{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2026-26157","title":"Title"},{"category":"description","text":"A flaw was found in BusyBox. Incomplete path sanitization in its archive extraction utilities allows an attacker to craft malicious archives that when extracted, and under specific conditions, may write to files outside the intended directory. This can lead to arbitrary file overwrite, potentially enabling code execution through the modification of sensitive system files.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2026-26157","url":"https://www.suse.com/security/cve/CVE-2026-26157"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1258163 for CVE-2026-26157","url":"https://bugzilla.suse.com/1258163"}],"title":"SUSE CVE CVE-2026-26157","tracking":{"current_release_date":"2026-02-14T00:23:54Z","generator":{"date":"2026-02-14T00:23:54Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2026-26157","initial_release_date":"2026-02-14T00:23:54Z","revision_history":[{"date":"2026-02-14T00:23:54Z","number":"2","summary":"vulnerabilities added,references added,severity changed from  to important"}],"status":"interim","version":"2"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise Desktop 15 SP7","product":{"name":"SUSE Linux Enterprise Desktop 15 SP7","product_id":"SUSE Linux Enterprise Desktop 15 SP7","product_identification_helper":{"cpe":"cpe:/o:suse:sled:15:sp7"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS","product":{"name":"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc-ltss:15:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS","product":{"name":"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc-ltss:15:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15 SP7","product":{"name":"SUSE Linux Enterprise High Performance Computing 15 SP7","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP7","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc:15:sp7"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Basesystem 15 SP7","product":{"name":"SUSE Linux Enterprise Module for Basesystem 15 SP7","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP7","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-basesystem:15:sp7"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP2-LTSS","product":{"name":"SUSE Linux Enterprise Server 12 SP2-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP2-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:12:sp2"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP4-LTSS","product":{"name":"SUSE Linux Enterprise Server 12 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP4-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:12:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP5-LTSS","product":{"name":"SUSE Linux Enterprise Server 12 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP5-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:12:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security","product":{"name":"SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security","product_id":"SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss-extended-security:12:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP1-LTSS","product":{"name":"SUSE Linux Enterprise Server 15 SP1-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP1-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:15:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP2-LTSS","product":{"name":"SUSE Linux Enterprise Server 15 SP2-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP2-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:15:sp2"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP3-LTSS","product":{"name":"SUSE Linux Enterprise Server 15 SP3-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP3-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:15:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP4-LTSS","product":{"name":"SUSE Linux Enterprise Server 15 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP4-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:15:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP5-LTSS","product":{"name":"SUSE Linux Enterprise Server 15 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP5-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:15:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP6-LTSS","product":{"name":"SUSE Linux Enterprise Server 15 SP6-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP6-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:15:sp6"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP7","product":{"name":"SUSE Linux Enterprise Server 15 SP7","product_id":"SUSE Linux Enterprise Server 15 SP7","product_identification_helper":{"cpe":"cpe:/o:suse:sles:15:sp7"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 16.0","product":{"name":"SUSE Linux Enterprise Server 16.0","product_id":"SUSE Linux Enterprise Server 16.0","product_identification_helper":{"cpe":"cpe:/o:suse:sles:16:16.0:server"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server Teradata 12 SP3","product":{"name":"SUSE Linux Enterprise Server Teradata 12 SP3","product_id":"SUSE Linux Enterprise Server Teradata 12 SP3","product_identification_helper":{"cpe":"cpe:/o:suse:sles_teradata:12:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server Teradata 15 SP4","product":{"name":"SUSE Linux Enterprise Server Teradata 15 SP4","product_id":"SUSE Linux Enterprise Server Teradata 15 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sles_teradata:15:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15 SP4","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15 SP4","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15 SP5","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP5","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15 SP6","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15 SP6","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP6","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15:sp6"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15 SP7","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15 SP7","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP7","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15:sp7"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP applications 16.0","product":{"name":"SUSE Linux Enterprise Server for SAP applications 16.0","product_id":"SUSE Linux Enterprise Server for SAP applications 16.0","product_identification_helper":{"cpe":"cpe:/o:suse:sles:16:16.0:server-sap"}}},{"category":"product_name","name":"SUSE Linux Micro 6.0","product":{"name":"SUSE Linux Micro 6.0","product_id":"SUSE Linux Micro 6.0","product_identification_helper":{"cpe":"cpe:/o:suse:sl-micro:6.0"}}},{"category":"product_name","name":"openSUSE Leap 15.6","product":{"name":"openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6","product_identification_helper":{"cpe":"cpe:/o:opensuse:leap:15.6"}}},{"category":"product_version","name":"busybox","product":{"name":"busybox","product_id":"busybox","product_identification_helper":{"cpe":"cpe:2.3:a:busybox:busybox:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/busybox@?upstream=busybox.src.rpm"}}},{"category":"product_version","name":"busybox-static","product":{"name":"busybox-static","product_id":"busybox-static","product_identification_helper":{"cpe":"cpe:2.3:a:busybox:busybox:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/busybox-static@?upstream=busybox.src.rpm"}}},{"category":"product_version","name":"busybox-testsuite","product":{"name":"busybox-testsuite","product_id":"busybox-testsuite","product_identification_helper":{"cpe":"cpe:2.3:a:busybox:busybox:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/busybox-testsuite@?upstream=busybox.src.rpm"}}},{"category":"product_version","name":"busybox-warewulf3","product":{"name":"busybox-warewulf3","product_id":"busybox-warewulf3","product_identification_helper":{"cpe":"cpe:2.3:a:busybox:busybox:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/busybox-warewulf3@?upstream=busybox.src.rpm"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server 15 SP7","product_id":"SUSE Linux Enterprise Server 15 SP7:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise Server 15 SP7","product_id":"SUSE Linux Enterprise Server 15 SP7:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Desktop 15 SP7","product_id":"SUSE Linux Enterprise Desktop 15 SP7:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Desktop 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise Desktop 15 SP7","product_id":"SUSE Linux Enterprise Desktop 15 SP7:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise Desktop 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server for SAP Applications 15 SP7","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP7:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise Server for SAP Applications 15 SP7","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP7:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise High Performance Computing 15 SP7","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP7:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise High Performance Computing 15 SP7","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP7:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Module for Basesystem 15 SP7","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP7:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Module for Basesystem 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise Module for Basesystem 15 SP7","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP7:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise Module for Basesystem 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server 12 SP2-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP2-LTSS:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP2-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server 12 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP4-LTSS:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server 12 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP5-LTSS:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security","product_id":"SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server 15 SP1-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP1-LTSS:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP1-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server 15 SP2-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP2-LTSS:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP2-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server 15 SP3-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP3-LTSS:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP3-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server 15 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP4-LTSS:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise Server 15 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP4-LTSS:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server 15 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP5-LTSS:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise Server 15 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP5-LTSS:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server 15 SP6-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP6-LTSS:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP6-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise Server 15 SP6-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP6-LTSS:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP6-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server 16.0","product_id":"SUSE Linux Enterprise Server 16.0:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server 16.0"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise Server 16.0","product_id":"SUSE Linux Enterprise Server 16.0:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise Server 16.0"},{"category":"default_component_of","full_product_name":{"name":"busybox-warewulf3 as component of SUSE Linux Enterprise Server 16.0","product_id":"SUSE Linux Enterprise Server 16.0:busybox-warewulf3"},"product_reference":"busybox-warewulf3","relates_to_product_reference":"SUSE Linux Enterprise Server 16.0"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server Teradata 12 SP3","product_id":"SUSE Linux Enterprise Server Teradata 12 SP3:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server Teradata 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server Teradata 15 SP4","product_id":"SUSE Linux Enterprise Server Teradata 15 SP4:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server Teradata 15 SP4"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP4:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP4"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP4:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP4"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP5:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP5"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP5:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP5"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP6:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP6"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP6:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP6"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server for SAP applications 16.0","product_id":"SUSE Linux Enterprise Server for SAP applications 16.0:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP applications 16.0"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise Server for SAP applications 16.0","product_id":"SUSE Linux Enterprise Server for SAP applications 16.0:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP applications 16.0"},{"category":"default_component_of","full_product_name":{"name":"busybox-warewulf3 as component of SUSE Linux Enterprise Server for SAP applications 16.0","product_id":"SUSE Linux Enterprise Server for SAP applications 16.0:busybox-warewulf3"},"product_reference":"busybox-warewulf3","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP applications 16.0"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Micro 6.0","product_id":"SUSE Linux Micro 6.0:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Micro 6.0"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:busybox"},"product_reference":"busybox","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"busybox-testsuite as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:busybox-testsuite"},"product_reference":"busybox-testsuite","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"busybox-warewulf3 as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:busybox-warewulf3"},"product_reference":"busybox-warewulf3","relates_to_product_reference":"openSUSE Leap 15.6"}]},"vulnerabilities":[{"cve":"CVE-2026-26157","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2026-26157"}],"notes":[{"category":"general","text":"A flaw was found in BusyBox. Incomplete path sanitization in its archive extraction utilities allows an attacker to craft malicious archives that when extracted, and under specific conditions, may write to files outside the intended directory. This can lead to arbitrary file overwrite, potentially enabling code execution through the modification of sensitive system files.","title":"CVE description"}],"product_status":{"known_affected":["SUSE Linux Enterprise Desktop 15 SP7:busybox","SUSE Linux Enterprise Desktop 15 SP7:busybox-static","SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:busybox","SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:busybox-static","SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:busybox","SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:busybox-static","SUSE Linux Enterprise High Performance Computing 15 SP7:busybox","SUSE Linux Enterprise High Performance Computing 15 SP7:busybox-static","SUSE Linux Enterprise Module for Basesystem 15 SP7:busybox","SUSE Linux Enterprise Module for Basesystem 15 SP7:busybox-static","SUSE Linux Enterprise Server 12 SP2-LTSS:busybox","SUSE Linux Enterprise Server 12 SP4-LTSS:busybox","SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security:busybox","SUSE Linux Enterprise Server 12 SP5-LTSS:busybox","SUSE Linux Enterprise Server 15 SP1-LTSS:busybox","SUSE Linux Enterprise Server 15 SP2-LTSS:busybox","SUSE Linux Enterprise Server 15 SP3-LTSS:busybox","SUSE Linux Enterprise Server 15 SP4-LTSS:busybox","SUSE Linux Enterprise Server 15 SP4-LTSS:busybox-static","SUSE Linux Enterprise Server 15 SP5-LTSS:busybox","SUSE Linux Enterprise Server 15 SP5-LTSS:busybox-static","SUSE Linux Enterprise Server 15 SP6-LTSS:busybox","SUSE Linux Enterprise Server 15 SP6-LTSS:busybox-static","SUSE Linux Enterprise Server 15 SP7:busybox","SUSE Linux Enterprise Server 15 SP7:busybox-static","SUSE Linux Enterprise Server 16.0:busybox","SUSE Linux Enterprise Server 16.0:busybox-static","SUSE Linux Enterprise Server 16.0:busybox-warewulf3","SUSE Linux Enterprise Server Teradata 12 SP3:busybox","SUSE Linux Enterprise Server Teradata 15 SP4:busybox","SUSE Linux Enterprise Server for SAP Applications 15 SP4:busybox","SUSE Linux Enterprise Server for SAP Applications 15 SP4:busybox-static","SUSE Linux Enterprise Server for SAP Applications 15 SP5:busybox","SUSE Linux Enterprise Server for SAP Applications 15 SP5:busybox-static","SUSE Linux Enterprise Server for SAP Applications 15 SP6:busybox","SUSE Linux Enterprise Server for SAP Applications 15 SP6:busybox-static","SUSE Linux Enterprise Server for SAP Applications 15 SP7:busybox","SUSE Linux Enterprise Server for SAP Applications 15 SP7:busybox-static","SUSE Linux Enterprise Server for SAP applications 16.0:busybox","SUSE Linux Enterprise Server for SAP applications 16.0:busybox-static","SUSE Linux Enterprise Server for SAP applications 16.0:busybox-warewulf3","SUSE Linux Micro 6.0:busybox","openSUSE Leap 15.6:busybox","openSUSE Leap 15.6:busybox-static","openSUSE Leap 15.6:busybox-testsuite","openSUSE Leap 15.6:busybox-warewulf3"]},"references":[{"category":"external","summary":"CVE-2026-26157","url":"https://www.suse.com/security/cve/CVE-2026-26157"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1258163 for CVE-2026-26157","url":"https://bugzilla.suse.com/1258163"}],"threats":[{"category":"impact","date":"2026-02-11T21:00:04Z","details":"important"}],"title":"CVE-2026-26157"}]}