Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 493
Alerts This Week
Warning Icon 1 493

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 9,991 articles for you...
202

openSUSE Kernel Important Security Fixes Advisory 2026-2945-1

An update that solves 24 vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP7) Announcement ID: SUSE-SU-2026:2945-1 Release Date: 2026-07-14T06:15:48Z Rating: important References: * bsc#1260524 * bsc#1262759 * bsc#1263094 * bsc#1263118 * bsc#1263177 * bsc#1263670 * bsc#1264094 * bsc#1264252 * bsc#1264253 * bsc#1264567 * bsc#1264849 * bsc#1265117 * bsc#1265127 * bsc#1265197 * bsc#1265945 * bsc#1266015 * bsc#1266265 * bsc#1267206 * bsc#1267698 * bsc#1267723 * bsc#1267893 * bsc#1268662 * bsc#1269023 * bsc#1269495 Cross-References: * CVE-2026-23393 * CVE-2026-31505 * CVE-2026-31533 * CVE-2026-31570 * CVE-2026-31586 * CVE-2026-31685 * CVE-2026-31758 * CVE-2026-43025 * CVE-2026-43027 * CVE-2026-43037 * CVE-2026-43120 * CVE-2026-43190 * CVE-2026-43366 * CVE-2026-43437 * CVE-2026-43494 * CVE-2026-43501 * CVE-2026-45970 * CVE-2026-46120 * CVE-2026-46173 * CVE-2026-46227 * CVE-2026-46243 * CVE-2026-52909 * CVE-2026-52943 * CVE-2026-53362 CVSS scores: * CVE-2026-23393 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23393 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31505 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31533 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:N/SA:N * CVE-2026-31570 (SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31586 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31685 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31685 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31685 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31758 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31758 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31758 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-43027 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43027 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43120 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43190 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43190 ( SUSE ): 8.2CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43190 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43366 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43366 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43366 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43437 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43437 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43494 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43501 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43501 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43501 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43501 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45970 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46120 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46227 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-52909 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-52909 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-52909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-52943 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-52943 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-52943 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-52943 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-53362 ( SUSE ): 9.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-53362 ( SUSE ): 8.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves 24 vulnerabilities can now be installed. ## Description: This update for the SUSE LinuxEnterprise Kernel 6.4.0-150700.53.34 fixes various security issues The following security issues were fixed: * CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260524). * CVE-2026-31505: iavf: fix out-of-bounds writes in iavf_get_ethtool_stats() (bsc#1263094). * CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (bsc#1262759). * CVE-2026-31570: can: gw: fix OOB heap access in cgw_csum_crc8_rel() (bsc#1263118). * CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (bsc#1263177). * CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263670). * CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmc_release (bsc#1264094). * CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new expectations (bsc#1264253). * CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect cleanup (bsc#1264252). * CVE-2026-43037: ip6_tunnel: clear skb2-> cb[] in ip4ip6_err() (bsc#1265197). * CVE-2026-43120: RDMA/irdma: Fix double free related to rereg_user_mr (bsc#1264567). * CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264849). * CVE-2026-43366: io_uring/kbuf: check if target buffer list is still legacy on recycle (bsc#1265117). * CVE-2026-43437: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (bsc#1265127). * CVE-2026-43494: RDS zerocopy attack aka PinTheft (bsc#1265945). * CVE-2026-43501: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (bsc#1266015). * CVE-2026-45970: bonding: alb: fix UAF in rlb_arp_recv during bond up/down (bsc#1267206). * CVE-2026-46120: ip6_gre: Use cached t-> net in ip6erspan_changelink() (bsc#1267893). * CVE-2026-46173: exit: prevent preemption of oopsing TASK_DEAD task (bsc#1267723). * CVE-2026-46227: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (bsc#1267698). * CVE-2026-46243: smb: client: reject userspace cifs.spnego descriptions (CIFSwitch) (bsc#1266265). * CVE-2026-52909: ip6_vti: set netns_immutable on the fallback device (bsc#1268662). * CVE-2026-52943: net: skbuff: fix missing zerocopy reference in pskb_carve helpers (bsc#1269023). * CVE-2026-53362: ipv6: account for fraggap on the paged allocation path (bsc#1269495). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-2946=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2945=1 SUSE-2026-2944=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-2944=1 SUSE-SLE- Module-Live-Patching-15-SP6-2026-2945=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_25-debugsource-3-150600.2.2 * kernel-livepatch-6_4_0-150600_23_103-default-4-150600.2.2 * kernel-livepatch-6_4_0-150600_23_109-default-debuginfo-3-150600.2.2 * kernel-livepatch-6_4_0-150600_23_109-default-3-150600.2.2 * kernel-livepatch-6_4_0-150600_23_103-default-debuginfo-4-150600.2.2 * kernel-livepatch-SLE15-SP6_Update_24-debugsource-4-150600.2.2 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_25-debugsource-3-150600.2.2 * kernel-livepatch-6_4_0-150600_23_103-default-4-150600.2.2 * kernel-livepatch-6_4_0-150600_23_109-default-debuginfo-3-150600.2.2 * kernel-livepatch-6_4_0-150600_23_109-default-3-150600.2.2 * kernel-livepatch-6_4_0-150600_23_103-default-debuginfo-4-150600.2.2 * kernel-livepatch-SLE15-SP6_Update_24-debugsource-4-150600.2.2 * SUSE Linux Enterprise Live Patching 15-SP7 (ppc64le s390x x86_64) *kernel-livepatch-6_4_0-150700_53_34-default-6-150700.2.2 * kernel-livepatch-6_4_0-150700_53_34-default-debuginfo-6-150700.2.2 * kernel-livepatch-SLE15-SP7_Update_10-debugsource-6-150700.2.2 ## References: * https://www.suse.com/security/cve/CVE-2026-23393.html * https://www.suse.com/security/cve/CVE-2026-31505.html * https://www.suse.com/security/cve/CVE-2026-31533.html * https://www.suse.com/security/cve/CVE-2026-31570.html * https://www.suse.com/security/cve/CVE-2026-31586.html * https://www.suse.com/security/cve/CVE-2026-31685.html * https://www.suse.com/security/cve/CVE-2026-31758.html * https://www.suse.com/security/cve/CVE-2026-43025.html * https://www.suse.com/security/cve/CVE-2026-43027.html * https://www.suse.com/security/cve/CVE-2026-43037.html * https://www.suse.com/security/cve/CVE-2026-43120.html * https://www.suse.com/security/cve/CVE-2026-43190.html * https://www.suse.com/security/cve/CVE-2026-43366.html * https://www.suse.com/security/cve/CVE-2026-43437.html * https://www.suse.com/security/cve/CVE-2026-43494.html * https://www.suse.com/security/cve/CVE-2026-43501.html * https://www.suse.com/security/cve/CVE-2026-45970.html * https://www.suse.com/security/cve/CVE-2026-46120.html * https://www.suse.com/security/cve/CVE-2026-46173.html * https://www.suse.com/security/cve/CVE-2026-46227.html * https://www.suse.com/security/cve/CVE-2026-46243.html * https://www.suse.com/security/cve/CVE-2026-52909.html * https://www.suse.com/security/cve/CVE-2026-52943.html * https://www.suse.com/security/cve/CVE-2026-53362.html * https://bugzilla.suse.com/show_bug.cgi?id=1260524 * https://bugzilla.suse.com/show_bug.cgi?id=1262759 * https://bugzilla.suse.com/show_bug.cgi?id=1263094 * https://bugzilla.suse.com/show_bug.cgi?id=1263118 * https://bugzilla.suse.com/show_bug.cgi?id=1263177 * https://bugzilla.suse.com/show_bug.cgi?id=1263670 * https://bugzilla.suse.com/show_bug.cgi?id=1264094 * https://bugzilla.suse.com/show_bug.cgi?id=1264252 *https://bugzilla.suse.com/show_bug.cgi?id=1264253 * https://bugzilla.suse.com/show_bug.cgi?id=1264567 * https://bugzilla.suse.com/show_bug.cgi?id=1264849 * https://bugzilla.suse.com/show_bug.cgi?id=1265117 * https://bugzilla.suse.com/show_bug.cgi?id=1265127 * https://bugzilla.suse.com/show_bug.cgi?id=1265197 * https://bugzilla.suse.com/show_bug.cgi?id=1265945 * https://bugzilla.suse.com/show_bug.cgi?id=1266015 * https://bugzilla.suse.com/show_bug.cgi?id=1266265 * https://bugzilla.suse.com/show_bug.cgi?id=1267206 * https://bugzilla.suse.com/show_bug.cgi?id=1267698 * https://bugzilla.suse.com/show_bug.cgi?id=1267723 * https://bugzilla.suse.com/show_bug.cgi?id=1267893 * https://bugzilla.suse.com/show_bug.cgi?id=1268662 * https://bugzilla.suse.com/show_bug.cgi?id=1269023 * https://bugzilla.suse.com/show_bug.cgi?id=1269495 . An important update for openSUSE addresses 24 security issues to enhance system protection against exploits.. openSUSE Kernel Patch, Important Update, Linux Security Fix. . LinuxSecurity.com Team

Calendar%202 Jul 14, 2026 OpenSUSE
172

Ubuntu 26.04 OpenVPN Critical Security Issues CVE-2026-11771

Several security issues were fixed in OpenVPN.. ========================================================================== Ubuntu Security Notice USN-8540-1 July 14, 2026 openvpn vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Several security issues were fixed in OpenVPN. Software Description: - openvpn: virtual private network software Details: It was discovered that OpenVPN had a 1-byte buffer overrun when handling NTLMv2 proxy responses. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 24.04 LTS and Ubuntu 26.04 LTS. (CVE-2026-11771) It was discovered that OpenVPN incorrectly handled metadata when extracting tls-crypt-v2 client keys. An attacker could possibly use this issue to obtain sensitive information. (CVE-2026-12932) It was discovered that OpenVPN had a use-after-free in the ack_write_buf handling. An attacker could use this issue to cause OpenVPN to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2026-12996) It was discovered that OpenVPN had a use-after-free in the tls_wrap_reneg handling. An attacker could use this issue to cause OpenVPN to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 24.04 LTS and Ubuntu 26.04 LTS. (CVE-2026-13117) It was discovered that OpenVPN incorrectly validated authentication tokens when external authentication was enabled. A remote attacker could possibly use this issue to cause OpenVPN to crash, resulting in a denial of service. This issue only affected Ubuntu 24.04 LTS and Ubuntu 26.04 LTS. (CVE-2026-13122) It was discovered that OpenVPN had a memory leak when handling tls-crypt-v2 client keys. A remote attacker with a valid tls-crypt-v2 client key could possibly use this issue to cause OpenVPN to consumeexcessive resources, leading to a denial of service. (CVE-2026-13698) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS openvpn 2.7.0-1ubuntu1.2 Ubuntu 24.04 LTS openvpn 2.6.19-0ubuntu0.24.04.3 Ubuntu 22.04 LTS openvpn 2.5.11-0ubuntu0.22.04.4 After a standard system update you need to restart OpenVPN to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8540-1 CVE-2026-11771, CVE-2026-12932, CVE-2026-12996, CVE-2026-13117, CVE-2026-13122, CVE-2026-13698 Package Information: https://launchpad.net/ubuntu/+source/openvpn/2.7.0-1ubuntu1.2 https://launchpad.net/ubuntu/+source/openvpn/2.6.19-0ubuntu0.24.04.3 https://launchpad.net/ubuntu/+source/openvpn/2.5.11-0ubuntu0.22.04.4 . OpenVPN fixes critical security issues in Ubuntu with potential code execution and denial of service risks. Prompt updates are advisable.. OpenVPN security update, Ubuntu vulnerability fix, critical advisory 2026, denial of service risk. . LinuxSecurity.com Team

Calendar%202 Jul 14, 2026 Ubuntu
217

Oracle Linux 9 Podman Important ELSA-2026-38878 CVE-2026-39822

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-38878 http://linux.oracle.com/errata/ELSA-2026-38878.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: podman-5.8.2-5.0.1.el9_8.x86_64.rpm podman-docker-5.8.2-5.0.1.el9_8.noarch.rpm podman-plugins-5.8.2-5.0.1.el9_8.x86_64.rpm podman-remote-5.8.2-5.0.1.el9_8.x86_64.rpm podman-tests-5.8.2-5.0.1.el9_8.x86_64.rpm aarch64: podman-5.8.2-5.0.1.el9_8.aarch64.rpm podman-docker-5.8.2-5.0.1.el9_8.noarch.rpm podman-plugins-5.8.2-5.0.1.el9_8.aarch64.rpm podman-remote-5.8.2-5.0.1.el9_8.aarch64.rpm podman-tests-5.8.2-5.0.1.el9_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/podman-5.8.2-5.0.1.el9_8.src.rpm Related CVEs: CVE-2026-39822 Description of changes: [5.8.2-5.0.1] - Rework CNI/Netavark detection logic [JIRA: EVG-3769] - Rebuild on new golang to support experimental GODEBUG fipsnoenforceems - Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117404] [6:5.8.2-5] - rebuild for CVE-2026-39822 - Resolves: RHEL-193646 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 9 updates for podman address critical security issues and enhance performance. Stay protected with the latest fixes.. Oracle Linux updates, podman security, software patching, system vulnerabilities, risk assessment. . LinuxSecurity.com Team

Calendar%202 Jul 14, 2026 Oracle
217

Oracle 9 perl-DBI Important Buffer Overflow Fix ELSA-2026-38512

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-38512 http://linux.oracle.com/errata/ELSA-2026-38512.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: perl-DBI-1.643-9.el9_8.1.x86_64.rpm aarch64: perl-DBI-1.643-9.el9_8.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/perl-DBI-1.643-9.el9_8.1.src.rpm Related CVEs: CVE-2026-9698 Description of changes: [1.643-9.1] - Fix possible stack overflow and buffer overflow in DBI.xs (CVE-2026-9698) - Resolves: RHEL-184984 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Updates for Oracle Linux 9 include critical fixes for perl-DBI to mitigate buffer overflows and enhance security.. Oracle Linux, perl-DBI security, important updates, buffer overflow, stack overflow. . LinuxSecurity.com Team

Calendar%202 Jul 14, 2026 Oracle
217

Oracle Linux 9 ELSA-2026-38511 vim Important Code Injection

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-38511 http://linux.oracle.com/errata/ELSA-2026-38511.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: vim-X11-8.2.2637-26.0.1.el9_8.10.x86_64.rpm vim-common-8.2.2637-26.0.1.el9_8.10.x86_64.rpm vim-enhanced-8.2.2637-26.0.1.el9_8.10.x86_64.rpm vim-filesystem-8.2.2637-26.0.1.el9_8.10.noarch.rpm vim-minimal-8.2.2637-26.0.1.el9_8.10.x86_64.rpm aarch64: vim-X11-8.2.2637-26.0.1.el9_8.10.aarch64.rpm vim-common-8.2.2637-26.0.1.el9_8.10.aarch64.rpm vim-enhanced-8.2.2637-26.0.1.el9_8.10.aarch64.rpm vim-filesystem-8.2.2637-26.0.1.el9_8.10.noarch.rpm vim-minimal-8.2.2637-26.0.1.el9_8.10.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/vim-8.2.2637-26.0.1.el9_8.10.src.rpm Related CVEs: CVE-2026-46483 CVE-2026-47162 CVE-2026-47167 CVE-2026-52858 Description of changes: [8.2.2637-26.0.1.el9_8.10] - Remove upstream references [Orabug: 31197557] [2:8.2.2637-26.10] - RHEL-186659 CVE-2026-47162 vim: code injection via NetrwBookHistSave() [2:8.2.2637-26.9] - RHEL-186646 CVE-2026-52858 vim: possible code execution with python3complete [2:8.2.2637-26.8] - RHEL-185874 CVE-2026-47167 vim: Code Injection in cucumber filetype plugin [2:8.2.2637-26.7] - RHEL-178243 CVE-2026-46483 vim: command injection in tar plugin [2:8.2.2637-26.6] - CVE-2026-41411 vim: Command injection via backticks in tag files [2:8.2.2637-26.5] - RHEL-170136 CVE-2026-35177 vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass [2:8.2.2637-26.4] - Resolves: RHEL-164966 vim: arbitrary command execution via modeline sandbox bypass [2:8.2.2637-26.3] - Related: RHEL-159630 rebuild to build with exception target [2:8.2.2637-26.2] - remove -O0 from flags _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata .Important security advisory for Oracle Linux 9 addressing critical code injection issues in vim and providing vital updates.. Oracle Linux Security, vim Security Update, Important Advisory, Code Injection Vulnerability. . LinuxSecurity.com Team

Calendar%202 Jul 14, 2026 Oracle
217

Oracle Linux 9 ELSA-2026-38498 Important OpenEXR Security Fix

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-38498 http://linux.oracle.com/errata/ELSA-2026-38498.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: openexr-3.1.1-3.el9_8.3.x86_64.rpm openexr-devel-3.1.1-3.el9_8.3.i686.rpm openexr-devel-3.1.1-3.el9_8.3.x86_64.rpm openexr-libs-3.1.1-3.el9_8.3.i686.rpm openexr-libs-3.1.1-3.el9_8.3.x86_64.rpm aarch64: openexr-3.1.1-3.el9_8.3.aarch64.rpm openexr-devel-3.1.1-3.el9_8.3.aarch64.rpm openexr-libs-3.1.1-3.el9_8.3.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/openexr-3.1.1-3.el9_8.3.src.rpm Related CVEs: CVE-2026-41142 CVE-2026-42216 Description of changes: [3.1.1-3.3] - fix CVE-2026-41142 - fix CVE-2026-42216 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Critical update for Oracle Linux addresses important security vulnerabilities in OpenEXR packages, enhancing system safety.. Oracle Linux, OpenEXR, Important Update, CVE Fixes, Security Advisory. . LinuxSecurity.com Team

Calendar%202 Jul 14, 2026 Oracle
217

Oracle Linux 9 gimp Important DoS Fix ELSA-2026-38496 CVE-2026-58379

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-38496 http://linux.oracle.com/errata/ELSA-2026-38496.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: gimp-3.0.4-4.el9_8.5.x86_64.rpm gimp-libs-3.0.4-4.el9_8.5.i686.rpm gimp-libs-3.0.4-4.el9_8.5.x86_64.rpm aarch64: gimp-3.0.4-4.el9_8.5.aarch64.rpm gimp-libs-3.0.4-4.el9_8.5.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/gimp-3.0.4-4.el9_8.5.src.rpm Related CVEs: CVE-2026-58379 Description of changes: [2:3.0.4-4.5] - fix CVE-2026-58379 - Resolves: RHEL-192170 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Updated Oracle Linux 9 rpms available for gimp addressing CVE-2026-58379 to enhance system security and stability.. Oracle Linux, gimp, security advisory, important update, CVE-2026-58379. . LinuxSecurity.com Team

Calendar%202 Jul 14, 2026 Oracle
217

Oracle Linux 9 buildah Key CVE-2026-39822 Security Notice ELSA-2026-38493

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-38493 http://linux.oracle.com/errata/ELSA-2026-38493.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: buildah-1.43.1-4.0.1.el9_8.x86_64.rpm buildah-tests-1.43.1-4.0.1.el9_8.x86_64.rpm aarch64: buildah-1.43.1-4.0.1.el9_8.aarch64.rpm buildah-tests-1.43.1-4.0.1.el9_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/buildah-1.43.1-4.0.1.el9_8.src.rpm Related CVEs: CVE-2026-39822 Description of changes: [1.43.1-4.0.1] - Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117178] [2:1.43.1-4] - rebuild for CVE-2026-39822 - Resolves: RHEL-193645 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Critical update available for buildah on Oracle Linux addressing important security issues related to CVE-2026-39822.. Oracle Linux, buildah, security update, system patching. . LinuxSecurity.com Team

Calendar%202 Jul 14, 2026 Oracle
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200