
* https://bugzilla.suse.com/show_bug.cgi?id=1250730
* https://bugzilla.suse.com/show_bug.cgi?id=1254755
* https://bugzilla.suse.com/show_bug.cgi?id=1255053
* https://bugzilla.suse.com/show_bug.cgi?id=1255378
* https://bugzilla.suse.com/show_bug.cgi?id=1255402
* https://bugzilla.suse.com/show_bug.cgi?id=1255595
* https://bugzilla.suse.com/show_bug.cgi?id=1256624
* https://bugzilla.suse.com/show_bug.cgi?id=1256644
* https://bugzilla.suse.com/show_bug.cgi?id=1257118
* https://bugzilla.suse.com/show_bug.cgi?id=1257629



SUSE-SU-2026:1041-1: important: Security update for the Linux Kernel


# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2026:1041-1
Release Date: 2026-03-25T14:13:36Z
Rating: important
References:

* bsc#1226591
* bsc#1241345
* bsc#1243055
* bsc#1245728
* bsc#1249998
* bsc#1251135
* bsc#1251186
* bsc#1251966
* bsc#1251971
* bsc#1252266
* bsc#1252911
* bsc#1252924
* bsc#1253049
* bsc#1254306
* bsc#1254992
* bsc#1255084
* bsc#1256564
* bsc#1256645
* bsc#1256690
* bsc#1256716
* bsc#1257231
* bsc#1257466
* bsc#1257472
* bsc#1257473
* bsc#1257732
* bsc#1257735
* bsc#1257749
* bsc#1257790
* bsc#1257891
* bsc#1257952
* bsc#1258181
* bsc#1258338
* bsc#1258340
* bsc#1258376
* bsc#1258377
* bsc#1258395
* bsc#1258424
* bsc#1258464
* bsc#1258518
* bsc#1258524
* bsc#1258832
* bsc#1258849
* bsc#1258850
* bsc#1258928
* bsc#1259070
* bsc#1259857

Cross-References:

* CVE-2023-53817
* CVE-2024-38542
* CVE-2025-37861
* CVE-2025-39817
* CVE-2025-39964
* CVE-2025-40099
* CVE-2025-40103
* CVE-2025-40253
* CVE-2025-71066
* CVE-2025-71113
* CVE-2025-71231
* CVE-2026-23004
* CVE-2026-23054
* CVE-2026-23060
* CVE-2026-23074
* CVE-2026-23089
* CVE-2026-23111
* CVE-2026-23141
* CVE-2026-23157
* CVE-2026-23191
* CVE-2026-23202
* CVE-2026-23204
* CVE-2026-23207
* CVE-2026-23209
* CVE-2026-23214
* CVE-2026-23268
* CVE-2026-23269

CVSS scores:

* CVE-2023-53817 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-38542 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2024-38542 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2025-37861 ( SUSE ): 5.6
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-37861 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-37861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-39817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39817 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2025-39964 ( SUSE ): 5.8
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-39964 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-39964 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-40099 ( SUSE ): 5.8
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-40099 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2025-40103 ( SUSE ): 4.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-40103 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-40253 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-71113 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-71113 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2025-71231 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-71231 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-71231 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-23004 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23054 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23054 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-23060 ( SUSE ): 7.1
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23060 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-23060 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-23074 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23074 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23074 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23089 ( SUSE ): 5.2
CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23089 ( SUSE ): 5.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-23089 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23111 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23111 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23111 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23141 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23141 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-23141 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-23157 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23157 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-23157 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-23191 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23191 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-23191 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23202 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23202 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23202 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-23204 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-23207 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23207 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-23207 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-23209 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23209 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23214 ( SUSE ): 5.1
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23214 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-23214 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-23268 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23268 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23269 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-23269 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise High Availability Extension 15 SP6
* SUSE Linux Enterprise Live Patching 15-SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves 27 vulnerabilities and has 19 security fixes can now be
installed.

## Description:

The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security
bugfixes.

The following security bugs were fixed:

* CVE-2023-53817: crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui()
(bsc#1254992).
* CVE-2024-38542: RDMA/mana_ib: boundary check before installing cq callbacks
(bsc#1226591).
* CVE-2025-37861: scsi: mpi3mr: Synchronous access b/w reset and tm thread for
reply queue (bsc#1243055).
* CVE-2025-39817: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare
(bsc#1249998).
* CVE-2025-39964: crypto: af_alg - Disallow concurrent writes in
af_alg_sendmsg (bsc#1251966).
* CVE-2025-40099: cifs: parse_dfs_referrals: prevent oob on malformed input
(bsc#1252911).
* CVE-2025-40103: smb: client: Fix refcount leak for cifs_sb_tlink
(bsc#1252924).
* CVE-2025-40253: s390/ctcm: Fix double-kfree (bsc#1255084).
* CVE-2025-71066: net/sched: ets: Always remove class from active list before
deleting in ets_qdisc_change (bsc#1256645).
* CVE-2025-71113: crypto: af_alg - zero initialize memory allocated via
sock_kmalloc (bsc#1256716).
* CVE-2025-71231: crypto: iaa - Fix out-of-bounds index in
find_empty_iaa_compression_mode (bsc#1258424).
* CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and
rt_del_uncached_list() (bsc#1257231).
* CVE-2026-23060: crypto: authencesn - reject too-short AAD (assoclen

Bind and TigerVNC updates for Slackware

Kernel, Bind, Mbed TLS updates for Ubuntu

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...