Описание
Security update for augeas
This update for augeas fixes the following issues:
- CVE-2025-2588: Check for NULL pointers when calling re_case_expand in function fa_expand_nocase. (bsc#1239909)
Список пакетов
Container suse/ltss/sle12.5/sles12sp5:latest
libaugeas0-1.10.1-4.6.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
augeas-1.10.1-4.6.1
augeas-devel-1.10.1-4.6.1
augeas-lenses-1.10.1-4.6.1
libaugeas0-1.10.1-4.6.1
Ссылки
- Link for SUSE-SU-2025:01754-1
- E-Mail link for SUSE-SU-2025:01754-1
- SUSE Security Ratings
- SUSE Bug 1239909
- SUSE CVE CVE-2025-2588 page
Описание
A vulnerability has been found in Hercules Augeas 1.14.1 and classified as problematic. This vulnerability affects the function re_case_expand of the file src/fa.c. The manipulation of the argument re leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
Затронутые продукты
Container suse/ltss/sle12.5/sles12sp5:latest:libaugeas0-1.10.1-4.6.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:augeas-1.10.1-4.6.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:augeas-devel-1.10.1-4.6.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:augeas-lenses-1.10.1-4.6.1
Ссылки
- CVE-2025-2588
- SUSE Bug 1239909