Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

SUSE: 2025:01811-1 moderate: gnuplot security update addressing segfaults

suse
Calendar Grey June 4, 2025
Dist Suse Esm H88
The Ubuntu patch addresses multiple gnuplot concerns such as memory leaks and access violations, improving overall system reliability.
* bsc#1240325 * bsc#1240326 * bsc#1240327 * bsc#1240328 * bsc#1240329

Summary

## This update for gnuplot fixes the following issues: * CVE-2025-31176: invalid read leads to segmentation fault on plot3d_points (bsc#1240325). * CVE-2025-31177: improper bounds check leads to heap-buffer overflow on utf8_copy_one (bsc#1240326). * CVE-2025-31178: unvalidated user input leads to segmentation fault on GetAnnotateString (bsc#1240327). * CVE-2025-31179: improper verification of time values leads to segmentation fault on xstrftime (bsc#1240328). * CVE-2025-31180: unchecked invalid pointer access leads to segmentation fault on CANVAS_text (bsc#1240329). * CVE-2025-31181: double fclose() call leads to segmentation fault on X11_graphics (bsc#1240330). * CVE-2025-3359: out-of-bounds read when parsing font names may lead to a segmentation fault (bsc#1241684).

References

* bsc#1240325

* bsc#1240326

* bsc#1240327

* bsc#1240328

* bsc#1240329

* bsc#1240330

* bsc#1241684

Cross-

* CVE-2025-31176

* CVE-2025-31177

* CVE-2025-31178

* CVE-2025-31179

* CVE-2025-31180

* CVE-2025-31181

* CVE-2025-3359

CVSS scores:

* CVE-2025-31176 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2025-31176 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2025-31177 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2025-31178 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2025-31178 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2025-31179 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2025-31179 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Announcement ID: SUSE-SU-2025:01811-1
Release Date: 2025-06-04T09:29:58Z
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here