Util-Linux, CPP-Httplib, Wget2, and more updates for SUSE

SUSE 5528 Published by

Updates have been released for SUSE Linux, addressing various security concerns. The updates include fixes for util-linux and the Linux kernel, which are classified as moderate to important severity. Additionally, security updates have been made available for cpp-httplib, wget2, python-cbor2, and valkey, with valkey receiving a critical update. These updates aim to enhance the security of SUSE Linux systems by patching identified vulnerabilities.

SUSE-SU-2026:0115-1: moderate: Security update for util-linux
openSUSE-SU-2026:0007-1: important: Security update for cpp-httplib
openSUSE-SU-2026:0010-1: important: Security update for wget2
openSUSE-SU-2026:0009-1: moderate: Security update for python-cbor2
openSUSE-SU-2026:20003-1: critical: Security update of valkey
SUSE-SU-2026:0107-1: important: Security update for the Linux Kernel (Live Patch 31 for SUSE Linux Enterprise 15 SP5)
SUSE-SU-2026:0090-1: important: Security update for the Linux Kernel (Live Patch 28 for SUSE Linux Enterprise 15 SP5)




SUSE-SU-2026:0115-1: moderate: Security update for util-linux


# Security update for util-linux

Announcement ID: SUSE-SU-2026:0115-1
Release Date: 2026-01-12T15:03:44Z
Rating: moderate
References:

* bsc#1254666
* jsc#PED-13682

Cross-References:

* CVE-2025-14104

CVSS scores:

* CVE-2025-14104 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-14104 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2025-14104 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H

Affected Products:

* openSUSE Leap 15.6

An update that solves one vulnerability and contains one feature can now be
installed.

## Description:

This update for util-linux fixes the following issues:

* CVE-2025-14104: Fixed heap buffer overread in setpwnam() when processing
256-byte usernames (bsc#1254666).
* lscpu: Add support for NVIDIA Olympus arm64 core (jsc#PED-13682).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-115=1 openSUSE-SLE-15.6-2026-115=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* libmount1-2.39.3-150600.4.15.1
* libblkid-devel-2.39.3-150600.4.15.1
* libfdisk-devel-static-2.39.3-150600.4.15.1
* libuuid-devel-static-2.39.3-150600.4.15.1
* python3-libmount-debuginfo-2.39.3-150600.4.15.1
* libmount1-debuginfo-2.39.3-150600.4.15.1
* libsmartcols-devel-static-2.39.3-150600.4.15.1
* uuidd-2.39.3-150600.4.15.1
* libsmartcols1-2.39.3-150600.4.15.1
* util-linux-systemd-debugsource-2.39.3-150600.4.15.1
* libfdisk1-debuginfo-2.39.3-150600.4.15.1
* libfdisk1-2.39.3-150600.4.15.1
* libsmartcols-devel-2.39.3-150600.4.15.1
* libblkid1-debuginfo-2.39.3-150600.4.15.1
* util-linux-tty-tools-2.39.3-150600.4.15.1
* libblkid-devel-static-2.39.3-150600.4.15.1
* libfdisk-devel-2.39.3-150600.4.15.1
* uuidd-debuginfo-2.39.3-150600.4.15.1
* libuuid-devel-2.39.3-150600.4.15.1
* util-linux-2.39.3-150600.4.15.1
* util-linux-tty-tools-debuginfo-2.39.3-150600.4.15.1
* libmount-devel-static-2.39.3-150600.4.15.1
* libblkid1-2.39.3-150600.4.15.1
* libmount-devel-2.39.3-150600.4.15.1
* util-linux-debuginfo-2.39.3-150600.4.15.1
* util-linux-debugsource-2.39.3-150600.4.15.1
* libuuid1-2.39.3-150600.4.15.1
* util-linux-systemd-2.39.3-150600.4.15.1
* util-linux-systemd-debuginfo-2.39.3-150600.4.15.1
* libsmartcols1-debuginfo-2.39.3-150600.4.15.1
* python3-libmount-2.39.3-150600.4.15.1
* libuuid1-debuginfo-2.39.3-150600.4.15.1
* python-libmount-debugsource-2.39.3-150600.4.15.1
* openSUSE Leap 15.6 (x86_64)
* libblkid1-32bit-debuginfo-2.39.3-150600.4.15.1
* libfdisk1-32bit-debuginfo-2.39.3-150600.4.15.1
* libmount1-32bit-debuginfo-2.39.3-150600.4.15.1
* libsmartcols-devel-32bit-2.39.3-150600.4.15.1
* libuuid-devel-32bit-2.39.3-150600.4.15.1
* libblkid-devel-32bit-2.39.3-150600.4.15.1
* libfdisk-devel-32bit-2.39.3-150600.4.15.1
* libuuid1-32bit-2.39.3-150600.4.15.1
* libsmartcols1-32bit-debuginfo-2.39.3-150600.4.15.1
* libmount1-32bit-2.39.3-150600.4.15.1
* libsmartcols1-32bit-2.39.3-150600.4.15.1
* libuuid1-32bit-debuginfo-2.39.3-150600.4.15.1
* libblkid1-32bit-2.39.3-150600.4.15.1
* libfdisk1-32bit-2.39.3-150600.4.15.1
* libmount-devel-32bit-2.39.3-150600.4.15.1
* openSUSE Leap 15.6 (noarch)
* util-linux-lang-2.39.3-150600.4.15.1
* openSUSE Leap 15.6 (s390x)
* util-linux-extra-debuginfo-2.39.3-150600.4.15.1
* util-linux-extra-2.39.3-150600.4.15.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* libblkid-devel-64bit-2.39.3-150600.4.15.1
* libblkid1-64bit-2.39.3-150600.4.15.1
* libfdisk1-64bit-debuginfo-2.39.3-150600.4.15.1
* libsmartcols1-64bit-2.39.3-150600.4.15.1
* libfdisk-devel-64bit-2.39.3-150600.4.15.1
* libsmartcols1-64bit-debuginfo-2.39.3-150600.4.15.1
* libuuid-devel-64bit-2.39.3-150600.4.15.1
* libuuid1-64bit-2.39.3-150600.4.15.1
* libmount1-64bit-debuginfo-2.39.3-150600.4.15.1
* libfdisk1-64bit-2.39.3-150600.4.15.1
* libmount-devel-64bit-2.39.3-150600.4.15.1
* libmount1-64bit-2.39.3-150600.4.15.1
* libblkid1-64bit-debuginfo-2.39.3-150600.4.15.1
* libsmartcols-devel-64bit-2.39.3-150600.4.15.1
* libuuid1-64bit-debuginfo-2.39.3-150600.4.15.1

## References:

* https://www.suse.com/security/cve/CVE-2025-14104.html
* https://bugzilla.suse.com/show_bug.cgi?id=1254666
* https://jira.suse.com/browse/PED-13682



openSUSE-SU-2026:0007-1: important: Security update for cpp-httplib


openSUSE Security Update: Security update for cpp-httplib
_______________________________

Announcement ID: openSUSE-SU-2026:0007-1
Rating: important
References: #1245414 #1246468 #1246471
Cross-References: CVE-2025-52887 CVE-2025-53628 CVE-2025-53629

CVSS scores:
CVE-2025-52887 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2025-53628 (SUSE): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
CVE-2025-53629 (SUSE): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes three vulnerabilities is now available.

Description:

This update for cpp-httplib fixes the following issues:

- CVE-2025-53629: Fixed that a header can allocate memory arbitrarily in
the server, potentially leading to its exhaustion (boo#1246471)
- CVE-2025-53628: Fixed HTTP header smuggling due to insecure trailers
merge (boo#1246468)
- CVE-2025-52887: Fixed that the number of HTTP header fields was not
limited, which can lead to potential exhaustion of system memory
(boo#1245414)

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-7=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64):

cpp-httplib-devel-0.20.1-bp157.2.3.1
libcpp-httplib0_20-0.20.1-bp157.2.3.1

References:

https://www.suse.com/security/cve/CVE-2025-52887.html
https://www.suse.com/security/cve/CVE-2025-53628.html
https://www.suse.com/security/cve/CVE-2025-53629.html
https://bugzilla.suse.com/1245414
https://bugzilla.suse.com/1246468
https://bugzilla.suse.com/1246471



openSUSE-SU-2026:0010-1: important: Security update for wget2


openSUSE Security Update: Security update for wget2
_______________________________

Announcement ID: openSUSE-SU-2026:0010-1
Rating: important
References: #1255728 #1255729
Cross-References: CVE-2025-69194 CVE-2025-69195
Affected Products:
openSUSE Backports SLE-15-SP6
_______________________________

An update that fixes two vulnerabilities is now available.

Description:

This update for wget2 fixes the following issues:

- Update to release 2.2.1
* Fix file overwrite issue with metalink [CVE-2025-69194 bsc#1255728]
* Fix remote buffer overflow in get_local_filename_real()
[CVE-2025-69195 bsc#1255729]
* Fix a redirect/mirror regression from 400713ca
* Use the local system timestamp when requested via
--no-use-server-timestamps
* Prevent file truncation with --no-clobber
* Improve messages about why URLs are not being followed
* Fix metalink with -O/--output-document
* Fix sorting of metalink mirrors by priority
* Add --show-progress to improve backwards compatibility to wget
* Fix buffer overflow in wget_iri_clone() after wget_iri_set_scheme()
* Allow 'no_' prefix in config options
* Use libnghttp2 for HTTP/2 testing
* Set exit status to 8 on 403 response code
* Fix convert-links
* Fix --server-response for HTTP/1.1

- Update to release 2.2.0
* Don't truncate file when -c and -O are combined
* Don't log URI userinfo to logs
* Fix downloading multiple files via HTTP/2
* Support connecting with HTTP/1.0 proxies
* Ignore 1xx HTTP responses for HTTP/1.1
* Disable TCP Fast Open by default
* Fix segfault when OCSP response is missing
* Add libproxy support

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2026-10=1

Package List:

- openSUSE Backports SLE-15-SP6 (aarch64 i586 ppc64le s390x x86_64):

libwget4-2.2.1-bp156.2.3.1
wget2-2.2.1-bp156.2.3.1
wget2-devel-2.2.1-bp156.2.3.1

References:

https://www.suse.com/security/cve/CVE-2025-69194.html
https://www.suse.com/security/cve/CVE-2025-69195.html
https://bugzilla.suse.com/1255728
https://bugzilla.suse.com/1255729



openSUSE-SU-2026:0009-1: moderate: Security update for python-cbor2


openSUSE Security Update: Security update for python-cbor2
_______________________________

Announcement ID: openSUSE-SU-2026:0009-1
Rating: moderate
References: #1255783
Cross-References: CVE-2025-68131
CVSS scores:
CVE-2025-68131 (SUSE): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes one vulnerability is now available.

Description:

This update for python-cbor2 fixes the following issues:

- CVE-2025-68131: Fixed that a attacker-controlled message can read data
from previously decoded messages if the decoder is reused across trust
boundaries (boo#1255783)

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-9=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64):

python311-cbor2-5.5.1-bp157.2.3.1

References:

https://www.suse.com/security/cve/CVE-2025-68131.html
https://bugzilla.suse.com/1255783



openSUSE-SU-2026:20003-1: critical: Security update of valkey


openSUSE security update: security update of valkey
-------------------------------------------------------------

Announcement ID: openSUSE-SU-2026:20003-1
Rating: critical
References:

* bsc#1250995

Cross-References:

* CVE-2025-46817
* CVE-2025-46818
* CVE-2025-46819
* CVE-2025-49844

CVSS scores:

* CVE-2025-46817 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-46817 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-46818 ( SUSE ): 8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-46818 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-46819 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2025-46819 ( SUSE ): 7.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-49844 ( SUSE ): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2025-49844 ( SUSE ): 9.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Affected Products:

openSUSE Leap 16.0

-------------------------------------------------------------

An update that solves 4 vulnerabilities and has one bug fix can now be installed.

Description:

This update for valkey fixes the following issues:

Update to 8.0.6:

- Security fixes:

- CVE-2025-49844: Fixed that a Lua script may lead to remote code execution (bsc#1250995)
- CVE-2025-46817: Fixed that a Lua script may lead to integer overflow and potential RCE (bsc#1250995)
- CVE-2025-46818: Fixed that a Lua script can be executed in the context of another user (bsc#1250995)
- CVE-2025-46819: Fixed LUA out-of-bound read (bsc#1250995)

- Bug fixes:

* Fix accounting for dual channel RDB bytes in replication stats (#2614)
* Fix EVAL to report unknown error when empty error table is provided (#2229)
* Fix use-after-free when active expiration triggers hashtable to shrink (#2257)
* Fix MEMORY USAGE to account for embedded keys (#2290)
* Fix memory leak when shrinking a hashtable without entries (#2288)
* Prevent potential assertion in active defrag handling large allocations (#2353)
* Prevent bad memory access when NOTOUCH client gets unblocked (#2347)
* Converge divergent shard-id persisted in nodes.conf to primary's shard id (#2174)
* Fix client tracking memory overhead calculation (#2360)
* Fix RDB load per slot memory pre-allocation when loading from RDB snapshot (#2466)
* Don't use AVX2 instructions if the CPU doesn't support it (#2571)
* Fix bug where active defrag may be unable to defrag sparsely filled pages (#2656)

Changes from 8.0.5:

https://github.com/valkey-io/valkey/releases/tag/8.0.5

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-121=1

Package List:

- openSUSE Leap 16.0:

valkey-8.0.6-160000.1.1
valkey-compat-redis-8.0.6-160000.1.1
valkey-devel-8.0.6-160000.1.1

References:

* https://www.suse.com/security/cve/CVE-2025-46817.html
* https://www.suse.com/security/cve/CVE-2025-46818.html
* https://www.suse.com/security/cve/CVE-2025-46819.html
* https://www.suse.com/security/cve/CVE-2025-49844.html



SUSE-SU-2026:0107-1: important: Security update for the Linux Kernel (Live Patch 31 for SUSE Linux Enterprise 15 SP5)


# Security update for the Linux Kernel (Live Patch 31 for SUSE Linux Enterprise
15 SP5)

Announcement ID: SUSE-SU-2026:0107-1
Release Date: 2026-01-12T11:39:58Z
Rating: important
References:

* bsc#1251984

Cross-References:

* CVE-2023-53574

CVSS scores:

* CVE-2023-53574 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53574 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves one vulnerability can now be installed.

## Description:

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.124 fixes one
security issue

The following security issue was fixed:

* CVE-2023-53574: wifi: rtw88: delete timer and free skb queue when unloading
(bsc#1251984).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-112=1 SUSE-2026-113=1 SUSE-2026-107=1
SUSE-2026-108=1 SUSE-2026-100=1 SUSE-2026-109=1 SUSE-2026-101=1 SUSE-2026-110=1
SUSE-2026-102=1 SUSE-2026-103=1 SUSE-2026-104=1 SUSE-2026-105=1 SUSE-2026-111=1

* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-112=1 SUSE-SLE-
Module-Live-Patching-15-SP4-2026-113=1 SUSE-SLE-Module-Live-
Patching-15-SP4-2026-107=1 SUSE-SLE-Module-Live-Patching-15-SP4-2026-108=1 SUSE-
SLE-Module-Live-Patching-15-SP4-2026-100=1 SUSE-SLE-Module-Live-
Patching-15-SP4-2026-109=1 SUSE-SLE-Module-Live-Patching-15-SP4-2026-101=1 SUSE-
SLE-Module-Live-Patching-15-SP4-2026-110=1 SUSE-SLE-Module-Live-
Patching-15-SP4-2026-102=1 SUSE-SLE-Module-Live-Patching-15-SP4-2026-103=1 SUSE-
SLE-Module-Live-Patching-15-SP4-2026-104=1 SUSE-SLE-Module-Live-
Patching-15-SP4-2026-105=1 SUSE-SLE-Module-Live-Patching-15-SP4-2026-111=1

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-98=1 SUSE-2026-97=1 SUSE-2026-114=1

* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-98=1 SUSE-SLE-
Module-Live-Patching-15-SP5-2026-97=1 SUSE-SLE-Module-Live-
Patching-15-SP5-2026-114=1

## Package List:

* openSUSE Leap 15.4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_144-default-debuginfo-18-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_45-debugsource-3-150400.2.1
* kernel-livepatch-5_14_21-150400_24_158-default-debuginfo-11-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_42-debugsource-9-150400.2.1
* kernel-livepatch-5_14_21-150400_24_167-default-debuginfo-10-150400.2.1
* kernel-livepatch-5_14_21-150400_24_147-default-debuginfo-17-150400.2.1
* kernel-livepatch-5_14_21-150400_24_161-default-debuginfo-11-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_40-debugsource-11-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_38-debugsource-11-150400.2.1
* kernel-livepatch-5_14_21-150400_24_179-default-3-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_35-debugsource-17-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_37-debugsource-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_164-default-11-150400.2.1
* kernel-livepatch-5_14_21-150400_24_161-default-11-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_44-debugsource-5-150400.2.1
* kernel-livepatch-5_14_21-150400_24_153-default-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_170-default-9-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_43-debugsource-6-150400.2.1
* kernel-livepatch-5_14_21-150400_24_176-default-5-150400.2.1
* kernel-livepatch-5_14_21-150400_24_141-default-19-150400.2.1
* kernel-livepatch-5_14_21-150400_24_141-default-debuginfo-19-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_34-debugsource-18-150400.2.1
* kernel-livepatch-5_14_21-150400_24_144-default-18-150400.2.1
* kernel-livepatch-5_14_21-150400_24_153-default-debuginfo-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_150-default-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_158-default-11-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_39-debugsource-11-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_36-debugsource-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_170-default-debuginfo-9-150400.2.1
* kernel-livepatch-5_14_21-150400_24_150-default-debuginfo-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_164-default-debuginfo-11-150400.2.1
* kernel-livepatch-5_14_21-150400_24_176-default-debuginfo-5-150400.2.1
* kernel-livepatch-5_14_21-150400_24_147-default-17-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_41-debugsource-10-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_33-debugsource-19-150400.2.1
* kernel-livepatch-5_14_21-150400_24_173-default-6-150400.2.1
* kernel-livepatch-5_14_21-150400_24_173-default-debuginfo-6-150400.2.1
* kernel-livepatch-5_14_21-150400_24_179-default-debuginfo-3-150400.2.1
* kernel-livepatch-5_14_21-150400_24_167-default-10-150400.2.1
* SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_144-default-debuginfo-18-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_45-debugsource-3-150400.2.1
* kernel-livepatch-5_14_21-150400_24_158-default-debuginfo-11-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_42-debugsource-9-150400.2.1
* kernel-livepatch-5_14_21-150400_24_167-default-debuginfo-10-150400.2.1
* kernel-livepatch-5_14_21-150400_24_147-default-debuginfo-17-150400.2.1
* kernel-livepatch-5_14_21-150400_24_161-default-debuginfo-11-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_40-debugsource-11-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_38-debugsource-11-150400.2.1
* kernel-livepatch-5_14_21-150400_24_179-default-3-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_35-debugsource-17-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_37-debugsource-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_164-default-11-150400.2.1
* kernel-livepatch-5_14_21-150400_24_161-default-11-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_44-debugsource-5-150400.2.1
* kernel-livepatch-5_14_21-150400_24_153-default-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_170-default-9-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_43-debugsource-6-150400.2.1
* kernel-livepatch-5_14_21-150400_24_176-default-5-150400.2.1
* kernel-livepatch-5_14_21-150400_24_141-default-19-150400.2.1
* kernel-livepatch-5_14_21-150400_24_141-default-debuginfo-19-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_34-debugsource-18-150400.2.1
* kernel-livepatch-5_14_21-150400_24_144-default-18-150400.2.1
* kernel-livepatch-5_14_21-150400_24_153-default-debuginfo-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_150-default-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_158-default-11-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_39-debugsource-11-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_36-debugsource-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_170-default-debuginfo-9-150400.2.1
* kernel-livepatch-5_14_21-150400_24_150-default-debuginfo-12-150400.2.1
* kernel-livepatch-5_14_21-150400_24_164-default-debuginfo-11-150400.2.1
* kernel-livepatch-5_14_21-150400_24_176-default-debuginfo-5-150400.2.1
* kernel-livepatch-5_14_21-150400_24_147-default-17-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_41-debugsource-10-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_33-debugsource-19-150400.2.1
* kernel-livepatch-5_14_21-150400_24_173-default-6-150400.2.1
* kernel-livepatch-5_14_21-150400_24_173-default-debuginfo-6-150400.2.1
* kernel-livepatch-5_14_21-150400_24_179-default-debuginfo-3-150400.2.1
* kernel-livepatch-5_14_21-150400_24_167-default-10-150400.2.1
* openSUSE Leap 15.5 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP5_Update_31-debugsource-2-150500.2.1
* kernel-livepatch-5_14_21-150500_55_121-default-debuginfo-4-150500.2.1
* kernel-livepatch-5_14_21-150500_55_116-default-7-150500.2.1
* kernel-livepatch-5_14_21-150500_55_124-default-debuginfo-2-150500.2.1
* kernel-livepatch-5_14_21-150500_55_121-default-4-150500.2.1
* kernel-livepatch-5_14_21-150500_55_124-default-2-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_30-debugsource-4-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_29-debugsource-7-150500.2.1
* kernel-livepatch-5_14_21-150500_55_116-default-debuginfo-7-150500.2.1
* SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP5_Update_31-debugsource-2-150500.2.1
* kernel-livepatch-5_14_21-150500_55_121-default-debuginfo-4-150500.2.1
* kernel-livepatch-5_14_21-150500_55_116-default-7-150500.2.1
* kernel-livepatch-5_14_21-150500_55_124-default-debuginfo-2-150500.2.1
* kernel-livepatch-5_14_21-150500_55_121-default-4-150500.2.1
* kernel-livepatch-5_14_21-150500_55_124-default-2-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_30-debugsource-4-150500.2.1
* kernel-livepatch-5_14_21-150500_55_116-default-debuginfo-7-150500.2.1
* SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x)
* kernel-livepatch-SLE15-SP5_Update_29-debugsource-7-150500.2.1

## References:

* https://www.suse.com/security/cve/CVE-2023-53574.html
* https://bugzilla.suse.com/show_bug.cgi?id=1251984



SUSE-SU-2026:0090-1: important: Security update for the Linux Kernel (Live Patch 28 for SUSE Linux Enterprise 15 SP5)


# Security update for the Linux Kernel (Live Patch 28 for SUSE Linux Enterprise
15 SP5)

Announcement ID: SUSE-SU-2026:0090-1
Release Date: 2026-01-12T11:05:02Z
Rating: important
References:

* bsc#1246189
* bsc#1251984

Cross-References:

* CVE-2023-53574
* CVE-2025-38257

CVSS scores:

* CVE-2023-53574 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53574 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38257 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38257 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38257 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves two vulnerabilities can now be installed.

## Description:

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.113 fixes
various security issues

The following security issues were fixed:

* CVE-2023-53574: wifi: rtw88: delete timer and free skb queue when unloading
(bsc#1251984).
* CVE-2025-38257: s390/pkey: prevent overflow in size calculation for
memdup_user() (bsc#1246189).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-93=1 SUSE-2026-94=1 SUSE-2026-106=1 SUSE-2026-95=1
SUSE-2026-96=1 SUSE-2026-90=1 SUSE-2026-91=1 SUSE-2026-92=1

* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-93=1 SUSE-SLE-
Module-Live-Patching-15-SP5-2026-94=1 SUSE-SLE-Module-Live-
Patching-15-SP5-2026-106=1 SUSE-SLE-Module-Live-Patching-15-SP5-2026-95=1 SUSE-
SLE-Module-Live-Patching-15-SP5-2026-96=1 SUSE-SLE-Module-Live-
Patching-15-SP5-2026-90=1 SUSE-SLE-Module-Live-Patching-15-SP5-2026-91=1 SUSE-
SLE-Module-Live-Patching-15-SP5-2026-92=1

## Package List:

* openSUSE Leap 15.5 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP5_Update_24-debugsource-12-150500.2.1
* kernel-livepatch-5_14_21-150500_55_94-default-12-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_22-debugsource-16-150500.2.1
* kernel-livepatch-5_14_21-150500_55_88-default-debuginfo-16-150500.2.1
* kernel-livepatch-5_14_21-150500_55_91-default-debuginfo-16-150500.2.1
* kernel-livepatch-5_14_21-150500_55_91-default-16-150500.2.1
* kernel-livepatch-5_14_21-150500_55_110-default-debuginfo-10-150500.2.1
* kernel-livepatch-5_14_21-150500_55_97-default-12-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_27-debugsource-10-150500.2.1
* kernel-livepatch-5_14_21-150500_55_103-default-debuginfo-11-150500.2.1
* kernel-livepatch-5_14_21-150500_55_97-default-debuginfo-12-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_28-debugsource-9-150500.2.1
* kernel-livepatch-5_14_21-150500_55_94-default-debuginfo-12-150500.2.1
* kernel-livepatch-5_14_21-150500_55_88-default-16-150500.2.1
* kernel-livepatch-5_14_21-150500_55_110-default-10-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_26-debugsource-11-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_23-debugsource-12-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_25-debugsource-11-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_21-debugsource-16-150500.2.1
* kernel-livepatch-5_14_21-150500_55_103-default-11-150500.2.1
* kernel-livepatch-5_14_21-150500_55_113-default-9-150500.2.1
* kernel-livepatch-5_14_21-150500_55_113-default-debuginfo-9-150500.2.1
* kernel-livepatch-5_14_21-150500_55_100-default-debuginfo-11-150500.2.1
* kernel-livepatch-5_14_21-150500_55_100-default-11-150500.2.1
* SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP5_Update_24-debugsource-12-150500.2.1
* kernel-livepatch-5_14_21-150500_55_94-default-12-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_22-debugsource-16-150500.2.1
* kernel-livepatch-5_14_21-150500_55_88-default-debuginfo-16-150500.2.1
* kernel-livepatch-5_14_21-150500_55_91-default-debuginfo-16-150500.2.1
* kernel-livepatch-5_14_21-150500_55_91-default-16-150500.2.1
* kernel-livepatch-5_14_21-150500_55_110-default-debuginfo-10-150500.2.1
* kernel-livepatch-5_14_21-150500_55_97-default-12-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_27-debugsource-10-150500.2.1
* kernel-livepatch-5_14_21-150500_55_103-default-debuginfo-11-150500.2.1
* kernel-livepatch-5_14_21-150500_55_97-default-debuginfo-12-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_28-debugsource-9-150500.2.1
* kernel-livepatch-5_14_21-150500_55_94-default-debuginfo-12-150500.2.1
* kernel-livepatch-5_14_21-150500_55_88-default-16-150500.2.1
* kernel-livepatch-5_14_21-150500_55_110-default-10-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_26-debugsource-11-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_23-debugsource-12-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_25-debugsource-11-150500.2.1
* kernel-livepatch-SLE15-SP5_Update_21-debugsource-16-150500.2.1
* kernel-livepatch-5_14_21-150500_55_103-default-11-150500.2.1
* kernel-livepatch-5_14_21-150500_55_113-default-9-150500.2.1
* kernel-livepatch-5_14_21-150500_55_113-default-debuginfo-9-150500.2.1
* kernel-livepatch-5_14_21-150500_55_100-default-debuginfo-11-150500.2.1
* kernel-livepatch-5_14_21-150500_55_100-default-11-150500.2.1

## References:

* https://www.suse.com/security/cve/CVE-2023-53574.html
* https://www.suse.com/security/cve/CVE-2025-38257.html
* https://bugzilla.suse.com/show_bug.cgi?id=1246189
* https://bugzilla.suse.com/show_bug.cgi?id=1251984


Libsoup, Kernel, Podman, and more updates for Oracle

Libtasn1, Python, PHP, urlib3 updates for Ubuntu

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...