Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

SUSE: go1.25 Important Resource Consumption Issues Fixed 2025:21192-1

suse
Calendar Grey December 15, 2025
Dist Suse Esm H88
This SUSE security update addresses 13 issues in go1.25 to prevent excessive resource consumption and improve stability.
An update that solves 13 vulnerabilities and has six fixes can now be installed.

Summary

## This update for go1.25 fixes the following issues: Update to go1.25.5. Security issues fixed: * CVE-2025-61729: crypto/x509: excessive resource consumption in printing error string for host certificate validation (bsc#1254431). * CVE-2025-61727: crypto/x509: excluded subdomain constraint doesn't preclude wildcard SAN (bsc#1254430). * CVE-2025-61725: net/mail: excessive CPU consumption in ParseAddress (bsc#1251253). * CVE-2025-61724: net/textproto: excessive CPU consumption in Reader.ReadResponse (bsc#1251262). * CVE-2025-61723: encoding/pem: quadratic complexity when parsing some invalid inputs (bsc#1251256). * CVE-2025-58189: crypto/tls: ALPN negotiation error contains attacker controlled information (bsc#1251255).

References

* bsc#1244485

* bsc#1245878

* bsc#1247816

* bsc#1248082

* bsc#1249141

* bsc#1249985

* bsc#1251253

* bsc#1251254

* bsc#1251255

* bsc#1251256

* bsc#1251257

* bsc#1251258

* bsc#1251259

* bsc#1251260

* bsc#1251261

* bsc#1251262

* bsc#1254227

* bsc#1254430

* bsc#1254431

Cross-

* CVE-2025-47910

* CVE-2025-47912

* CVE-2025-58183

* CVE-2025-58185

* CVE-2025-58186

* CVE-2025-58187

* CVE-2025-58188

* CVE-2025-58189

* CVE-2025-61723

* CVE-2025-61724

* CVE-2025-61725

* CVE-2025-61727

* CVE-2025-61729

CVSS scores:

* CVE-2025-47910 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

* CVE-2025-47910 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

* CVE-2025-47912 ( SUSE ): 8.8

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:21192-1
Release Date: 2025-12-12T07:23:58Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here