Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE: Warewulf4 Moderate Memory Consumption Fix CVE-2025-58058

suse
Calendar Grey October 2, 2025
Dist Suse Esm H88
SUSE's warewulf4 update resolves a memory consumption issue and provides important security fixes across platforms.
* bsc#1227465 * bsc#1227686 * bsc#1246082 * bsc#1248768 * bsc#1248906

Summary

## This update for warewulf4 fixes the following issues: Update to version 4.6.4. Security issues fixed: * CVE-2025-58058: xz: excessive memory consuption when unpacking a large number of corrupted LZMA archives (bsc#1248906). Other issues fixed: * Convert disk booleans from `wwbool` to `*bool` which allows bools in disk to be set to false via command line (bsc#1248768). * Fix `wwctl` upgrade nodes to handle kernel argument lists (bsc#1227686, bsc#1227465). * Mark `slurm` as recommeneded in the `warewulf4-overlay-slurm` package (bsc#1246082). * Switch to `dnsmasq` as default DHCP and TFTP provider. * v4.6.4 release updates: * Update NetworkManager Overlay * Disable IPv4 in NetworkManager if no address or route is specified * Fix(`wwctl`): create overlay edit `tempfile` in `tmpdir`

Topics%20covered

Topics Covered

security advisory moderate denial of service SuSE memory issue warewulf4

References

* bsc#1227465

* bsc#1227686

* bsc#1246082

* bsc#1248768

* bsc#1248906

Cross-

* CVE-2025-58058

CVSS scores:

* CVE-2025-58058 ( SUSE ): 6.9

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

* CVE-2025-58058 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

* CVE-2025-58058 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* HPC Module 15-SP6

* HPC Module 15-SP7

* openSUSE Leap 15.5

* openSUSE Leap 15.6

* SUSE Linux Enterprise Server 15 SP6

* SUSE Linux Enterprise Server 15 SP7

An update that solves one vulnerability and has four security fixes can now be

installed.

##

* https://www.suse.com/security/cve/CVE-2025-58058.html

* https://bugzilla.suse.com/show_bug.cgi?id=1227465

* https://bugzilla.suse.com/show_bug.cgi?id=1227686

Announcement ID: SUSE-SU-2025:03448-1
Release Date: 2025-10-02T07:15:03Z
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate denial of service SuSE memory issue warewulf4

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here