Описание
Security update for polkit
This update for polkit fixes the following issues:
- CVE-2025-7519: Fixed a XML policy file with a large number of nested elements that may lead to out-of-bounds write. (bsc#1246472)
Список пакетов
Container bci/spack:0.23
libpolkit-agent-1-0-121-150500.3.6.1
libpolkit-gobject-1-0-121-150500.3.6.1
polkit-121-150500.3.6.1
Container suse/sle-micro/5.5:latest
libpolkit-agent-1-0-121-150500.3.6.1
libpolkit-gobject-1-0-121-150500.3.6.1
polkit-121-150500.3.6.1
Image SLES15-SP5-BYOS-Azure
libpolkit-agent-1-0-121-150500.3.6.1
libpolkit-gobject-1-0-121-150500.3.6.1
polkit-121-150500.3.6.1
Image SLES15-SP5-Hardened-BYOS-Azure
libpolkit-agent-1-0-121-150500.3.6.1
libpolkit-gobject-1-0-121-150500.3.6.1
polkit-121-150500.3.6.1
Image SLES15-SP5-SAP-BYOS-Azure
libpolkit-agent-1-0-121-150500.3.6.1
libpolkit-gobject-1-0-121-150500.3.6.1
polkit-121-150500.3.6.1
Image SLES15-SP5-SAP-Hardened-BYOS-Azure
libpolkit-agent-1-0-121-150500.3.6.1
libpolkit-gobject-1-0-121-150500.3.6.1
polkit-121-150500.3.6.1
Image SLES15-SP6-HPC-BYOS
libpolkit-agent-1-0-121-150500.3.6.1
libpolkit-gobject-1-0-121-150500.3.6.1
polkit-121-150500.3.6.1
Image SLES15-SP6-HPC-BYOS-EC2
libpolkit-agent-1-0-121-150500.3.6.1
libpolkit-gobject-1-0-121-150500.3.6.1
polkit-121-150500.3.6.1
Image SLES15-SP6-HPC-EC2
libpolkit-agent-1-0-121-150500.3.6.1
libpolkit-gobject-1-0-121-150500.3.6.1
polkit-121-150500.3.6.1
Image SLES15-SP6-Hardened-BYOS
libpolkit-agent-1-0-121-150500.3.6.1
libpolkit-gobject-1-0-121-150500.3.6.1
polkit-121-150500.3.6.1
Image SLES15-SP6-Hardened-BYOS-EC2
libpolkit-agent-1-0-121-150500.3.6.1
libpolkit-gobject-1-0-121-150500.3.6.1
polkit-121-150500.3.6.1
Image SLES15-SP6-SAP-Hardened-BYOS
libpolkit-agent-1-0-121-150500.3.6.1
libpolkit-gobject-1-0-121-150500.3.6.1
polkit-121-150500.3.6.1
Image SLES15-SP6-SAP-Hardened-BYOS-EC2
libpolkit-agent-1-0-121-150500.3.6.1
libpolkit-gobject-1-0-121-150500.3.6.1
polkit-121-150500.3.6.1
Image SLES15-SP6-SAP-Hardened-EC2
libpolkit-agent-1-0-121-150500.3.6.1
libpolkit-gobject-1-0-121-150500.3.6.1
polkit-121-150500.3.6.1
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
libpolkit-agent-1-0-121-150500.3.6.1
libpolkit-gobject-1-0-121-150500.3.6.1
pkexec-121-150500.3.6.1
polkit-121-150500.3.6.1
polkit-devel-121-150500.3.6.1
typelib-1_0-Polkit-1_0-121-150500.3.6.1
SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
libpolkit-agent-1-0-121-150500.3.6.1
libpolkit-gobject-1-0-121-150500.3.6.1
pkexec-121-150500.3.6.1
polkit-121-150500.3.6.1
polkit-devel-121-150500.3.6.1
typelib-1_0-Polkit-1_0-121-150500.3.6.1
SUSE Linux Enterprise Micro 5.5
libpolkit-agent-1-0-121-150500.3.6.1
libpolkit-gobject-1-0-121-150500.3.6.1
polkit-121-150500.3.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP6
libpolkit-agent-1-0-121-150500.3.6.1
libpolkit-gobject-1-0-121-150500.3.6.1
pkexec-121-150500.3.6.1
polkit-121-150500.3.6.1
polkit-devel-121-150500.3.6.1
typelib-1_0-Polkit-1_0-121-150500.3.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP7
libpolkit-agent-1-0-121-150500.3.6.1
libpolkit-gobject-1-0-121-150500.3.6.1
pkexec-121-150500.3.6.1
polkit-121-150500.3.6.1
polkit-devel-121-150500.3.6.1
typelib-1_0-Polkit-1_0-121-150500.3.6.1
SUSE Linux Enterprise Server 15 SP5-LTSS
libpolkit-agent-1-0-121-150500.3.6.1
libpolkit-gobject-1-0-121-150500.3.6.1
pkexec-121-150500.3.6.1
polkit-121-150500.3.6.1
polkit-devel-121-150500.3.6.1
typelib-1_0-Polkit-1_0-121-150500.3.6.1
SUSE Linux Enterprise Server for SAP Applications 15 SP5
libpolkit-agent-1-0-121-150500.3.6.1
libpolkit-gobject-1-0-121-150500.3.6.1
pkexec-121-150500.3.6.1
polkit-121-150500.3.6.1
polkit-devel-121-150500.3.6.1
typelib-1_0-Polkit-1_0-121-150500.3.6.1
openSUSE Leap 15.6
libpolkit-agent-1-0-121-150500.3.6.1
libpolkit-agent-1-0-32bit-121-150500.3.6.1
libpolkit-gobject-1-0-121-150500.3.6.1
libpolkit-gobject-1-0-32bit-121-150500.3.6.1
pkexec-121-150500.3.6.1
polkit-121-150500.3.6.1
polkit-devel-121-150500.3.6.1
polkit-doc-121-150500.3.6.1
typelib-1_0-Polkit-1_0-121-150500.3.6.1
Ссылки
- Link for SUSE-SU-2025:02527-1
- E-Mail link for SUSE-SU-2025:02527-1
- SUSE Security Ratings
- SUSE Bug 1246472
- SUSE CVE CVE-2025-7519 page
Описание
A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly.
Затронутые продукты
Container bci/spack:0.23:libpolkit-agent-1-0-121-150500.3.6.1
Container bci/spack:0.23:libpolkit-gobject-1-0-121-150500.3.6.1
Container bci/spack:0.23:polkit-121-150500.3.6.1
Container suse/sle-micro/5.5:latest:libpolkit-agent-1-0-121-150500.3.6.1
Ссылки
- CVE-2025-7519
- SUSE Bug 1246472