Troubleshooting

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2014-0021 CVE-2020-14367 CVE-2012-4502 CVE-2012-4503 CVE-2016-1567 Upstream summary: Chrony before 1.29.1 has traffic amplification in cmdmon protocol Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2019:2083-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-15784 Upstream summary: Secure Reliable Transport (SRT) through 1.3.4 has a CSndUList array overflow if there are many SRT connections. Table of contents Symptom & […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2015:0026-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-8139 CVE-2014-8140 CVE-2014-8141 CVE-2014-9636 CVE-2018-1000035 CVE-2022-0529 CVE-2022-0530 CVE-2014-9913  +4 more Upstream summary: Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2020-0256 CVE-2021-0308 Upstream summary: In LoadPartitionTable of gpt.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2008-0008 CVE-2014-3970 Upstream summary: The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:2044-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-25647 Upstream summary: The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:1903-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-17234 CVE-2018-17237 CVE-2020-10809 CVE-2018-17233 CVE-2018-17432 CVE-2018-17433 CVE-2018-17436 CVE-2020-10810  +12 more Upstream summary: Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c in the HDF HDF5 through […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2016:1639-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-5104 Upstream summary: The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:3950-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-0132 CVE-2024-0133 Upstream summary: NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SR:2009:020 (see also SUSE bugzilla) Related CVEs: CVE-2009-3627 Upstream summary: The decode_entities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service (infinite loop) via an […]