Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2025:02964-1

Опубликовано: 22 авг. 2025
Источник: suse-cvrf

Описание

Security update for glibc

This update for glibc fixes the following issues:

  • CVE-2025-8058: Fixed double-free after allocation failure in regcomp. (bsc#1246965)

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15 SP6
glibc-2.38-150600.14.37.1
glibc-32bit-2.38-150600.14.37.1
glibc-devel-2.38-150600.14.37.1
glibc-extra-2.38-150600.14.37.1
glibc-i18ndata-2.38-150600.14.37.1
glibc-info-2.38-150600.14.37.1
glibc-lang-2.38-150600.14.37.1
glibc-locale-2.38-150600.14.37.1
glibc-locale-base-2.38-150600.14.37.1
glibc-locale-base-32bit-2.38-150600.14.37.1
glibc-profile-2.38-150600.14.37.1
libnsl1-2.38-150600.14.37.1
libnsl1-32bit-2.38-150600.14.37.1
nscd-2.38-150600.14.37.1
SUSE Linux Enterprise Module for Basesystem 15 SP7
glibc-2.38-150600.14.37.1
glibc-32bit-2.38-150600.14.37.1
glibc-devel-2.38-150600.14.37.1
glibc-extra-2.38-150600.14.37.1
glibc-i18ndata-2.38-150600.14.37.1
glibc-info-2.38-150600.14.37.1
glibc-lang-2.38-150600.14.37.1
glibc-locale-2.38-150600.14.37.1
glibc-locale-base-2.38-150600.14.37.1
glibc-locale-base-32bit-2.38-150600.14.37.1
glibc-profile-2.38-150600.14.37.1
libnsl1-2.38-150600.14.37.1
libnsl1-32bit-2.38-150600.14.37.1
nscd-2.38-150600.14.37.1
SUSE Linux Enterprise Module for Development Tools 15 SP6
glibc-devel-32bit-2.38-150600.14.37.1
glibc-devel-static-2.38-150600.14.37.1
glibc-utils-2.38-150600.14.37.1
SUSE Linux Enterprise Module for Development Tools 15 SP7
glibc-devel-32bit-2.38-150600.14.37.1
glibc-devel-static-2.38-150600.14.37.1
glibc-utils-2.38-150600.14.37.1
openSUSE Leap 15.6
glibc-2.38-150600.14.37.1
glibc-32bit-2.38-150600.14.37.1
glibc-devel-2.38-150600.14.37.1
glibc-devel-32bit-2.38-150600.14.37.1
glibc-devel-static-2.38-150600.14.37.1
glibc-devel-static-32bit-2.38-150600.14.37.1
glibc-extra-2.38-150600.14.37.1
glibc-html-2.38-150600.14.37.1
glibc-i18ndata-2.38-150600.14.37.1
glibc-info-2.38-150600.14.37.1
glibc-lang-2.38-150600.14.37.1
glibc-locale-2.38-150600.14.37.1
glibc-locale-base-2.38-150600.14.37.1
glibc-locale-base-32bit-2.38-150600.14.37.1
glibc-profile-2.38-150600.14.37.1
glibc-profile-32bit-2.38-150600.14.37.1
glibc-utils-2.38-150600.14.37.1
glibc-utils-32bit-2.38-150600.14.37.1
libnsl1-2.38-150600.14.37.1
libnsl1-32bit-2.38-150600.14.37.1
nscd-2.38-150600.14.37.1

Описание

The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free if some previous allocation fails. It can be accomplished either by a malloc failure or by using an interposed malloc that injects random malloc failures. The double free can allow buffer manipulation depending of how the regex is constructed. This issue affects all architectures and ABIs supported by the GNU C library.


Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP6:glibc-2.38-150600.14.37.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:glibc-32bit-2.38-150600.14.37.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:glibc-devel-2.38-150600.14.37.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:glibc-extra-2.38-150600.14.37.1

Ссылки