SUSE-SU-2026:2053-1

HIGH8.1

Security update for busybox

Published May 25, 2026

Modified 1 weeks ago

Fix available

Details

Description of the patch:

This update for busybox fixes the following issue

CVE-2026-29004: Heap buffer overflow vulnerability in the DHCPv6 client (udhcpc6) DNS_SERVERS option handler in networking/udhcp/d6_dhcpc.c (bsc#1263989).

Affected Packages

busybox

SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP5-LTSSSUSE Linux Enterprise Server 15 SP5-LTSSSUSE Linux Enterprise Server 15 SP6-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP5

Fixed in:

1.37.0-150500.10.20.1

busybox-static

Fixed in:

1.37.0-150500.10.20.1

References

ADVISORY

https://bugzilla.suse.com/1263989

ADVISORY

https://lists.suse.com/pipermail/sle-security-updates/2026-May/026272.html

ADVISORY

https://www.suse.com/security/cve/CVE-2026-29004/