Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

openSUSE Leap 15.4: SUSE-SU-2025:1560-1 low: rustup use-After-Free

suse
Calendar Grey May 15, 2025
Dist Suse Esm H88
Patch deployment for rustup on openSUSE Leap tackling a minor severity vulnerability linked to a use-After-Free error.
* bsc#1242617 Cross-References: * CVE-2025-3416

Summary

## This update for rustup fixes the following issues: * CVE-2025-3416: Fixed use-After-Free in Md::fetch and Cipher::fetch in rust- openssl crate (bsc#1242617) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1560=1 ## Package List: * openSUSE Leap 15.4 (aarch64 x86_64) * rustup-debuginfo-1.26.0~0-150400.3.10.1 * rustup-debugsource-1.26.0~0-150400.3.10.1 * rustup-1.26.0~0-150400.3.10.1

Topics%20covered

Topics Covered

security advisory update software patch low severity openSUSE rustup

References

* bsc#1242617

Cross-

* CVE-2025-3416

CVSS scores:

* CVE-2025-3416 ( SUSE ): 6.3

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

* CVE-2025-3416 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

* CVE-2025-3416 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* openSUSE Leap 15.4

An update that solves one vulnerability can now be installed.

##

*

* https://bugzilla.suse.com/show_bug.cgi?id=1242617

Severity
low
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:1560-1
Release Date: 2025-05-15T12:51:24Z
Rating: low

Topics%20covered

Topics Covered

security advisory update software patch low severity openSUSE rustup

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here