openSUSE Leap 15.6: 2025:01591-1 moderate: python-maturin memory issues

suse

May 20, 2025

* bsc#1242631 * bsc#1243177 Cross-References: * CVE-2025-3416

Summary

## This update for python-maturin fixes the following issues: * CVE-2025-3416: openssl: use-after-free in `Md::fetch` and `Cipher::fetch` when `Some(...)` value passed as `properties` argument to either function (bsc#1242631). * CVE-2025-4574: crossbeam-channel: double-free leading to possible memory corruption in `Channel::drop` when dropping a channel (bsc#1243177). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1591=1 openSUSE-SLE-15.6-2025-1591=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * python311-maturin-1.4.0-150600.3.6.1

Topics Covered

security advisory moderate memory corruption openSUSE use-after-free python-maturin

References

* bsc#1242631

* bsc#1243177

Cross-

* CVE-2025-3416

* CVE-2025-4574

CVSS scores:

* CVE-2025-3416 ( SUSE ): 6.3

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

* CVE-2025-3416 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

* CVE-2025-3416 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

* CVE-2025-4574 ( SUSE ): 6.3

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

* CVE-2025-4574 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

* CVE-2025-4574 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Affected Products:

* openSUSE Leap 15.6

An update that solves two vulnerabilities can now be installed.

* https://www.suse.com/security/cve/CVE-2025-3416.html

Announcement ID: SUSE-SU-2025:01591-1

Release Date: 2025-05-19T21:24:50Z

Rating: moderate

Topics Covered

security advisory moderate memory corruption openSUSE use-after-free python-maturin

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

openSUSE Leap 15.6: 2025:01591-1 moderate: python-maturin memory issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

openSUSE Leap 15.6: 2025:01591-1 moderate: python-maturin memory issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!