SUSE Linux Go1.26 and Go1.25 Security Updates Address Critical DDoS Vulnerabilities

SUSE Linux Go1.26 and Go1.25 Security Updates Address Critical DDoS Vulnerabilities

First seen 15 May 2026, 18:55 UTC Linuxsecurity 93% similarity 70.5

Article Content

Browse articles
ThreatCluster

On May 14, 2026, SUSE released important security updates for Go1.26 and Go1.25 to address multiple vulnerabilities, including CVE-2026-33811 and CVE-2026-33814, both rated with a CVSS score of 7.5. These vulnerabilities could lead to denial-of-service conditions, including crashes and infinite loops in HTTP/2 transport. The updates also fix issues related to output path sanitization and XSS vulnerabilities in HTML templates. Affected systems include those running SUSE Linux versions utilizing Go1.26 and Go1.25. Administrators are urged to apply these updates promptly to mitigate potential exploitation. The vulnerabilities were published on May 7, 2026, and have been confirmed by SUSE's advisory. The updates are critical for maintaining system integrity and security.

Key Points: • SUSE released updates for Go1.26 and Go1.25 addressing critical vulnerabilities. • Key vulnerabilities include CVE-2026-33811 and CVE-2026-33814, both with a CVSS score of 7.5. • Administrators are advised to apply updates immediately to prevent potential denial-of-service attacks.

ThreatCluster AI

Timeline

2026-05-07
CVE-2026-33811 published
A vulnerability allowing crashes when handling long CNAME responses was disclosed.
Linuxsecurity
2026-05-07
CVE-2026-33814 published
An infinite loop vulnerability in HTTP/2 transport was disclosed, affecting Go applications.
Linuxsecurity
2026-05-07
CVE-2026-39820 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE
2026-05-07
CVE-2026-39825 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE
2026-05-07
CVE-2026-39823 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE
2026-05-07
CVE-2026-39817 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE
2026-05-07
CVE-2026-39819 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE
2026-05-14
SUSE releases security updates
SUSE issued important updates for Go1.26 and Go1.25 to address multiple vulnerabilities.
Linuxsecurity

Community

Browse all →