SLES 15

SLES 15 — libavif16 — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libavif16 — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:03237-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-6351 CVE-2023-6350 CVE-2025-48174 CVE-2025-48175 Upstream summary: Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap […]

Read more
SLES 15 — cloud-init — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — cloud-init — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2025:10848 (see also SUSE bugzilla) Related CVEs: CVE-2024-6174 CVE-2020-8631 CVE-2020-8632 CVE-2024-11584 CVE-2021-3429 CVE-2022-2084 CVE-2023-1786 CVE-2019-0816 Upstream summary: When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with […]

Read more
SLES 15 — dnsdist — multiple vulnerabilities (15 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — dnsdist — multiple vulnerabilities (15 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:0888-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-8671 CVE-2025-30193 CVE-2025-30194 CVE-2024-25581 CVE-2016-7069 CVE-2026-24028 CVE-2026-24029 CVE-2026-24030  +7 more Upstream summary: A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the […]

Read more
SLES 15 — alloy — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — alloy — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:0327-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-68156 CVE-2025-47913 CVE-2025-11065 CVE-2025-58058 Upstream summary: Expr is an expression language and expression evaluation for Go. Prior to version 1.17.7, several builtin functions in Expr, […]

Read more
SLES 15 — ucode-intel — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — ucode-intel — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:03052-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-20053 CVE-2025-20109 CVE-2025-22839 CVE-2025-22840 CVE-2025-22889 CVE-2025-26403 CVE-2025-32086 CVE-2024-21820  +12 more Upstream summary: Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may […]

Read more
SLES 15 — gdm — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — gdm — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-RU-2025:20479-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-6018 CVE-2020-16125 CVE-2011-1709 CVE-2017-12164 CVE-2018-14424 CVE-2019-3825 CVE-2020-27837 CVE-2015-7496 Upstream summary: A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication […]

Read more
SLES 15 — python312 — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — python312 — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:10978 (see also SUSE bugzilla) Related CVEs: CVE-2024-12254 CVE-2024-4030 CVE-2023-6507 Upstream summary: Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not "pause" writing and signal to the Protocol to drain the buffer […]

Read more
SLES 15 — openssl — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — openssl — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:1472 (see also SUSE bugzilla) Related CVEs: CVE-2025-15467 CVE-2021-3711 CVE-2026-28388 CVE-2026-31789 CVE-2025-9230 CVE-2024-12797 CVE-2024-9143 CVE-2024-41996  +12 more Upstream summary: Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters […]

Read more
SLES 15 — libmysofa1 — multiple vulnerabilities (15 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libmysofa1 — multiple vulnerabilities (15 CVEs) — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2019-10672 CVE-2019-16092 CVE-2019-16093 CVE-2021-3756 CVE-2019-16091 CVE-2019-16094 CVE-2019-16095 CVE-2019-20063  +7 more Upstream summary: treeRead in hdf/btree.c in libmysofa before 0.7 does not properly validate multiplications and […]

Read more
SLES 15 — openvpn — multiple vulnerabilities (15 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — openvpn — multiple vulnerabilities (15 CVEs) — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2023-46850 CVE-2025-13086 CVE-2022-0547 CVE-2017-7521 CVE-2017-7522 CVE-2025-2704 CVE-2024-5594 CVE-2024-28882  +7 more Upstream summary: Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined […]

Read more
CHAT