Описание
Security update for google-guest-agent
This update for google-guest-agent fixes the following issues:
- CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing (bsc#1239197)
Список пакетов
SUSE Linux Enterprise Micro 5.5
google-guest-agent-20250116.00-150000.1.57.1
SUSE Linux Enterprise Module for Public Cloud 15 SP3
google-guest-agent-20250116.00-150000.1.57.1
SUSE Linux Enterprise Module for Public Cloud 15 SP4
google-guest-agent-20250116.00-150000.1.57.1
SUSE Linux Enterprise Module for Public Cloud 15 SP5
google-guest-agent-20250116.00-150000.1.57.1
SUSE Linux Enterprise Module for Public Cloud 15 SP6
google-guest-agent-20250116.00-150000.1.57.1
openSUSE Leap 15.6
google-guest-agent-20250116.00-150000.1.57.1
Ссылки
- Link for SUSE-SU-2025:1005-1
- E-Mail link for SUSE-SU-2025:1005-1
- SUSE Security Ratings
- SUSE Bug 1239197
- SUSE CVE CVE-2025-22868 page
Описание
An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.
Затронутые продукты
SUSE Linux Enterprise Micro 5.5:google-guest-agent-20250116.00-150000.1.57.1
SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-guest-agent-20250116.00-150000.1.57.1
SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-guest-agent-20250116.00-150000.1.57.1
SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-guest-agent-20250116.00-150000.1.57.1
Ссылки
- CVE-2025-22868
- SUSE Bug 1239186