Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE Linux Enterprise Micro: 2025:1413-1 low: augeas NULL pointer fix

suse
Calendar Grey April 30, 2025
Dist Suse Esm H88
Patches have been released for SUSE Linux Enterprise Micro and openSUSE Leap to resolve a null pointer dereference vulnerability in Augeas, classified as low severity.
* bsc#1239909 Cross-References: * CVE-2025-2588

Summary

## This update for augeas fixes the following issues: * CVE-2025-2588: Check for NULL pointers when calling re_case_expand in function fa_expand_nocase. (bsc#1239909) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1413=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1413=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1413=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1413=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1413=1

Topics%20covered

Topics Covered

security advisory software update low severity NULL pointer SUSE augeas

References

* bsc#1239909

Cross-

* CVE-2025-2588

CVSS scores:

* CVE-2025-2588 ( SUSE ): 4.8

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

* CVE-2025-2588 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

* CVE-2025-2588 ( NVD ): 4.8

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

* CVE-2025-2588 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

* CVE-2025-2588 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* openSUSE Leap 15.4

Severity
low
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:1413-1
Release Date: 2025-04-30T06:59:13Z
Rating: low

Topics%20covered

Topics Covered

security advisory software update low severity NULL pointer SUSE augeas

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here