SB2026022559 - SUSE update for Security update 5.1.2 for Multi-Linux Manager Client Tools

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2026022559

SB2026022559 - SUSE update for Security update 5.1.2 for Multi-Linux Manager Client Tools

Published: February 25, 2026

Security Bulletin ID SB2026022559
Severity
Medium
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) Interpretation conflict (CVE-ID: CVE-2025-12816)

The vulnerability allows a remote attacker to bypass downstream cryptographic verification and security decisions.

The vulnerability exists due to incorrect validation of ASN.1 structures within the asn1.validate() function in forge/lib/asn1.js. A remote non-authenticated attacker can use specially crafted ASN.1 structures to desynchronize DER schema validations and bypass downstream cryptographic verification and security decisions.


2) Uncontrolled recursion (CVE-ID: CVE-2025-68156)

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to uncontrolled recursion within the flatten, min, max, mean, and median function. A remote attacker can pass specially crafted input to the application and perform a denial of service attack. 


Remediation

Install update from vendor's website.

References