{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2026-26158","title":"Title"},{"category":"description","text":"A flaw was found in BusyBox. This vulnerability allows an attacker to modify files outside of the intended extraction directory by crafting a malicious tar archive containing unvalidated hardlink or symlink entries. If the tar archive is extracted with elevated privileges, this flaw can lead to privilege escalation, enabling an attacker to gain unauthorized access to critical system files.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2026-26158","url":"https://www.suse.com/security/cve/CVE-2026-26158"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1258167 for CVE-2026-26158","url":"https://bugzilla.suse.com/1258167"}],"title":"SUSE CVE CVE-2026-26158","tracking":{"current_release_date":"2026-02-14T00:23:53Z","generator":{"date":"2026-02-14T00:23:53Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2026-26158","initial_release_date":"2026-02-14T00:23:53Z","revision_history":[{"date":"2026-02-14T00:23:53Z","number":"2","summary":"vulnerabilities added,references added,severity changed from  to important"}],"status":"interim","version":"2"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise Desktop 15 SP7","product":{"name":"SUSE Linux Enterprise Desktop 15 SP7","product_id":"SUSE Linux Enterprise Desktop 15 SP7","product_identification_helper":{"cpe":"cpe:/o:suse:sled:15:sp7"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS","product":{"name":"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc-ltss:15:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS","product":{"name":"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc-ltss:15:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15 SP7","product":{"name":"SUSE Linux Enterprise High Performance Computing 15 SP7","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP7","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc:15:sp7"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Basesystem 15 SP7","product":{"name":"SUSE Linux Enterprise Module for Basesystem 15 SP7","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP7","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-basesystem:15:sp7"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP2-LTSS","product":{"name":"SUSE Linux Enterprise Server 12 SP2-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP2-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:12:sp2"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP4-LTSS","product":{"name":"SUSE Linux Enterprise Server 12 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP4-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:12:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP5-LTSS","product":{"name":"SUSE Linux Enterprise Server 12 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP5-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:12:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security","product":{"name":"SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security","product_id":"SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss-extended-security:12:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP1-LTSS","product":{"name":"SUSE Linux Enterprise Server 15 SP1-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP1-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:15:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP2-LTSS","product":{"name":"SUSE Linux Enterprise Server 15 SP2-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP2-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:15:sp2"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP3-LTSS","product":{"name":"SUSE Linux Enterprise Server 15 SP3-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP3-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:15:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP4-LTSS","product":{"name":"SUSE Linux Enterprise Server 15 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP4-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:15:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP5-LTSS","product":{"name":"SUSE Linux Enterprise Server 15 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP5-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:15:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP6-LTSS","product":{"name":"SUSE Linux Enterprise Server 15 SP6-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP6-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:15:sp6"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP7","product":{"name":"SUSE Linux Enterprise Server 15 SP7","product_id":"SUSE Linux Enterprise Server 15 SP7","product_identification_helper":{"cpe":"cpe:/o:suse:sles:15:sp7"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 16.0","product":{"name":"SUSE Linux Enterprise Server 16.0","product_id":"SUSE Linux Enterprise Server 16.0","product_identification_helper":{"cpe":"cpe:/o:suse:sles:16:16.0:server"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server Teradata 12 SP3","product":{"name":"SUSE Linux Enterprise Server Teradata 12 SP3","product_id":"SUSE Linux Enterprise Server Teradata 12 SP3","product_identification_helper":{"cpe":"cpe:/o:suse:sles_teradata:12:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server Teradata 15 SP4","product":{"name":"SUSE Linux Enterprise Server Teradata 15 SP4","product_id":"SUSE Linux Enterprise Server Teradata 15 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sles_teradata:15:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15 SP4","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15 SP4","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15 SP5","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP5","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15 SP6","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15 SP6","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP6","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15:sp6"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15 SP7","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15 SP7","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP7","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15:sp7"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP applications 16.0","product":{"name":"SUSE Linux Enterprise Server for SAP applications 16.0","product_id":"SUSE Linux Enterprise Server for SAP applications 16.0","product_identification_helper":{"cpe":"cpe:/o:suse:sles:16:16.0:server-sap"}}},{"category":"product_name","name":"SUSE Linux Micro 6.0","product":{"name":"SUSE Linux Micro 6.0","product_id":"SUSE Linux Micro 6.0","product_identification_helper":{"cpe":"cpe:/o:suse:sl-micro:6.0"}}},{"category":"product_name","name":"openSUSE Leap 15.6","product":{"name":"openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6","product_identification_helper":{"cpe":"cpe:/o:opensuse:leap:15.6"}}},{"category":"product_version","name":"busybox","product":{"name":"busybox","product_id":"busybox","product_identification_helper":{"cpe":"cpe:2.3:a:busybox:busybox:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/busybox@?upstream=busybox.src.rpm"}}},{"category":"product_version","name":"busybox-static","product":{"name":"busybox-static","product_id":"busybox-static","product_identification_helper":{"cpe":"cpe:2.3:a:busybox:busybox:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/busybox-static@?upstream=busybox.src.rpm"}}},{"category":"product_version","name":"busybox-testsuite","product":{"name":"busybox-testsuite","product_id":"busybox-testsuite","product_identification_helper":{"cpe":"cpe:2.3:a:busybox:busybox:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/busybox-testsuite@?upstream=busybox.src.rpm"}}},{"category":"product_version","name":"busybox-warewulf3","product":{"name":"busybox-warewulf3","product_id":"busybox-warewulf3","product_identification_helper":{"cpe":"cpe:2.3:a:busybox:busybox:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/busybox-warewulf3@?upstream=busybox.src.rpm"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server 15 SP7","product_id":"SUSE Linux Enterprise Server 15 SP7:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise Server 15 SP7","product_id":"SUSE Linux Enterprise Server 15 SP7:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Desktop 15 SP7","product_id":"SUSE Linux Enterprise Desktop 15 SP7:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Desktop 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise Desktop 15 SP7","product_id":"SUSE Linux Enterprise Desktop 15 SP7:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise Desktop 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server for SAP Applications 15 SP7","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP7:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise Server for SAP Applications 15 SP7","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP7:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise High Performance Computing 15 SP7","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP7:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise High Performance Computing 15 SP7","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP7:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Module for Basesystem 15 SP7","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP7:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Module for Basesystem 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise Module for Basesystem 15 SP7","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP7:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise Module for Basesystem 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server 12 SP2-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP2-LTSS:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP2-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server 12 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP4-LTSS:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server 12 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP5-LTSS:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security","product_id":"SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server 15 SP1-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP1-LTSS:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP1-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server 15 SP2-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP2-LTSS:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP2-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server 15 SP3-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP3-LTSS:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP3-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server 15 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP4-LTSS:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise Server 15 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP4-LTSS:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server 15 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP5-LTSS:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise Server 15 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP5-LTSS:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server 15 SP6-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP6-LTSS:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP6-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise Server 15 SP6-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP6-LTSS:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP6-LTSS"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server 16.0","product_id":"SUSE Linux Enterprise Server 16.0:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server 16.0"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise Server 16.0","product_id":"SUSE Linux Enterprise Server 16.0:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise Server 16.0"},{"category":"default_component_of","full_product_name":{"name":"busybox-warewulf3 as component of SUSE Linux Enterprise Server 16.0","product_id":"SUSE Linux Enterprise Server 16.0:busybox-warewulf3"},"product_reference":"busybox-warewulf3","relates_to_product_reference":"SUSE Linux Enterprise Server 16.0"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server Teradata 12 SP3","product_id":"SUSE Linux Enterprise Server Teradata 12 SP3:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server Teradata 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server Teradata 15 SP4","product_id":"SUSE Linux Enterprise Server Teradata 15 SP4:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server Teradata 15 SP4"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP4:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP4"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP4:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP4"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP5:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP5"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP5:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP5"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP6:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP6"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP6:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP6"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Enterprise Server for SAP applications 16.0","product_id":"SUSE Linux Enterprise Server for SAP applications 16.0:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP applications 16.0"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of SUSE Linux Enterprise Server for SAP applications 16.0","product_id":"SUSE Linux Enterprise Server for SAP applications 16.0:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP applications 16.0"},{"category":"default_component_of","full_product_name":{"name":"busybox-warewulf3 as component of SUSE Linux Enterprise Server for SAP applications 16.0","product_id":"SUSE Linux Enterprise Server for SAP applications 16.0:busybox-warewulf3"},"product_reference":"busybox-warewulf3","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP applications 16.0"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of SUSE Linux Micro 6.0","product_id":"SUSE Linux Micro 6.0:busybox"},"product_reference":"busybox","relates_to_product_reference":"SUSE Linux Micro 6.0"},{"category":"default_component_of","full_product_name":{"name":"busybox as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:busybox"},"product_reference":"busybox","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"busybox-static as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:busybox-static"},"product_reference":"busybox-static","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"busybox-testsuite as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:busybox-testsuite"},"product_reference":"busybox-testsuite","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"busybox-warewulf3 as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:busybox-warewulf3"},"product_reference":"busybox-warewulf3","relates_to_product_reference":"openSUSE Leap 15.6"}]},"vulnerabilities":[{"cve":"CVE-2026-26158","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2026-26158"}],"notes":[{"category":"general","text":"A flaw was found in BusyBox. This vulnerability allows an attacker to modify files outside of the intended extraction directory by crafting a malicious tar archive containing unvalidated hardlink or symlink entries. If the tar archive is extracted with elevated privileges, this flaw can lead to privilege escalation, enabling an attacker to gain unauthorized access to critical system files.","title":"CVE description"}],"product_status":{"known_affected":["SUSE Linux Enterprise Desktop 15 SP7:busybox","SUSE Linux Enterprise Desktop 15 SP7:busybox-static","SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:busybox","SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:busybox-static","SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:busybox","SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:busybox-static","SUSE Linux Enterprise High Performance Computing 15 SP7:busybox","SUSE Linux Enterprise High Performance Computing 15 SP7:busybox-static","SUSE Linux Enterprise Module for Basesystem 15 SP7:busybox","SUSE Linux Enterprise Module for Basesystem 15 SP7:busybox-static","SUSE Linux Enterprise Server 12 SP2-LTSS:busybox","SUSE Linux Enterprise Server 12 SP4-LTSS:busybox","SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security:busybox","SUSE Linux Enterprise Server 12 SP5-LTSS:busybox","SUSE Linux Enterprise Server 15 SP1-LTSS:busybox","SUSE Linux Enterprise Server 15 SP2-LTSS:busybox","SUSE Linux Enterprise Server 15 SP3-LTSS:busybox","SUSE Linux Enterprise Server 15 SP4-LTSS:busybox","SUSE Linux Enterprise Server 15 SP4-LTSS:busybox-static","SUSE Linux Enterprise Server 15 SP5-LTSS:busybox","SUSE Linux Enterprise Server 15 SP5-LTSS:busybox-static","SUSE Linux Enterprise Server 15 SP6-LTSS:busybox","SUSE Linux Enterprise Server 15 SP6-LTSS:busybox-static","SUSE Linux Enterprise Server 15 SP7:busybox","SUSE Linux Enterprise Server 15 SP7:busybox-static","SUSE Linux Enterprise Server 16.0:busybox","SUSE Linux Enterprise Server 16.0:busybox-static","SUSE Linux Enterprise Server 16.0:busybox-warewulf3","SUSE Linux Enterprise Server Teradata 12 SP3:busybox","SUSE Linux Enterprise Server Teradata 15 SP4:busybox","SUSE Linux Enterprise Server for SAP Applications 15 SP4:busybox","SUSE Linux Enterprise Server for SAP Applications 15 SP4:busybox-static","SUSE Linux Enterprise Server for SAP Applications 15 SP5:busybox","SUSE Linux Enterprise Server for SAP Applications 15 SP5:busybox-static","SUSE Linux Enterprise Server for SAP Applications 15 SP6:busybox","SUSE Linux Enterprise Server for SAP Applications 15 SP6:busybox-static","SUSE Linux Enterprise Server for SAP Applications 15 SP7:busybox","SUSE Linux Enterprise Server for SAP Applications 15 SP7:busybox-static","SUSE Linux Enterprise Server for SAP applications 16.0:busybox","SUSE Linux Enterprise Server for SAP applications 16.0:busybox-static","SUSE Linux Enterprise Server for SAP applications 16.0:busybox-warewulf3","SUSE Linux Micro 6.0:busybox","openSUSE Leap 15.6:busybox","openSUSE Leap 15.6:busybox-static","openSUSE Leap 15.6:busybox-testsuite","openSUSE Leap 15.6:busybox-warewulf3"]},"references":[{"category":"external","summary":"CVE-2026-26158","url":"https://www.suse.com/security/cve/CVE-2026-26158"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1258167 for CVE-2026-26158","url":"https://bugzilla.suse.com/1258167"}],"threats":[{"category":"impact","date":"2026-02-11T21:00:07Z","details":"important"}],"title":"CVE-2026-26158"}]}