Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 502
Alerts This Week
Warning Icon 1 502

SUSE Librsvg Moderate Memory Issue Fix 2026-20755-1 CVE-2024-12224

suse
Calendar Grey March 24, 2026
Dist Suse Esm H88
Update for librsvg addresses two notable issues, including memory problems. Critical for system stability and performance.
An update that solves two vulnerabilities and has one fix can now be installed.

Summary

## This update for librsvg fixes the following issues: Update to version 2.60.2: * CVE-2024-12224: Fixed idna accepts Punycode labels that do not produce any non-ASCII when decoded (bsc#1243867). * CVE-2024-43806: Fixed memory explosion in rustix (bsc#1229950). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-410=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * gdk-pixbuf-loader-rsvg-2.60.2-160000.1.1 * librsvg-2-2-debuginfo-2.60.2-160000.1.1 * librsvg-2-2-2.60.2-160000.1.1

References

* bsc#1229376

* bsc#1229950

* bsc#1243867

Cross-

* CVE-2024-12224

* CVE-2024-43806

CVSS scores:

* CVE-2024-12224 ( SUSE ): 2.1

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

* CVE-2024-12224 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

* CVE-2024-12224 ( NVD ): 5.1

CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

* CVE-2024-43806 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* SUSE Linux Micro 6.2

An update that solves two vulnerabilities and has one fix can now be installed.

##

* https://www.suse.com/security/cve/CVE-2024-12224.html

Announcement ID: SUSE-SU-2026:20755-1
Release Date: 2026-03-19T08:08:47Z
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.