Main Vulnerability Database SB2026012868

SB2026012868 - SUSE update for python311

Published: January 28, 2026

Security Bulletin ID SB2026012868

Severity

Medium

Patch available

YES

Number of vulnerabilities 3

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Inefficient algorithmic complexity (CVE-ID: CVE-2025-12084)

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to usage of a quadratic algorithm when building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache(). A remote attacker can force the application to create excessively nested documents, leading to a denial of service condition.

2) Resource exhaustion (CVE-ID: CVE-2025-13836)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources when reading HTTP responses in Lib/http/client.py. A remote attacker can trigger memory exhaustion and perform a denial of service (DoS) attack.

3) Resource exhaustion (CVE-ID: CVE-2025-13837)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources in Lib/plistlib.py. A remote attacker can pass a specially crafted file to the application, trigger memory exhaustion and perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2026/suse-su-20260314-1/

Vulnerable Software

Basesystem Module: 15-SP7
Python 3 Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
openSUSE Leap: 15.6
libpython3_11-1_0-64bit-debuginfo: before 3.11.14-150600.3.41.2
python311-base-64bit: before 3.11.14-150600.3.41.2
libpython3_11-1_0-64bit: before 3.11.14-150600.3.41.2
python311-64bit-debuginfo: before 3.11.14-150600.3.41.2
python311-64bit: before 3.11.14-150600.3.41.2
python311-base-64bit-debuginfo: before 3.11.14-150600.3.41.2
libpython3_11-1_0-32bit-debuginfo: before 3.11.14-150600.3.41.2
python311-base-32bit: before 3.11.14-150600.3.41.2
python311-32bit: before 3.11.14-150600.3.41.2
libpython3_11-1_0-32bit: before 3.11.14-150600.3.41.2
python311-32bit-debuginfo: before 3.11.14-150600.3.41.2
python311-base-32bit-debuginfo: before 3.11.14-150600.3.41.2
libpython3_11-1_0-debuginfo: before 3.11.14-150600.3.41.2
python311-dbm-debuginfo: before 3.11.14-150600.3.41.2
python311-curses: before 3.11.14-150600.3.41.2
python311-core-debugsource: before 3.11.14-150600.3.41.2
python311-tools: before 3.11.14-150600.3.41.2
python311-doc: before 3.11.14-150600.3.41.1
python311-dbm: before 3.11.14-150600.3.41.2
python311-debugsource: before 3.11.14-150600.3.41.2
python311-idle: before 3.11.14-150600.3.41.2
python311-testsuite-debuginfo: before 3.11.14-150600.3.41.2
python311: before 3.11.14-150600.3.41.2
python311-testsuite: before 3.11.14-150600.3.41.2
python311-doc-devhelp: before 3.11.14-150600.3.41.1
python311-curses-debuginfo: before 3.11.14-150600.3.41.2
libpython3_11-1_0: before 3.11.14-150600.3.41.2
python311-devel: before 3.11.14-150600.3.41.2
python311-tk: before 3.11.14-150600.3.41.2
python311-base-debuginfo: before 3.11.14-150600.3.41.2
python311-base: before 3.11.14-150600.3.41.2
python311-debuginfo: before 3.11.14-150600.3.41.2
python311-tk-debuginfo: before 3.11.14-150600.3.41.2