SUSE Linux has released several important security updates affecting AppArmor, GoVulnCheck-VulnDB, and the Linux kernel, which are crucial for maintaining system integrity and security for various distributions:
1. AppArmor Update (SUSE-SU-2025:1193-1): This moderate security update addresses a specific issue allowing `dovecot-auth` to execute the unix check password from `/sbin`, enhancing security protocols. It applies to multiple products including openSUSE Leap 15.4 and various SUSE Linux Enterprise editions.
2. GoVulnCheck-VulnDB Update (openSUSE-SU-2025:14978-1): A moderate update introduces a new version of the vulnerability database, fixing critical vulnerabilities with a CVSS score of 9.1. This update is specifically for openSUSE Tumbleweed and includes one resolved vulnerability.
3. Linux Kernel Update (SUSE-SU-2025:1195-1): A significant security update rated as important addresses 62 vulnerabilities and includes 14 specific security fixes. The update applies to a wide range of SUSE products including SUSE Linux Enterprise and openSUSE Leap. Notably, it resolves various critical vulnerabilities like CVE-2022-49053 and CVE-2025-21772 which could potentially lead to system compromises.
- Reboot Required: After applying the kernel update, a system reboot is required to ensure all changes take effect.
- Vulnerability References: Each update includes references to various CVE (Common Vulnerabilities and Exposures) identifiers that provide additional context on the vulnerabilities addressed.
1. AppArmor Update (SUSE-SU-2025:1193-1): This moderate security update addresses a specific issue allowing `dovecot-auth` to execute the unix check password from `/sbin`, enhancing security protocols. It applies to multiple products including openSUSE Leap 15.4 and various SUSE Linux Enterprise editions.
2. GoVulnCheck-VulnDB Update (openSUSE-SU-2025:14978-1): A moderate update introduces a new version of the vulnerability database, fixing critical vulnerabilities with a CVSS score of 9.1. This update is specifically for openSUSE Tumbleweed and includes one resolved vulnerability.
3. Linux Kernel Update (SUSE-SU-2025:1195-1): A significant security update rated as important addresses 62 vulnerabilities and includes 14 specific security fixes. The update applies to a wide range of SUSE products including SUSE Linux Enterprise and openSUSE Leap. Notably, it resolves various critical vulnerabilities like CVE-2022-49053 and CVE-2025-21772 which could potentially lead to system compromises.
Additional Information:
- Installation Instructions: Users are encouraged to use SUSE's recommended installation methods such as YaST or `zypper patch`. Specific commands are provided for different product versions to facilitate easy updates.- Reboot Required: After applying the kernel update, a system reboot is required to ensure all changes take effect.
- Vulnerability References: Each update includes references to various CVE (Common Vulnerabilities and Exposures) identifiers that provide additional context on the vulnerabilities addressed.
Conclusion:
These updates are crucial for maintaining the security and stability of SUSE Linux systems. System administrators should prioritize installing these updates to mitigate potential security risks associated with identified vulnerabilities. Regularly checking for updates and applying patches is vital for effective system management and security complianceAppArmor, GoVulnCheck-VulnDB, Linux kernel updates for SUSE
SUSE Linux has been updated with security enhancements for AppArmor, GoVulnCheck-VulnDB, and the Linux kernel:
SUSE-SU-2025:1193-1: moderate: Security update for apparmor
openSUSE-SU-2025:14978-1: moderate: govulncheck-vulndb-0.0.20250408T210408-1.1 on GA media
SUSE-SU-2025:1195-1: important: Security update for the Linux KernelAppArmor, GoVulnCheck-VulnDB, Linux kernel updates for SUSE @ Linux Compatible
