Описание
Security update for google-osconfig-agent
This update for google-osconfig-agent fixes the following issues:
- CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing (bsc#1239197)
Список пакетов
SUSE Linux Enterprise Micro 5.5
google-osconfig-agent-20250115.01-150000.1.47.1
SUSE Linux Enterprise Module for Public Cloud 15 SP3
google-osconfig-agent-20250115.01-150000.1.47.1
SUSE Linux Enterprise Module for Public Cloud 15 SP4
google-osconfig-agent-20250115.01-150000.1.47.1
SUSE Linux Enterprise Module for Public Cloud 15 SP5
google-osconfig-agent-20250115.01-150000.1.47.1
SUSE Linux Enterprise Module for Public Cloud 15 SP6
google-osconfig-agent-20250115.01-150000.1.47.1
openSUSE Leap 15.6
google-osconfig-agent-20250115.01-150000.1.47.1
Ссылки
- Link for SUSE-SU-2025:1006-1
- E-Mail link for SUSE-SU-2025:1006-1
- SUSE Security Ratings
- SUSE Bug 1239197
- SUSE CVE CVE-2025-22868 page
Описание
An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.
Затронутые продукты
SUSE Linux Enterprise Micro 5.5:google-osconfig-agent-20250115.01-150000.1.47.1
SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-osconfig-agent-20250115.01-150000.1.47.1
SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-osconfig-agent-20250115.01-150000.1.47.1
SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-osconfig-agent-20250115.01-150000.1.47.1
Ссылки
- CVE-2025-22868
- SUSE Bug 1239186