Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE: Go1.25 Important Security Update DoS Threat 2025:02924-1

suse
Calendar Grey August 20, 2025
Dist Suse Esm H88
Critical security notice for SUSE pertaining to go1.25, aimed at resolving several vulnerabilities and concerns.
* bsc#1244485 * bsc#1246118 * bsc#1247719 * bsc#1247720

Summary

## go1.25 (released 2025-08-12) is a major release of Go. go1.25.x minor releases will be provided through August 2026. https://github.com/golang/go/wiki/Go-Release-Cycle go1.25 arrives six months after Go 1.24. Most of its changes are in the implementation of the toolchain, runtime, and libraries. As always, the release maintains the Go 1 promise of compatibility. We expect almost all Go programs to continue to compile and run as before. (boo#1244485 go1.25 release tracking) * Language changes: There are no languages changes that affect Go programs in Go 1.25. However, in the language specification the notion of core types has been removed in favor of dedicated prose. See the respective blog post for more information. * go command: The go build -asan option now defaults to doing leak detection

Topics%20covered

Topics Covered

security advisory security issue SuSE DoS important Go

References

* bsc#1244485

* bsc#1246118

* bsc#1247719

* bsc#1247720

Cross-

* CVE-2025-4674

* CVE-2025-47906

* CVE-2025-47907

CVSS scores:

* CVE-2025-4674 ( SUSE ): 9.3

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

* CVE-2025-4674 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

* CVE-2025-4674 ( NVD ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

* CVE-2025-47906 ( SUSE ): 2.1

CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

* CVE-2025-47906 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

* CVE-2025-47907 ( SUSE ): 2.1

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

* CVE-2025-47907 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:02924-1
Release Date: 2025-08-20T07:35:22Z
Rating: important

Topics%20covered

Topics Covered

security advisory security issue SuSE DoS important Go

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here