## This update for systemd fixes the following issues: * CVE-2025-4598: Race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump (bsc#1243935). * CVE-2023-26604: Privilege escalation via the less pager (bsc#1208958). * CVE-2022-4415: systemd-coredump was not respecting fs.suid_dumpable kernel setting (bsc#1205000). Other bugfixes: * clarify passno and noauto combination in /etc/fstab (bsc#1211725) * handle -EINTR return from bus_poll() (bsc#1215241) * /usr/ should never be unmounted regardless of HAVE_SPLIT_USR or not (bsc#1211576) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product:
* bsc#1205000
* bsc#1208958
* bsc#1211576
* bsc#1211725
* bsc#1215241
* bsc#1243935
Cross-
* CVE-2022-4415
* CVE-2023-26604
* CVE-2025-4598
CVSS scores:
* CVE-2022-4415 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-4415 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-4415 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-26604 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-26604 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-26604 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-4598 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2025-4598 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Products:
Get the latest Linux and open source security news straight to your inbox.