Security update for util-linux SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2026:0510-1 Final 1 1 2026-02-13T14:52:46Z current 2026-02-13T14:52:46Z 2026-02-13T14:52:46Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for util-linux This update for util-linux fixes the following issues: - CVE-2025-14104: Fixed heap buffer overread in setpwnam() when processing 256-byte usernames (bsc#1254666). - lscpu: Add support for NVIDIA Olympus arm64 core (jsc#PED-13682). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2026-510,SUSE-SLE-Micro-5.3-2026-510,SUSE-SLE-Micro-5.4-2026-510 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2026/suse-su-20260510-1/ Link for SUSE-SU-2026:0510-1 https://lists.suse.com/pipermail/sle-security-updates/2026-February/024236.html E-Mail link for SUSE-SU-2026:0510-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1254666 SUSE Bug 1254666 https://www.suse.com/security/cve/CVE-2025-14104/ SUSE CVE CVE-2025-14104 page SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Micro 5.4 libblkid-devel-2.37.2-150400.8.38.1 libblkid-devel-32bit-2.37.2-150400.8.38.1 libblkid-devel-64bit-2.37.2-150400.8.38.1 libblkid-devel-static-2.37.2-150400.8.38.1 libblkid1-2.37.2-150400.8.38.1 libblkid1-32bit-2.37.2-150400.8.38.1 libblkid1-64bit-2.37.2-150400.8.38.1 libfdisk-devel-2.37.2-150400.8.38.1 libfdisk-devel-32bit-2.37.2-150400.8.38.1 libfdisk-devel-64bit-2.37.2-150400.8.38.1 libfdisk-devel-static-2.37.2-150400.8.38.1 libfdisk1-2.37.2-150400.8.38.1 libfdisk1-32bit-2.37.2-150400.8.38.1 libfdisk1-64bit-2.37.2-150400.8.38.1 libmount-devel-2.37.2-150400.8.38.1 libmount-devel-32bit-2.37.2-150400.8.38.1 libmount-devel-64bit-2.37.2-150400.8.38.1 libmount-devel-static-2.37.2-150400.8.38.1 libmount1-2.37.2-150400.8.38.1 libmount1-32bit-2.37.2-150400.8.38.1 libmount1-64bit-2.37.2-150400.8.38.1 libsmartcols-devel-2.37.2-150400.8.38.1 libsmartcols-devel-32bit-2.37.2-150400.8.38.1 libsmartcols-devel-64bit-2.37.2-150400.8.38.1 libsmartcols-devel-static-2.37.2-150400.8.38.1 libsmartcols1-2.37.2-150400.8.38.1 libsmartcols1-32bit-2.37.2-150400.8.38.1 libsmartcols1-64bit-2.37.2-150400.8.38.1 libuuid-devel-2.37.2-150400.8.38.1 libuuid-devel-32bit-2.37.2-150400.8.38.1 libuuid-devel-64bit-2.37.2-150400.8.38.1 libuuid-devel-static-2.37.2-150400.8.38.1 libuuid1-2.37.2-150400.8.38.1 libuuid1-32bit-2.37.2-150400.8.38.1 libuuid1-64bit-2.37.2-150400.8.38.1 python3-libmount-2.37.2-150400.8.38.1 util-linux-2.37.2-150400.8.38.1 util-linux-lang-2.37.2-150400.8.38.1 util-linux-systemd-2.37.2-150400.8.38.1 uuidd-2.37.2-150400.8.38.1 libblkid1-2.37.2-150400.8.38.1 as a component of SUSE Linux Enterprise Micro 5.3 libfdisk1-2.37.2-150400.8.38.1 as a component of SUSE Linux Enterprise Micro 5.3 libmount1-2.37.2-150400.8.38.1 as a component of SUSE Linux Enterprise Micro 5.3 libsmartcols1-2.37.2-150400.8.38.1 as a component of SUSE Linux Enterprise Micro 5.3 libuuid1-2.37.2-150400.8.38.1 as a component of SUSE Linux Enterprise Micro 5.3 util-linux-2.37.2-150400.8.38.1 as a component of SUSE Linux Enterprise Micro 5.3 util-linux-systemd-2.37.2-150400.8.38.1 as a component of SUSE Linux Enterprise Micro 5.3 libblkid1-2.37.2-150400.8.38.1 as a component of SUSE Linux Enterprise Micro 5.4 libfdisk1-2.37.2-150400.8.38.1 as a component of SUSE Linux Enterprise Micro 5.4 libmount1-2.37.2-150400.8.38.1 as a component of SUSE Linux Enterprise Micro 5.4 libsmartcols1-2.37.2-150400.8.38.1 as a component of SUSE Linux Enterprise Micro 5.4 libuuid1-2.37.2-150400.8.38.1 as a component of SUSE Linux Enterprise Micro 5.4 util-linux-2.37.2-150400.8.38.1 as a component of SUSE Linux Enterprise Micro 5.4 util-linux-systemd-2.37.2-150400.8.38.1 as a component of SUSE Linux Enterprise Micro 5.4 A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database. CVE-2025-14104 SUSE Linux Enterprise Micro 5.3:libblkid1-2.37.2-150400.8.38.1 SUSE Linux Enterprise Micro 5.3:libfdisk1-2.37.2-150400.8.38.1 SUSE Linux Enterprise Micro 5.3:libmount1-2.37.2-150400.8.38.1 SUSE Linux Enterprise Micro 5.3:libsmartcols1-2.37.2-150400.8.38.1 SUSE Linux Enterprise Micro 5.3:libuuid1-2.37.2-150400.8.38.1 SUSE Linux Enterprise Micro 5.3:util-linux-2.37.2-150400.8.38.1 SUSE Linux Enterprise Micro 5.3:util-linux-systemd-2.37.2-150400.8.38.1 SUSE Linux Enterprise Micro 5.4:libblkid1-2.37.2-150400.8.38.1 SUSE Linux Enterprise Micro 5.4:libfdisk1-2.37.2-150400.8.38.1 SUSE Linux Enterprise Micro 5.4:libmount1-2.37.2-150400.8.38.1 SUSE Linux Enterprise Micro 5.4:libsmartcols1-2.37.2-150400.8.38.1 SUSE Linux Enterprise Micro 5.4:libuuid1-2.37.2-150400.8.38.1 SUSE Linux Enterprise Micro 5.4:util-linux-2.37.2-150400.8.38.1 SUSE Linux Enterprise Micro 5.4:util-linux-systemd-2.37.2-150400.8.38.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260510-1/ https://www.suse.com/security/cve/CVE-2025-14104.html CVE-2025-14104 https://bugzilla.suse.com/1254666 SUSE Bug 1254666