Описание
Security update for azure-cli-core
This update for azure-cli-core fixes the following issues:
- CVE-2025-24049: Fixed improper neutralization of special elements used in a command allows an unauthorized attacker to elevate privileges locally (bsc#1239460).
Список пакетов
SUSE Linux Enterprise Module for Public Cloud 15 SP4
azure-cli-core-2.58.0-150400.14.6.1
SUSE Linux Enterprise Module for Public Cloud 15 SP5
azure-cli-core-2.58.0-150400.14.6.1
SUSE Linux Enterprise Module for Public Cloud 15 SP6
azure-cli-core-2.58.0-150400.14.6.1
openSUSE Leap 15.6
azure-cli-core-2.58.0-150400.14.6.1
Ссылки
- Link for SUSE-SU-2025:1019-1
- E-Mail link for SUSE-SU-2025:1019-1
- SUSE Security Ratings
- SUSE Bug 1239460
- SUSE CVE CVE-2025-24049 page
Описание
Improper neutralization of special elements used in a command ('command injection') in Azure Command Line Integration (CLI) allows an unauthorized attacker to elevate privileges locally.
Затронутые продукты
SUSE Linux Enterprise Module for Public Cloud 15 SP4:azure-cli-core-2.58.0-150400.14.6.1
SUSE Linux Enterprise Module for Public Cloud 15 SP5:azure-cli-core-2.58.0-150400.14.6.1
SUSE Linux Enterprise Module for Public Cloud 15 SP6:azure-cli-core-2.58.0-150400.14.6.1
openSUSE Leap 15.6:azure-cli-core-2.58.0-150400.14.6.1
Ссылки
- CVE-2025-24049
- SUSE Bug 1239460