SUSE-SU-2026:0115-1

Опубликовано: 12 янв. 2026

Источник: suse-cvrf

Описание

Security update for util-linux

This update for util-linux fixes the following issues:

CVE-2025-14104: Fixed heap buffer overread in setpwnam() when processing 256-byte usernames (bsc#1254666).
lscpu: Add support for NVIDIA Olympus arm64 core (jsc#PED-13682).

Список пакетов

openSUSE Leap 15.6

libblkid-devel-2.39.3-150600.4.15.1

libblkid-devel-32bit-2.39.3-150600.4.15.1

libblkid-devel-static-2.39.3-150600.4.15.1

libblkid1-2.39.3-150600.4.15.1

libblkid1-32bit-2.39.3-150600.4.15.1

libfdisk-devel-2.39.3-150600.4.15.1

libfdisk-devel-32bit-2.39.3-150600.4.15.1

libfdisk-devel-static-2.39.3-150600.4.15.1

libfdisk1-2.39.3-150600.4.15.1

libfdisk1-32bit-2.39.3-150600.4.15.1

libmount-devel-2.39.3-150600.4.15.1

libmount-devel-32bit-2.39.3-150600.4.15.1

libmount-devel-static-2.39.3-150600.4.15.1

libmount1-2.39.3-150600.4.15.1

libmount1-32bit-2.39.3-150600.4.15.1

libsmartcols-devel-2.39.3-150600.4.15.1

libsmartcols-devel-32bit-2.39.3-150600.4.15.1

libsmartcols-devel-static-2.39.3-150600.4.15.1

libsmartcols1-2.39.3-150600.4.15.1

libsmartcols1-32bit-2.39.3-150600.4.15.1

libuuid-devel-2.39.3-150600.4.15.1

libuuid-devel-32bit-2.39.3-150600.4.15.1

libuuid-devel-static-2.39.3-150600.4.15.1

libuuid1-2.39.3-150600.4.15.1

libuuid1-32bit-2.39.3-150600.4.15.1

python3-libmount-2.39.3-150600.4.15.1

util-linux-2.39.3-150600.4.15.1

util-linux-lang-2.39.3-150600.4.15.1

util-linux-systemd-2.39.3-150600.4.15.1

util-linux-tty-tools-2.39.3-150600.4.15.1

uuidd-2.39.3-150600.4.15.1

Ссылки

https://www.suse.com/support/update/announcement/2026/suse-su-20260115-1/
Link for SUSE-SU-2026:0115-1
https://lists.suse.com/pipermail/sle-security-updates/2026-January/023734.html
E-Mail link for SUSE-SU-2026:0115-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1254666
SUSE Bug 1254666
https://www.suse.com/security/cve/CVE-2025-14104/
SUSE CVE CVE-2025-14104 page

Описание

A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.

Затронутые продукты

openSUSE Leap 15.6:libblkid-devel-2.39.3-150600.4.15.1

openSUSE Leap 15.6:libblkid-devel-32bit-2.39.3-150600.4.15.1

openSUSE Leap 15.6:libblkid-devel-static-2.39.3-150600.4.15.1

openSUSE Leap 15.6:libblkid1-2.39.3-150600.4.15.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-14104.html
CVE-2025-14104
https://bugzilla.suse.com/1254666
SUSE Bug 1254666

SUSE-SU-2026:0115-1

Описание

Список пакетов

openSUSE Leap 15.6

Ссылки

Уязвимость: CVE-2025-14104

Описание

Затронутые продукты

Ссылки