Описание
Security update for cmake
This update for cmake fixes the following issues:
- CVE-2025-9301: Fixed assertion failure due to improper validation (bsc#1248461)
Список пакетов
Container bci/spack:0.23
cmake-3.28.3-150600.3.3.1
cmake-full-3.28.3-150600.3.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP6
cmake-3.28.3-150600.3.3.1
cmake-full-3.28.3-150600.3.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP7
cmake-3.28.3-150600.3.3.1
cmake-full-3.28.3-150600.3.3.1
openSUSE Leap 15.6
cmake-3.28.3-150600.3.3.1
cmake-full-3.28.3-150600.3.3.1
cmake-gui-3.28.3-150600.3.3.1
cmake-man-3.28.3-150600.3.3.1
Ссылки
- Link for SUSE-SU-2025:3812-1
- E-Mail link for SUSE-SU-2025:3812-1
- SUSE Security Ratings
- SUSE Bug 1248461
- SUSE CVE CVE-2025-9301 page
Описание
A vulnerability was determined in cmake 4.1.20250725-gb5cce23. This affects the function cmForEachFunctionBlocker::ReplayItems of the file cmForEachCommand.cxx. This manipulation causes reachable assertion. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. Patch name: 37e27f71bc356d880c908040cd0cb68fa2c371b8. It is suggested to install a patch to address this issue.
Затронутые продукты
Container bci/spack:0.23:cmake-3.28.3-150600.3.3.1
Container bci/spack:0.23:cmake-full-3.28.3-150600.3.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:cmake-3.28.3-150600.3.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:cmake-full-3.28.3-150600.3.3.1
Ссылки
- CVE-2025-9301
- SUSE Bug 1248461