Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE: 2025:1534-1 low severity: augeas NULL pointer issue

suse
Calendar Grey May 12, 2025
Dist Suse Esm H88
Attention users: Augeas software has been updated to address CVE-2025-2588, rated as low severity. SUSE users should follow the patch instructions for security
* bsc#1239909 Cross-References: * CVE-2025-2588

Summary

## This update for augeas fixes the following issues: * CVE-2025-2588: Check for NULL pointers when calling re_case_expand in function fa_expand_nocase. (bsc#1239909) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1534=1 openSUSE-SLE-15.6-2025-1534=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1534=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * augeas-devel-1.14.1-150600.3.3.1 * libfa1-debuginfo-1.14.1-150600.3.3.1 * augeas-lense-tests-1.14.1-150600.3.3.1 * augeas-debugsource-1.14.1-150600.3.3.1

Topics%20covered

Topics Covered

security advisory DoS low severity NULL pointer SUSE augeas

References

* bsc#1239909

Cross-

* CVE-2025-2588

CVSS scores:

* CVE-2025-2588 ( SUSE ): 4.8

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

* CVE-2025-2588 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

* CVE-2025-2588 ( NVD ): 4.8

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

* CVE-2025-2588 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

* CVE-2025-2588 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* Basesystem Module 15-SP6

* openSUSE Leap 15.6

Severity
low
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:1534-1
Release Date: 2025-05-12T16:01:07Z
Rating: low

Topics%20covered

Topics Covered

security advisory DoS low severity NULL pointer SUSE augeas

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here