Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

SUSE: Keylime Critical Update for DoS & Identity Takeover 2025:21194-1

suse
Calendar Grey December 15, 2025
Dist Suse Esm H88
Critical security update for SUSE Linux addressing keylime's vulnerabilities. Critical patching is strongly urged.
An update that solves two vulnerabilities can now be installed.

Summary

## This update for keylime fixes the following issues: Update to version 7.13.0+40. Security issues fixed: * CVE-2025-13609: possible agent identity takeover due to registrar allowing the registration of agents with duplicate UUIDs (bsc#1254199). * CVE-2025-1057: registrar denial-of-service due to backward incompatibility in database type handling (bsc#1237153). Other issues fixed and changes: * Version 7.13.0+40: * Include new attestation information fields (#1818) * Fix Database race conditions and SQLAlchemy 2.0 compatibility (#1823) * push-model: require HTTPS for authentication and attestation endpoints * Fix operational_state tracking in push mode attestations * templates: add push model authentication config options to 2.5 templates * Security: Hash authentication tokens in logs

References

* bsc#1237153

* bsc#1254199

Cross-

* CVE-2025-1057

* CVE-2025-13609

CVSS scores:

* CVE-2025-1057 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

* CVE-2025-13609 ( SUSE ): 9.1

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H

* CVE-2025-13609 ( SUSE ): 9.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

* CVE-2025-13609 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L

Affected Products:

* SUSE Linux Enterprise Server 16.0

* SUSE Linux Enterprise Server for SAP Applications 16.0

An update that solves two vulnerabilities can now be installed.

##

* https://www.suse.com/security/cve/CVE-2025-1057.html

* https://www.suse.com/security/cve/CVE-2025-13609.html

* https://bugzilla.suse.com/show_bug.cgi?id=1237153

Severity
critical
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:21194-1
Release Date: 2025-12-12T09:46:14Z
Rating: critical

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here