Critical Vulnerabilities in SUSE Multi-Linux Manager Affecting Denial of Service

Critical Vulnerabilities in SUSE Multi-Linux Manager Affecting Denial of Service

First seen 4 Jun 2026, 01:54 UTC Linuxsecurity 89% similarity 70.5

Article Content

Browse articles
ThreatCluster

SUSE has issued multiple important updates addressing critical vulnerabilities in the Multi-Linux Manager and Salt software. The vulnerabilities, identified as CVE-2026-31958, CVE-2026-27448, and CVE-2026-27459, could lead to denial of service and buffer overflow attacks. CVE-2026-31958, published on March 11, 2026, allows attackers to exploit large multipart body parsing issues, while CVE-2026-27459 and CVE-2026-27448, both published on March 17, 2026, involve buffer overflow risks and unhandled exceptions in pyOpenSSL. Affected systems include various versions of SUSE Linux Enterprise and openSUSE. The updates were released on June 3, 2026, and users are urged to apply them immediately to mitigate risks. The vulnerabilities have been rated with high CVSS scores, indicating significant potential impact.

Key Points: • SUSE released critical updates for Multi-Linux Manager addressing multiple CVEs. • CVE-2026-31958 allows denial of service through large multipart body parsing. • Immediate patching is recommended for affected SUSE and openSUSE systems.

ThreatCluster AI

Timeline

2026-03-11
CVE-2026-31958 published
A vulnerability in python-tornado allows denial of service via large multipart body parsing.
Linuxsecurity
2026-03-17
CVE-2026-27448 published
Buffer overflow risk identified in pyOpenSSL that can lead to severe security issues.
Linuxsecurity
2026-03-17
CVE-2026-27459 published
Large cookie value issue in pyOpenSSL can cause buffer overflow vulnerabilities.
Linuxsecurity
2026-06-03
SUSE releases important updates
Multiple updates were released to address critical vulnerabilities affecting the Multi-Linux Manager and Salt.
Linuxsecurity

Community

Browse all →