Security update for docker SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2026:0666-1 Final 1 1 2026-02-26T15:17:25Z current 2026-02-26T15:17:25Z 2026-02-26T15:17:25Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for docker This update for docker fixes the following issues: - CVE-2025-58181: Fixed a bug in crypto/ssh where invalidated number of mechanisms can cause unbounded memory consumption. (bsc#1253904) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Image SLES15-SP7-GCE-3P-2026-666,Image SLES15-SP7-SAP-GCE-3P-2026-666,SUSE-2026-666,SUSE-SLE-Micro-5.3-2026-666,SUSE-SLE-Micro-5.4-2026-666,SUSE-SLE-Micro-5.5-2026-666,SUSE-SLE-Module-Basesystem-15-SP7-2026-666,SUSE-SLE-Module-Containers-15-SP7-2026-666,SUSE-SUSE-MicroOS-5.2-2026-666,openSUSE-SLE-15.6-2026-666 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2026/suse-su-20260666-1/ Link for SUSE-SU-2026:0666-1 https://lists.suse.com/pipermail/sle-security-updates/2026-February/024444.html E-Mail link for SUSE-SU-2026:0666-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1253904 SUSE Bug 1253904 https://www.suse.com/security/cve/CVE-2025-58181/ SUSE CVE CVE-2025-58181 page Image SLES15-SP7-GCE-3P Image SLES15-SP7-SAP-GCE-3P SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Micro 5.4 SUSE Linux Enterprise Micro 5.5 SUSE Linux Enterprise Module for Basesystem 15 SP7 SUSE Linux Enterprise Module for Containers 15 SP7 openSUSE Leap 15.6 docker-28.5.1_ce-150000.241.2 docker-buildx-0.29.0-150000.241.2 docker-bash-completion-28.5.1_ce-150000.241.2 docker-fish-completion-28.5.1_ce-150000.241.2 docker-rootless-extras-28.5.1_ce-150000.241.2 docker-zsh-completion-28.5.1_ce-150000.241.2 docker-28.5.1_ce-150000.241.2 as a component of Image SLES15-SP7-GCE-3P docker-buildx-0.29.0-150000.241.2 as a component of Image SLES15-SP7-GCE-3P docker-28.5.1_ce-150000.241.2 as a component of Image SLES15-SP7-SAP-GCE-3P docker-buildx-0.29.0-150000.241.2 as a component of Image SLES15-SP7-SAP-GCE-3P docker-28.5.1_ce-150000.241.2 as a component of SUSE Linux Enterprise Micro 5.2 docker-buildx-0.29.0-150000.241.2 as a component of SUSE Linux Enterprise Micro 5.2 docker-28.5.1_ce-150000.241.2 as a component of SUSE Linux Enterprise Micro 5.3 docker-buildx-0.29.0-150000.241.2 as a component of SUSE Linux Enterprise Micro 5.3 docker-28.5.1_ce-150000.241.2 as a component of SUSE Linux Enterprise Micro 5.4 docker-buildx-0.29.0-150000.241.2 as a component of SUSE Linux Enterprise Micro 5.4 docker-28.5.1_ce-150000.241.2 as a component of SUSE Linux Enterprise Micro 5.5 docker-buildx-0.29.0-150000.241.2 as a component of SUSE Linux Enterprise Micro 5.5 docker-28.5.1_ce-150000.241.2 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 docker-buildx-0.29.0-150000.241.2 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 docker-bash-completion-28.5.1_ce-150000.241.2 as a component of SUSE Linux Enterprise Module for Containers 15 SP7 docker-rootless-extras-28.5.1_ce-150000.241.2 as a component of SUSE Linux Enterprise Module for Containers 15 SP7 docker-zsh-completion-28.5.1_ce-150000.241.2 as a component of SUSE Linux Enterprise Module for Containers 15 SP7 docker-28.5.1_ce-150000.241.2 as a component of openSUSE Leap 15.6 docker-bash-completion-28.5.1_ce-150000.241.2 as a component of openSUSE Leap 15.6 docker-buildx-0.29.0-150000.241.2 as a component of openSUSE Leap 15.6 docker-fish-completion-28.5.1_ce-150000.241.2 as a component of openSUSE Leap 15.6 docker-rootless-extras-28.5.1_ce-150000.241.2 as a component of openSUSE Leap 15.6 docker-zsh-completion-28.5.1_ce-150000.241.2 as a component of openSUSE Leap 15.6 SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption. CVE-2025-58181 Image SLES15-SP7-GCE-3P:docker-28.5.1_ce-150000.241.2 Image SLES15-SP7-GCE-3P:docker-buildx-0.29.0-150000.241.2 Image SLES15-SP7-SAP-GCE-3P:docker-28.5.1_ce-150000.241.2 Image SLES15-SP7-SAP-GCE-3P:docker-buildx-0.29.0-150000.241.2 SUSE Linux Enterprise Micro 5.2:docker-28.5.1_ce-150000.241.2 SUSE Linux Enterprise Micro 5.2:docker-buildx-0.29.0-150000.241.2 SUSE Linux Enterprise Micro 5.3:docker-28.5.1_ce-150000.241.2 SUSE Linux Enterprise Micro 5.3:docker-buildx-0.29.0-150000.241.2 SUSE Linux Enterprise Micro 5.4:docker-28.5.1_ce-150000.241.2 SUSE Linux Enterprise Micro 5.4:docker-buildx-0.29.0-150000.241.2 SUSE Linux Enterprise Micro 5.5:docker-28.5.1_ce-150000.241.2 SUSE Linux Enterprise Micro 5.5:docker-buildx-0.29.0-150000.241.2 SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.5.1_ce-150000.241.2 SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-buildx-0.29.0-150000.241.2 SUSE Linux Enterprise Module for Containers 15 SP7:docker-bash-completion-28.5.1_ce-150000.241.2 SUSE Linux Enterprise Module for Containers 15 SP7:docker-rootless-extras-28.5.1_ce-150000.241.2 SUSE Linux Enterprise Module for Containers 15 SP7:docker-zsh-completion-28.5.1_ce-150000.241.2 openSUSE Leap 15.6:docker-28.5.1_ce-150000.241.2 openSUSE Leap 15.6:docker-bash-completion-28.5.1_ce-150000.241.2 openSUSE Leap 15.6:docker-buildx-0.29.0-150000.241.2 openSUSE Leap 15.6:docker-fish-completion-28.5.1_ce-150000.241.2 openSUSE Leap 15.6:docker-rootless-extras-28.5.1_ce-150000.241.2 openSUSE Leap 15.6:docker-zsh-completion-28.5.1_ce-150000.241.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260666-1/ https://www.suse.com/security/cve/CVE-2025-58181.html CVE-2025-58181 https://bugzilla.suse.com/1253784 SUSE Bug 1253784