SUSE-SU-2026:0412-1

Опубликовано: 10 фев. 2026

Источник: suse-cvrf

Описание

Security update for abseil-cpp

This update for abseil-cpp fixes the following issues:

Update to 20240116.3

CVE-2025-0838: Fixed potential integer overflow in hash container create/resize (bsc#1237543).

Список пакетов

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

abseil-cpp-devel-20240116.3-8.6.1

Ссылки

https://www.suse.com/support/update/announcement/2026/suse-su-20260412-1/
Link for SUSE-SU-2026:0412-1
https://lists.suse.com/pipermail/sle-security-updates/2026-February/024086.html
E-Mail link for SUSE-SU-2026:0412-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1237543
SUSE Bug 1237543
https://www.suse.com/security/cve/CVE-2025-0838/
SUSE CVE CVE-2025-0838 page

Описание

There exists a heap buffer overflow vulnerable in Abseil-cpp. The sized constructors, reserve(), and rehash() methods of absl::{flat,node}hash{set,map} did not impose an upper bound on their size argument. As a result, it was possible for a caller to pass a very large size that would cause an integer overflow when computing the size of the container's backing store, and a subsequent out-of-bounds memory write. Subsequent accesses to the container might also access out-of-bounds memory. We recommend upgrading past commit 5a0e2cb5e3958dd90bb8569a2766622cb74d90c1

Затронутые продукты

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:abseil-cpp-devel-20240116.3-8.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-0838.html
CVE-2025-0838
https://bugzilla.suse.com/1237543
SUSE Bug 1237543

SUSE-SU-2026:0412-1

Описание

Список пакетов

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

Ссылки

Уязвимость: CVE-2025-0838

Описание

Затронутые продукты

Ссылки