Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

openSUSE: 2025:1570-1 low: cargo-c use-after-free threat

opensuse
Calendar Grey May 16, 2025
Dist Opensuse Esm H88
Explore the newest security bulletin for openSUSE cargo-c highlighting a minor concern along with installation recommendations.
An update that solves one vulnerability can now be installed.

Description

This update for cargo-c fixes the following issues:

* CVE-2025-3416: use-after-free in Md::fetch and Cipher::fetch of rust-openssl

crate (bsc#1242675).

Topics%20covered

Topics Covered

security advisory update instructions low severity openSUSE use-after-free cargo-c

Patch

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like

YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6

zypper in -t patch SUSE-2025-1570=1 openSUSE-SLE-15.6-2025-1570=1

Package List

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)

* cargo-c-0.10.3~git0.ee7d7ef-150600.3.6.1

* cargo-c-debuginfo-0.10.3~git0.ee7d7ef-150600.3.6.1

References

* bsc#1242675

## References:

* https://www.suse.com/security/cve/CVE-2025-3416.html

* https://bugzilla.suse.com/show_bug.cgi?id=1242675

Severity
low
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:1570-1
Release Date: 2025-05-16T13:44:06Z
Affected Products: * openSUSE Leap 15.6

Topics%20covered

Topics Covered

security advisory update instructions low severity openSUSE use-after-free cargo-c

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here