Описание
Security update for augeas
This update for augeas fixes the following issues:
- CVE-2025-2588: Check for NULL pointers when calling re_case_expand in function fa_expand_nocase. (bsc#1239909)
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP6
augeas-1.14.1-150600.3.3.1
augeas-devel-1.14.1-150600.3.3.1
augeas-lenses-1.14.1-150600.3.3.1
libaugeas0-1.14.1-150600.3.3.1
libfa1-1.14.1-150600.3.3.1
openSUSE Leap 15.6
augeas-1.14.1-150600.3.3.1
augeas-bash-completion-1.14.1-150600.3.3.1
augeas-devel-1.14.1-150600.3.3.1
augeas-devel-32bit-1.14.1-150600.3.3.1
augeas-lense-tests-1.14.1-150600.3.3.1
augeas-lenses-1.14.1-150600.3.3.1
libaugeas0-1.14.1-150600.3.3.1
libaugeas0-32bit-1.14.1-150600.3.3.1
libfa1-1.14.1-150600.3.3.1
libfa1-32bit-1.14.1-150600.3.3.1
Ссылки
- Link for SUSE-SU-2025:1534-1
- E-Mail link for SUSE-SU-2025:1534-1
- SUSE Security Ratings
- SUSE Bug 1239909
- SUSE CVE CVE-2025-2588 page
Описание
A vulnerability has been found in Hercules Augeas 1.14.1 and classified as problematic. This vulnerability affects the function re_case_expand of the file src/fa.c. The manipulation of the argument re leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP6:augeas-1.14.1-150600.3.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:augeas-devel-1.14.1-150600.3.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:augeas-lenses-1.14.1-150600.3.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:libaugeas0-1.14.1-150600.3.3.1
Ссылки
- CVE-2025-2588
- SUSE Bug 1239909