suse-su-2025:20554-1
Vulnerability from csaf_suse
Published
2025-08-12 14:05
Modified
2025-08-12 14:05
Summary
Security update for systemd
Notes
Title of the patch
Security update for systemd
Description of the patch
This update for systemd fixes the following issues:
- Remove the script used to help migrating the language and locale settings
located in /etc/sysconfig/language on old systems to the systemd default
locations (bsc#1247074)
The script was introduced more than 7 years ago and all systems running TW
should have been migrated since then. Moreover the installer supports the
systemd default locations since approximately SLE15.
- triggers.systemd: skip update of hwdb, journal-catalog if executed during an
offline update.
- logs-show: get timestamp and boot ID only when necessary (bsc#1242827)
- sd-journal: drop to use Hashmap to manage journal files per boot ID
- tree-wide: set SD_JOURNAL_ASSUME_IMMUTABLE where appropriate
- sd-journal: introduce SD_JOURNAL_ASSUME_IMMUTABLE flag
- sd-journal: make journal_file_read_tail_timestamp() notify to the caller that some new journal entries added
- sd-journal: cache last entry offset and journal file state
- sd-journal: fix typo in function name
- coredump: use %d in kernel core pattern (bsc#1243935 CVE-2025-4598)
Patchnames
SUSE-SLE-Micro-6.0-416
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for systemd",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for systemd fixes the following issues:\n\n- Remove the script used to help migrating the language and locale settings\n located in /etc/sysconfig/language on old systems to the systemd default\n locations (bsc#1247074)\n\n The script was introduced more than 7 years ago and all systems running TW\n should have been migrated since then. Moreover the installer supports the\n systemd default locations since approximately SLE15. \n\n- triggers.systemd: skip update of hwdb, journal-catalog if executed during an\n offline update.\n\n- logs-show: get timestamp and boot ID only when necessary (bsc#1242827)\n- sd-journal: drop to use Hashmap to manage journal files per boot ID\n- tree-wide: set SD_JOURNAL_ASSUME_IMMUTABLE where appropriate\n- sd-journal: introduce SD_JOURNAL_ASSUME_IMMUTABLE flag\n- sd-journal: make journal_file_read_tail_timestamp() notify to the caller that some new journal entries added\n- sd-journal: cache last entry offset and journal file state\n- sd-journal: fix typo in function name\n\n- coredump: use %d in kernel core pattern (bsc#1243935 CVE-2025-4598)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-416",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20554-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20554-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520554-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20554-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041299.html"
},
{
"category": "self",
"summary": "SUSE Bug 1242827",
"url": "https://bugzilla.suse.com/1242827"
},
{
"category": "self",
"summary": "SUSE Bug 1243935",
"url": "https://bugzilla.suse.com/1243935"
},
{
"category": "self",
"summary": "SUSE Bug 1247074",
"url": "https://bugzilla.suse.com/1247074"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4598 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4598/"
}
],
"title": "Security update for systemd",
"tracking": {
"current_release_date": "2025-08-12T14:05:24Z",
"generator": {
"date": "2025-08-12T14:05:24Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20554-1",
"initial_release_date": "2025-08-12T14:05:24Z",
"revision_history": [
{
"date": "2025-08-12T14:05:24Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libsystemd0-254.27-1.1.aarch64",
"product": {
"name": "libsystemd0-254.27-1.1.aarch64",
"product_id": "libsystemd0-254.27-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libudev1-254.27-1.1.aarch64",
"product": {
"name": "libudev1-254.27-1.1.aarch64",
"product_id": "libudev1-254.27-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "systemd-254.27-1.1.aarch64",
"product": {
"name": "systemd-254.27-1.1.aarch64",
"product_id": "systemd-254.27-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "systemd-container-254.27-1.1.aarch64",
"product": {
"name": "systemd-container-254.27-1.1.aarch64",
"product_id": "systemd-container-254.27-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "systemd-coredump-254.27-1.1.aarch64",
"product": {
"name": "systemd-coredump-254.27-1.1.aarch64",
"product_id": "systemd-coredump-254.27-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "systemd-experimental-254.27-1.1.aarch64",
"product": {
"name": "systemd-experimental-254.27-1.1.aarch64",
"product_id": "systemd-experimental-254.27-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "systemd-journal-remote-254.27-1.1.aarch64",
"product": {
"name": "systemd-journal-remote-254.27-1.1.aarch64",
"product_id": "systemd-journal-remote-254.27-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "systemd-portable-254.27-1.1.aarch64",
"product": {
"name": "systemd-portable-254.27-1.1.aarch64",
"product_id": "systemd-portable-254.27-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "udev-254.27-1.1.aarch64",
"product": {
"name": "udev-254.27-1.1.aarch64",
"product_id": "udev-254.27-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libsystemd0-254.27-1.1.s390x",
"product": {
"name": "libsystemd0-254.27-1.1.s390x",
"product_id": "libsystemd0-254.27-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libudev1-254.27-1.1.s390x",
"product": {
"name": "libudev1-254.27-1.1.s390x",
"product_id": "libudev1-254.27-1.1.s390x"
}
},
{
"category": "product_version",
"name": "systemd-254.27-1.1.s390x",
"product": {
"name": "systemd-254.27-1.1.s390x",
"product_id": "systemd-254.27-1.1.s390x"
}
},
{
"category": "product_version",
"name": "systemd-container-254.27-1.1.s390x",
"product": {
"name": "systemd-container-254.27-1.1.s390x",
"product_id": "systemd-container-254.27-1.1.s390x"
}
},
{
"category": "product_version",
"name": "systemd-coredump-254.27-1.1.s390x",
"product": {
"name": "systemd-coredump-254.27-1.1.s390x",
"product_id": "systemd-coredump-254.27-1.1.s390x"
}
},
{
"category": "product_version",
"name": "systemd-experimental-254.27-1.1.s390x",
"product": {
"name": "systemd-experimental-254.27-1.1.s390x",
"product_id": "systemd-experimental-254.27-1.1.s390x"
}
},
{
"category": "product_version",
"name": "systemd-journal-remote-254.27-1.1.s390x",
"product": {
"name": "systemd-journal-remote-254.27-1.1.s390x",
"product_id": "systemd-journal-remote-254.27-1.1.s390x"
}
},
{
"category": "product_version",
"name": "systemd-portable-254.27-1.1.s390x",
"product": {
"name": "systemd-portable-254.27-1.1.s390x",
"product_id": "systemd-portable-254.27-1.1.s390x"
}
},
{
"category": "product_version",
"name": "udev-254.27-1.1.s390x",
"product": {
"name": "udev-254.27-1.1.s390x",
"product_id": "udev-254.27-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libsystemd0-254.27-1.1.x86_64",
"product": {
"name": "libsystemd0-254.27-1.1.x86_64",
"product_id": "libsystemd0-254.27-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libudev1-254.27-1.1.x86_64",
"product": {
"name": "libudev1-254.27-1.1.x86_64",
"product_id": "libudev1-254.27-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "systemd-254.27-1.1.x86_64",
"product": {
"name": "systemd-254.27-1.1.x86_64",
"product_id": "systemd-254.27-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "systemd-container-254.27-1.1.x86_64",
"product": {
"name": "systemd-container-254.27-1.1.x86_64",
"product_id": "systemd-container-254.27-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "systemd-coredump-254.27-1.1.x86_64",
"product": {
"name": "systemd-coredump-254.27-1.1.x86_64",
"product_id": "systemd-coredump-254.27-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "systemd-experimental-254.27-1.1.x86_64",
"product": {
"name": "systemd-experimental-254.27-1.1.x86_64",
"product_id": "systemd-experimental-254.27-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "systemd-journal-remote-254.27-1.1.x86_64",
"product": {
"name": "systemd-journal-remote-254.27-1.1.x86_64",
"product_id": "systemd-journal-remote-254.27-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "systemd-portable-254.27-1.1.x86_64",
"product": {
"name": "systemd-portable-254.27-1.1.x86_64",
"product_id": "systemd-portable-254.27-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "udev-254.27-1.1.x86_64",
"product": {
"name": "udev-254.27-1.1.x86_64",
"product_id": "udev-254.27-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libsystemd0-254.27-1.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libsystemd0-254.27-1.1.aarch64"
},
"product_reference": "libsystemd0-254.27-1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsystemd0-254.27-1.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libsystemd0-254.27-1.1.s390x"
},
"product_reference": "libsystemd0-254.27-1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsystemd0-254.27-1.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libsystemd0-254.27-1.1.x86_64"
},
"product_reference": "libsystemd0-254.27-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libudev1-254.27-1.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libudev1-254.27-1.1.aarch64"
},
"product_reference": "libudev1-254.27-1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libudev1-254.27-1.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libudev1-254.27-1.1.s390x"
},
"product_reference": "libudev1-254.27-1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libudev1-254.27-1.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libudev1-254.27-1.1.x86_64"
},
"product_reference": "libudev1-254.27-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-254.27-1.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:systemd-254.27-1.1.aarch64"
},
"product_reference": "systemd-254.27-1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-254.27-1.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:systemd-254.27-1.1.s390x"
},
"product_reference": "systemd-254.27-1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-254.27-1.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:systemd-254.27-1.1.x86_64"
},
"product_reference": "systemd-254.27-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-container-254.27-1.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:systemd-container-254.27-1.1.aarch64"
},
"product_reference": "systemd-container-254.27-1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-container-254.27-1.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:systemd-container-254.27-1.1.s390x"
},
"product_reference": "systemd-container-254.27-1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-container-254.27-1.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:systemd-container-254.27-1.1.x86_64"
},
"product_reference": "systemd-container-254.27-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-coredump-254.27-1.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:systemd-coredump-254.27-1.1.aarch64"
},
"product_reference": "systemd-coredump-254.27-1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-coredump-254.27-1.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:systemd-coredump-254.27-1.1.s390x"
},
"product_reference": "systemd-coredump-254.27-1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-coredump-254.27-1.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:systemd-coredump-254.27-1.1.x86_64"
},
"product_reference": "systemd-coredump-254.27-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-experimental-254.27-1.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:systemd-experimental-254.27-1.1.aarch64"
},
"product_reference": "systemd-experimental-254.27-1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-experimental-254.27-1.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:systemd-experimental-254.27-1.1.s390x"
},
"product_reference": "systemd-experimental-254.27-1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-experimental-254.27-1.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:systemd-experimental-254.27-1.1.x86_64"
},
"product_reference": "systemd-experimental-254.27-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-journal-remote-254.27-1.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:systemd-journal-remote-254.27-1.1.aarch64"
},
"product_reference": "systemd-journal-remote-254.27-1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-journal-remote-254.27-1.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:systemd-journal-remote-254.27-1.1.s390x"
},
"product_reference": "systemd-journal-remote-254.27-1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-journal-remote-254.27-1.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:systemd-journal-remote-254.27-1.1.x86_64"
},
"product_reference": "systemd-journal-remote-254.27-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-portable-254.27-1.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:systemd-portable-254.27-1.1.aarch64"
},
"product_reference": "systemd-portable-254.27-1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-portable-254.27-1.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:systemd-portable-254.27-1.1.s390x"
},
"product_reference": "systemd-portable-254.27-1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "systemd-portable-254.27-1.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:systemd-portable-254.27-1.1.x86_64"
},
"product_reference": "systemd-portable-254.27-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "udev-254.27-1.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:udev-254.27-1.1.aarch64"
},
"product_reference": "udev-254.27-1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "udev-254.27-1.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:udev-254.27-1.1.s390x"
},
"product_reference": "udev-254.27-1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "udev-254.27-1.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:udev-254.27-1.1.x86_64"
},
"product_reference": "udev-254.27-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-4598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4598"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original\u0027s privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner\u0027s permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original\u0027s SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libsystemd0-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:libsystemd0-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:libsystemd0-254.27-1.1.x86_64",
"SUSE Linux Micro 6.0:libudev1-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:libudev1-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:libudev1-254.27-1.1.x86_64",
"SUSE Linux Micro 6.0:systemd-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:systemd-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:systemd-254.27-1.1.x86_64",
"SUSE Linux Micro 6.0:systemd-container-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:systemd-container-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:systemd-container-254.27-1.1.x86_64",
"SUSE Linux Micro 6.0:systemd-coredump-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:systemd-coredump-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:systemd-coredump-254.27-1.1.x86_64",
"SUSE Linux Micro 6.0:systemd-experimental-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:systemd-experimental-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:systemd-experimental-254.27-1.1.x86_64",
"SUSE Linux Micro 6.0:systemd-journal-remote-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:systemd-journal-remote-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:systemd-journal-remote-254.27-1.1.x86_64",
"SUSE Linux Micro 6.0:systemd-portable-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:systemd-portable-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:systemd-portable-254.27-1.1.x86_64",
"SUSE Linux Micro 6.0:udev-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:udev-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:udev-254.27-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4598",
"url": "https://www.suse.com/security/cve/CVE-2025-4598"
},
{
"category": "external",
"summary": "SUSE Bug 1243935 for CVE-2025-4598",
"url": "https://bugzilla.suse.com/1243935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libsystemd0-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:libsystemd0-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:libsystemd0-254.27-1.1.x86_64",
"SUSE Linux Micro 6.0:libudev1-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:libudev1-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:libudev1-254.27-1.1.x86_64",
"SUSE Linux Micro 6.0:systemd-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:systemd-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:systemd-254.27-1.1.x86_64",
"SUSE Linux Micro 6.0:systemd-container-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:systemd-container-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:systemd-container-254.27-1.1.x86_64",
"SUSE Linux Micro 6.0:systemd-coredump-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:systemd-coredump-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:systemd-coredump-254.27-1.1.x86_64",
"SUSE Linux Micro 6.0:systemd-experimental-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:systemd-experimental-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:systemd-experimental-254.27-1.1.x86_64",
"SUSE Linux Micro 6.0:systemd-journal-remote-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:systemd-journal-remote-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:systemd-journal-remote-254.27-1.1.x86_64",
"SUSE Linux Micro 6.0:systemd-portable-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:systemd-portable-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:systemd-portable-254.27-1.1.x86_64",
"SUSE Linux Micro 6.0:udev-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:udev-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:udev-254.27-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libsystemd0-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:libsystemd0-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:libsystemd0-254.27-1.1.x86_64",
"SUSE Linux Micro 6.0:libudev1-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:libudev1-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:libudev1-254.27-1.1.x86_64",
"SUSE Linux Micro 6.0:systemd-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:systemd-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:systemd-254.27-1.1.x86_64",
"SUSE Linux Micro 6.0:systemd-container-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:systemd-container-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:systemd-container-254.27-1.1.x86_64",
"SUSE Linux Micro 6.0:systemd-coredump-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:systemd-coredump-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:systemd-coredump-254.27-1.1.x86_64",
"SUSE Linux Micro 6.0:systemd-experimental-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:systemd-experimental-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:systemd-experimental-254.27-1.1.x86_64",
"SUSE Linux Micro 6.0:systemd-journal-remote-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:systemd-journal-remote-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:systemd-journal-remote-254.27-1.1.x86_64",
"SUSE Linux Micro 6.0:systemd-portable-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:systemd-portable-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:systemd-portable-254.27-1.1.x86_64",
"SUSE Linux Micro 6.0:udev-254.27-1.1.aarch64",
"SUSE Linux Micro 6.0:udev-254.27-1.1.s390x",
"SUSE Linux Micro 6.0:udev-254.27-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-12T14:05:24Z",
"details": "moderate"
}
],
"title": "CVE-2025-4598"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…