SUSE-SU-2025:02740-1

Опубликовано: 08 авг. 2025

Источник: suse-cvrf

Описание

Security update for tgt

This update for tgt fixes the following issues:

CVE-2024-45751: Fixed CHAP authentication bypass in user-space Linux target framework (bsc#1230360)

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15 SP6

tgt-1.0.85-150600.10.3.1

SUSE Linux Enterprise Module for Basesystem 15 SP7

tgt-1.0.85-150600.10.3.1

openSUSE Leap 15.6

tgt-1.0.85-150600.10.3.1

Ссылки

https://www.suse.com/support/update/announcement/2025/suse-su-202502740-1/
Link for SUSE-SU-2025:02740-1
https://lists.suse.com/pipermail/sle-updates/2025-August/041147.html
E-Mail link for SUSE-SU-2025:02740-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1230360
SUSE Bug 1230360
https://www.suse.com/security/cve/CVE-2024-45751/
SUSE CVE CVE-2024-45751 page

Описание

tgt (aka Linux target framework) before 1.0.93 attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical.

Затронутые продукты

SUSE Linux Enterprise Module for Basesystem 15 SP6:tgt-1.0.85-150600.10.3.1

SUSE Linux Enterprise Module for Basesystem 15 SP7:tgt-1.0.85-150600.10.3.1

openSUSE Leap 15.6:tgt-1.0.85-150600.10.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-45751.html
CVE-2024-45751
https://bugzilla.suse.com/1230360
SUSE Bug 1230360

SUSE-SU-2025:02740-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15 SP6

SUSE Linux Enterprise Module for Basesystem 15 SP7

openSUSE Leap 15.6

Ссылки

Уязвимость: CVE-2024-45751

Описание

Затронутые продукты

Ссылки