Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

SUSE Issues Patch for Moderate DoS Threat in CUPS CVE-2025-58436

suse
Calendar Grey December 17, 2025
Dist Suse Esm H88
Update addresses one security issue in SUSE CUPS, enhancing system performance and client usability.
An update that solves one vulnerability and has one security fix can now be installed.

Summary

## This update for cups fixes the following issues: Security issues fixed: * CVE-2025-58436: single client sending slow messages to cupsd can delay the application and make it unusable for other clients (bsc#1244057). Other issues fixed: * Update the CVE-2025-58436 patch to fix a regression that causes GTK applications to hang (bsc#1254353). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-4425=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-4425=1 * Basesystem Module 15-SP7

References

* bsc#1244057

* bsc#1254353

Cross-

* CVE-2025-58436

CVSS scores:

* CVE-2025-58436 ( SUSE ): 8.2

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2025-58436 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2025-58436 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2025-58436 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP6

* Basesystem Module 15-SP7

* Desktop Applications Module 15-SP6

* Desktop Applications Module 15-SP7

* Development Tools Module 15-SP6

* Development Tools Module 15-SP7

* openSUSE Leap 15.6

* SUSE Linux Enterprise Desktop 15 SP6

* SUSE Linux Enterprise Desktop 15 SP7

* SUSE Linux Enterprise Micro 5.2

* SUSE Linux Enterprise Micro 5.3

* SUSE Linux Enterprise Micro 5.4

Announcement ID: SUSE-SU-2025:4425-1
Release Date: 2025-12-17T11:20:35Z
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here