SUSE-SU-2026:20178-1

See a problem?
Please try reporting it to the source first.

Source

https://www.suse.com/support/update/announcement/2026/suse-su-202620178-1/

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:20178-1.json

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2026:20178-1

Upstream

CVE-2025-0395

CVE-2025-15281

CVE-2026-0861

CVE-2026-0915

Related

Published

2026-01-29T16:36:29Z

Modified

2026-03-23T04:52:40.788341Z

Summary

Security update for glibc

Details

This update for glibc fixes the following issues:

Security fixes:

CVE-2025-0395: Fixed buffer overflow in the assert() function (bsc#1236282).
CVE-2026-0861: Fixed inadequate size check in the memalign suite may result in an integer overflow (bsc#1256766).
CVE-2026-0915: Fixed uninitialized stack buffer used as DNS query name when net==0 in nssdnsgetnetbyaddrr (bsc#1256822).
CVE-2025-15281: Fixed uninitialized memory may cause the process abort (bsc#1257005).

Other fixes:

NPTL: Optimize trylock for high cache contention workloads (bsc#1256436)

References

Affected packages

SUSE:Linux Micro 6.2 / glibc

Package

Name: glibc
Purl: pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Micro%206.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.40-160000.3.1

Ecosystem specific

{
    "binaries": [
        {
            "glibc-locale": "2.40-160000.3.1",
            "glibc-gconv-modules-extra": "2.40-160000.3.1",
            "glibc-devel": "2.40-160000.3.1",
            "glibc": "2.40-160000.3.1",
            "glibc-locale-base": "2.40-160000.3.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:20178-1.json"