Описание
Security update for s390-tools
This update for s390-tools fixes the following issues:
Security issues fixed:
- CVE-2025-3416: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate. (bsc#1242622)
Other issues:
- Added the new IBM z17 (9175) processor type.
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP7
libekmfweb1-2.37.0-150700.4.3.1
libekmfweb1-devel-2.37.0-150700.4.3.1
libkmipclient1-2.37.0-150700.4.3.1
osasnmpd-2.37.0-150700.4.3.1
s390-tools-2.37.0-150700.4.3.1
s390-tools-chreipl-fcp-mpath-2.37.0-150700.4.3.1
s390-tools-genprotimg-data-2.37.0-150700.4.3.1
s390-tools-hmcdrvfs-2.37.0-150700.4.3.1
s390-tools-zdsfs-2.37.0-150700.4.3.1
Ссылки
- Link for SUSE-SU-2025:02017-1
- E-Mail link for SUSE-SU-2025:02017-1
- SUSE Security Ratings
- SUSE Bug 1242622
- SUSE CVE CVE-2025-3416 page
Описание
A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP7:libekmfweb1-2.37.0-150700.4.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libekmfweb1-devel-2.37.0-150700.4.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libkmipclient1-2.37.0-150700.4.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:osasnmpd-2.37.0-150700.4.3.1
Ссылки
- CVE-2025-3416
- SUSE Bug 1242599