SLES 15

SLES 15 — libaudit1 — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libaudit1 — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2020:858-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-5186 Upstream summary: Audit before 2.4.4 in Linux does not sanitize escape characters in filenames. Table of contents Symptom & Impact Environment & Reproduction Root […]

Read more
SLES 15 — libcgroup1 — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libcgroup1 — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:2142-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-14348 Upstream summary: libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information. Table […]

Read more
SLES 15 — perl-LWP-Protocol-https — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — perl-LWP-Protocol-https — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2014-3230 Upstream summary: The libwww-perl LWP::Protocol::https module 6.04 through 6.06 for Perl, when using IO::Socket::SSL as the SSL socket class, allows attackers to disable server […]

Read more
SLES 15 — ppc64-diag — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — ppc64-diag — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:0928-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-4038 CVE-2014-4039 Upstream summary: ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to (1) rtas_errd/diag_support.c and /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc […]

Read more
SLES 15 — python2-cryptography — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — python2-cryptography — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2019:740-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-10903 CVE-2020-36242 CVE-2023-49083 CVE-2023-23931 CVE-2020-25659 Upstream summary: A flaw was found in python-cryptography versions between >=1.9.0 and <2.3. The finalize_with_tag API did not enforce a […]

Read more
SLES 15 — rpcbind — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — rpcbind — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:1306-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-8779 CVE-2015-7236 Upstream summary: rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data […]

Read more
SLES 15 — sane-backends — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — sane-backends — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:3065-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-12861 CVE-2020-12862 CVE-2020-12863 CVE-2020-12864 CVE-2020-12865 CVE-2020-12866 CVE-2020-12867 CVE-2017-6318 Upstream summary: A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to […]

Read more
SLES 15 — stunnel — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — stunnel — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2013:0709-1 (see also SUSE bugzilla) Related CVEs: CVE-2013-1762 CVE-2021-20230 CVE-2015-3644 CVE-2011-2940 CVE-2014-0016 Upstream summary: stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer […]

Read more
SLES 15 — qpdf — multiple vulnerabilities (10 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — qpdf — multiple vulnerabilities (10 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:2669-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-36978 CVE-2017-11624 CVE-2017-11625 CVE-2017-11627 CVE-2022-34503 CVE-2017-9208 CVE-2017-9209 CVE-2017-9210  +2 more Upstream summary: QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow […]

Read more
SLES 15 — libqb0 — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libqb0 — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:1791-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-12779 Upstream summary: libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it uses predictable filenames (under /dev/shm and […]

Read more
CHAT