suse-su-2025:20416-1
Vulnerability from csaf_suse
Published
2025-06-12 07:37
Modified
2025-06-12 07:37
Summary
Security update for systemd
Notes
Title of the patch
Security update for systemd
Description of the patch
This update for systemd fixes the following issues:
- coredump: use %d in kernel core pattern (CVE-2025-4598)
- Revert "macro: terminate the temporary VA_ARGS_FOREACH() array with a sentinel" (SUSE specific)
- umount: do not move busy network mounts (bsc#1236177)
- man/pstore.conf: pstore.conf template is not always installed in /etc
- man: coredump.conf template is not always installed in /etc (bsc#1237496)
- Don't write messages sent from users with UID falling into the container UID
range to the system journal. Daemons in the container don't talk to the
outside journald as they talk to the inner one directly, which does its
journal splitting based on shifted uids. (bsc#1242938)
- This re-adds back the support for the persistent net name rules as well as
their generator since predictable naming scheme is still disabled by default
on Micro (via the `net.ifnames=0` boot option). (bsc#1241190)
Patchnames
SUSE-SLE-Micro-6.1-145
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for systemd",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for systemd fixes the following issues:\n\n- coredump: use %d in kernel core pattern (CVE-2025-4598)\n- Revert \"macro: terminate the temporary VA_ARGS_FOREACH() array with a sentinel\" (SUSE specific)\n- umount: do not move busy network mounts (bsc#1236177)\n- man/pstore.conf: pstore.conf template is not always installed in /etc\n- man: coredump.conf template is not always installed in /etc (bsc#1237496)\n- Don\u0027t write messages sent from users with UID falling into the container UID\n range to the system journal. Daemons in the container don\u0027t talk to the\n outside journald as they talk to the inner one directly, which does its\n journal splitting based on shifted uids. (bsc#1242938)\n- This re-adds back the support for the persistent net name rules as well as\n their generator since predictable naming scheme is still disabled by default\n on Micro (via the `net.ifnames=0` boot option). (bsc#1241190)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-145",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20416-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20416-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520416-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20416-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040399.html"
},
{
"category": "self",
"summary": "SUSE Bug 1236177",
"url": "https://bugzilla.suse.com/1236177"
},
{
"category": "self",
"summary": "SUSE Bug 1237496",
"url": "https://bugzilla.suse.com/1237496"
},
{
"category": "self",
"summary": "SUSE Bug 1241190",
"url": "https://bugzilla.suse.com/1241190"
},
{
"category": "self",
"summary": "SUSE Bug 1242938",
"url": "https://bugzilla.suse.com/1242938"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4598 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4598/"
}
],
"title": "Security update for systemd",
"tracking": {
"current_release_date": "2025-06-12T07:37:25Z",
"generator": {
"date": "2025-06-12T07:37:25Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20416-1",
"initial_release_date": "2025-06-12T07:37:25Z",
"revision_history": [
{
"date": "2025-06-12T07:37:25Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libsystemd0-254.25-slfo.1.1_1.1.aarch64",
"product": {
"name": "libsystemd0-254.25-slfo.1.1_1.1.aarch64",
"product_id": "libsystemd0-254.25-slfo.1.1_1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libudev1-254.25-slfo.1.1_1.1.aarch64",
"product": {
"name": "libudev1-254.25-slfo.1.1_1.1.aarch64",
"product_id": "libudev1-254.25-slfo.1.1_1.1.aarch64"
}
},
{
"category": "product_version",
"name": "systemd-254.25-slfo.1.1_1.1.aarch64",
"product": {
"name": "systemd-254.25-slfo.1.1_1.1.aarch64",
"product_id": "systemd-254.25-slfo.1.1_1.1.aarch64"
}
},
{
"category": "product_version",
"name": "systemd-container-254.25-slfo.1.1_1.1.aarch64",
"product": {
"name": "systemd-container-254.25-slfo.1.1_1.1.aarch64",
"product_id": "systemd-container-254.25-slfo.1.1_1.1.aarch64"
}
},
{
"category": "product_version",
"name": "systemd-coredump-254.25-slfo.1.1_1.1.aarch64",
"product": {
"name": "systemd-coredump-254.25-slfo.1.1_1.1.aarch64",
"product_id": "systemd-coredump-254.25-slfo.1.1_1.1.aarch64"
}
},
{
"category": "product_version",
"name": "systemd-experimental-254.25-slfo.1.1_1.1.aarch64",
"product": {
"name": "systemd-experimental-254.25-slfo.1.1_1.1.aarch64",
"product_id": "systemd-experimental-254.25-slfo.1.1_1.1.aarch64"
}
},
{
"category": "product_version",
"name": "systemd-journal-remote-254.25-slfo.1.1_1.1.aarch64",
"product": {
"name": "systemd-journal-remote-254.25-slfo.1.1_1.1.aarch64",
"product_id": "systemd-journal-remote-254.25-slfo.1.1_1.1.aarch64"
}
},
{
"category": "product_version",
"name": "systemd-portable-254.25-slfo.1.1_1.1.aarch64",
"product": {
"name": "systemd-portable-254.25-slfo.1.1_1.1.aarch64",
"product_id": "systemd-portable-254.25-slfo.1.1_1.1.aarch64"
}
},
{
"category": "product_version",
"name": "udev-254.25-slfo.1.1_1.1.aarch64",
"product": {
"name": "udev-254.25-slfo.1.1_1.1.aarch64",
"product_id": "udev-254.25-slfo.1.1_1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libsystemd0-254.25-slfo.1.1_1.1.s390x",
"product": {
"name": "libsystemd0-254.25-slfo.1.1_1.1.s390x",
"product_id": "libsystemd0-254.25-slfo.1.1_1.1.s390x"
}
},
{
"category": "product_version",
"name": "libudev1-254.25-slfo.1.1_1.1.s390x",
"product": {
"name": "libudev1-254.25-slfo.1.1_1.1.s390x",
"product_id": "libudev1-254.25-slfo.1.1_1.1.s390x"
}
},
{
"category": "product_version",
"name": "systemd-254.25-slfo.1.1_1.1.s390x",
"product": {
"name": "systemd-254.25-slfo.1.1_1.1.s390x",
"product_id": "systemd-254.25-slfo.1.1_1.1.s390x"
}
},
{
"category": "product_version",
"name": "systemd-container-254.25-slfo.1.1_1.1.s390x",
"product": {
"name": "systemd-container-254.25-slfo.1.1_1.1.s390x",
"product_id": "systemd-container-254.25-slfo.1.1_1.1.s390x"
}
},
{
"category": "product_version",
"name": "systemd-coredump-254.25-slfo.1.1_1.1.s390x",
"product": {
"name": "systemd-coredump-254.25-slfo.1.1_1.1.s390x",
"product_id": "systemd-coredump-254.25-slfo.1.1_1.1.s390x"
}
},
{
"category": "product_version",
"name": "systemd-experimental-254.25-slfo.1.1_1.1.s390x",
"product": {
"name": "systemd-experimental-254.25-slfo.1.1_1.1.s390x",
"product_id": "systemd-experimental-254.25-slfo.1.1_1.1.s390x"
}
},
{
"category": "product_version",
"name": "systemd-journal-remote-254.25-slfo.1.1_1.1.s390x",
"product": {
"name": "systemd-journal-remote-254.25-slfo.1.1_1.1.s390x",
"product_id": "systemd-journal-remote-254.25-slfo.1.1_1.1.s390x"
}
},
{
"category": "product_version",
"name": "systemd-portable-254.25-slfo.1.1_1.1.s390x",
"product": {
"name": "systemd-portable-254.25-slfo.1.1_1.1.s390x",
"product_id": "systemd-portable-254.25-slfo.1.1_1.1.s390x"
}
},
{
"category": "product_version",
"name": "udev-254.25-slfo.1.1_1.1.s390x",
"product": {
"name": "udev-254.25-slfo.1.1_1.1.s390x",
"product_id": "udev-254.25-slfo.1.1_1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libsystemd0-254.25-slfo.1.1_1.1.x86_64",
"product": {
"name": "libsystemd0-254.25-slfo.1.1_1.1.x86_64",
"product_id": "libsystemd0-254.25-slfo.1.1_1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libudev1-254.25-slfo.1.1_1.1.x86_64",
"product": {
"name": "libudev1-254.25-slfo.1.1_1.1.x86_64",
"product_id": "libudev1-254.25-slfo.1.1_1.1.x86_64"
}
},
{
"category": "product_version",
"name": "systemd-254.25-slfo.1.1_1.1.x86_64",
"product": {
"name": "systemd-254.25-slfo.1.1_1.1.x86_64",
"product_id": "systemd-254.25-slfo.1.1_1.1.x86_64"
}
},
{
"category": "product_version",
"name": "systemd-container-254.25-slfo.1.1_1.1.x86_64",
"product": {
"name": "systemd-container-254.25-slfo.1.1_1.1.x86_64",
"product_id": "systemd-container-254.25-slfo.1.1_1.1.x86_64"
}
},
{
"category": "product_version",
"name": "systemd-coredump-254.25-slfo.1.1_1.1.x86_64",
"product": {
"name": "systemd-coredump-254.25-slfo.1.1_1.1.x86_64",
"product_id": "systemd-coredump-254.25-slfo.1.1_1.1.x86_64"
}
},
{
"category": "product_version",
"name": "systemd-experimental-254.25-slfo.1.1_1.1.x86_64",
"product": {
"name": "systemd-experimental-254.25-slfo.1.1_1.1.x86_64",
"product_id": "systemd-experimental-254.25-slfo.1.1_1.1.x86_64"
}
},
{
"category": "product_version",
"name": "systemd-journal-remote-254.25-slfo.1.1_1.1.x86_64",
"product": {
"name": "systemd-journal-remote-254.25-slfo.1.1_1.1.x86_64",
"product_id": "systemd-journal-remote-254.25-slfo.1.1_1.1.x86_64"
}
},
{
"category": "product_version",
"name": "systemd-portable-254.25-slfo.1.1_1.1.x86_64",
"product": {
"name": "systemd-portable-254.25-slfo.1.1_1.1.x86_64",
"product_id": "systemd-portable-254.25-slfo.1.1_1.1.x86_64"
}
},
{
"category": "product_version",
"name": "udev-254.25-slfo.1.1_1.1.x86_64",
"product": {
"name": "udev-254.25-slfo.1.1_1.1.x86_64",
"product_id": "udev-254.25-slfo.1.1_1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libsystemd0-254.25-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libsystemd0-254.25-slfo.1.1_1.1.aarch64"
},
"product_reference": "libsystemd0-254.25-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsystemd0-254.25-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libsystemd0-254.25-slfo.1.1_1.1.s390x"
},
"product_reference": "libsystemd0-254.25-slfo.1.1_1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsystemd0-254.25-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libsystemd0-254.25-slfo.1.1_1.1.x86_64"
},
"product_reference": "libsystemd0-254.25-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libudev1-254.25-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libudev1-254.25-slfo.1.1_1.1.aarch64"
},
"product_reference": "libudev1-254.25-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libudev1-254.25-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libudev1-254.25-slfo.1.1_1.1.s390x"
},
"product_reference": "libudev1-254.25-slfo.1.1_1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libudev1-254.25-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libudev1-254.25-slfo.1.1_1.1.x86_64"
},
"product_reference": "libudev1-254.25-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-254.25-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:systemd-254.25-slfo.1.1_1.1.aarch64"
},
"product_reference": "systemd-254.25-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-254.25-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:systemd-254.25-slfo.1.1_1.1.s390x"
},
"product_reference": "systemd-254.25-slfo.1.1_1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-254.25-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:systemd-254.25-slfo.1.1_1.1.x86_64"
},
"product_reference": "systemd-254.25-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-container-254.25-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:systemd-container-254.25-slfo.1.1_1.1.aarch64"
},
"product_reference": "systemd-container-254.25-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-container-254.25-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:systemd-container-254.25-slfo.1.1_1.1.s390x"
},
"product_reference": "systemd-container-254.25-slfo.1.1_1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-container-254.25-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:systemd-container-254.25-slfo.1.1_1.1.x86_64"
},
"product_reference": "systemd-container-254.25-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-coredump-254.25-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:systemd-coredump-254.25-slfo.1.1_1.1.aarch64"
},
"product_reference": "systemd-coredump-254.25-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-coredump-254.25-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:systemd-coredump-254.25-slfo.1.1_1.1.s390x"
},
"product_reference": "systemd-coredump-254.25-slfo.1.1_1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-coredump-254.25-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:systemd-coredump-254.25-slfo.1.1_1.1.x86_64"
},
"product_reference": "systemd-coredump-254.25-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-experimental-254.25-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:systemd-experimental-254.25-slfo.1.1_1.1.aarch64"
},
"product_reference": "systemd-experimental-254.25-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-experimental-254.25-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:systemd-experimental-254.25-slfo.1.1_1.1.s390x"
},
"product_reference": "systemd-experimental-254.25-slfo.1.1_1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-experimental-254.25-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:systemd-experimental-254.25-slfo.1.1_1.1.x86_64"
},
"product_reference": "systemd-experimental-254.25-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-journal-remote-254.25-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:systemd-journal-remote-254.25-slfo.1.1_1.1.aarch64"
},
"product_reference": "systemd-journal-remote-254.25-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-journal-remote-254.25-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:systemd-journal-remote-254.25-slfo.1.1_1.1.s390x"
},
"product_reference": "systemd-journal-remote-254.25-slfo.1.1_1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-journal-remote-254.25-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:systemd-journal-remote-254.25-slfo.1.1_1.1.x86_64"
},
"product_reference": "systemd-journal-remote-254.25-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-portable-254.25-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:systemd-portable-254.25-slfo.1.1_1.1.aarch64"
},
"product_reference": "systemd-portable-254.25-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-portable-254.25-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:systemd-portable-254.25-slfo.1.1_1.1.s390x"
},
"product_reference": "systemd-portable-254.25-slfo.1.1_1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-portable-254.25-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:systemd-portable-254.25-slfo.1.1_1.1.x86_64"
},
"product_reference": "systemd-portable-254.25-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "udev-254.25-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:udev-254.25-slfo.1.1_1.1.aarch64"
},
"product_reference": "udev-254.25-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "udev-254.25-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:udev-254.25-slfo.1.1_1.1.s390x"
},
"product_reference": "udev-254.25-slfo.1.1_1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "udev-254.25-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:udev-254.25-slfo.1.1_1.1.x86_64"
},
"product_reference": "udev-254.25-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-4598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4598"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original\u0027s privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner\u0027s permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original\u0027s SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libsystemd0-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libsystemd0-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libsystemd0-254.25-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:libudev1-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libudev1-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libudev1-254.25-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:systemd-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:systemd-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:systemd-254.25-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:systemd-container-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:systemd-container-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:systemd-container-254.25-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:systemd-coredump-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:systemd-coredump-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:systemd-coredump-254.25-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:systemd-experimental-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:systemd-experimental-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:systemd-experimental-254.25-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:systemd-journal-remote-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:systemd-journal-remote-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:systemd-journal-remote-254.25-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:systemd-portable-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:systemd-portable-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:systemd-portable-254.25-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:udev-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:udev-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:udev-254.25-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4598",
"url": "https://www.suse.com/security/cve/CVE-2025-4598"
},
{
"category": "external",
"summary": "SUSE Bug 1243935 for CVE-2025-4598",
"url": "https://bugzilla.suse.com/1243935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libsystemd0-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libsystemd0-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libsystemd0-254.25-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:libudev1-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libudev1-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libudev1-254.25-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:systemd-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:systemd-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:systemd-254.25-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:systemd-container-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:systemd-container-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:systemd-container-254.25-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:systemd-coredump-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:systemd-coredump-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:systemd-coredump-254.25-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:systemd-experimental-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:systemd-experimental-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:systemd-experimental-254.25-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:systemd-journal-remote-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:systemd-journal-remote-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:systemd-journal-remote-254.25-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:systemd-portable-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:systemd-portable-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:systemd-portable-254.25-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:udev-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:udev-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:udev-254.25-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libsystemd0-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libsystemd0-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libsystemd0-254.25-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:libudev1-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libudev1-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libudev1-254.25-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:systemd-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:systemd-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:systemd-254.25-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:systemd-container-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:systemd-container-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:systemd-container-254.25-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:systemd-coredump-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:systemd-coredump-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:systemd-coredump-254.25-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:systemd-experimental-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:systemd-experimental-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:systemd-experimental-254.25-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:systemd-journal-remote-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:systemd-journal-remote-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:systemd-journal-remote-254.25-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:systemd-portable-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:systemd-portable-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:systemd-portable-254.25-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:udev-254.25-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:udev-254.25-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:udev-254.25-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T07:37:25Z",
"details": "moderate"
}
],
"title": "CVE-2025-4598"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…