Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE Linux Micro 6.0: Glib2 Important Buffer Issues 2025:20508-1

suse
Calendar Grey August 4, 2025
Dist Suse Esm H88
Glib2 security update for SUSE: critical patch targeting buffer overflow and integer underflow issues.
* bsc#1242844 * bsc#1244596 Cross-References: * CVE-2025-4373

Summary

## This update for glib2 fixes the following issues: * CVE-2025-4373: Fixed buffer underflow through glib/gstring.c via function g_string_insert_unichar (bsc#1242844) * CVE-2025-6052: Fixed integer overflow in g_string_maybe_expand() leads to potential buffer overflow in GString (bsc#1244596) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-395=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * glib2-tools-2.76.2-9.1 * libgobject-2_0-0-debuginfo-2.76.2-9.1 * libgmodule-2_0-0-2.76.2-9.1 * libgobject-2_0-0-2.76.2-9.1 * libgmodule-2_0-0-debuginfo-2.76.2-9.1

Topics%20covered

Topics Covered

security advisory SuSE important integer overflow buffer underflow glib2

References

* bsc#1242844

* bsc#1244596

Cross-

* CVE-2025-4373

* CVE-2025-6052

CVSS scores:

* CVE-2025-4373 ( SUSE ): 6.3

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

* CVE-2025-4373 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

* CVE-2025-4373 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

* CVE-2025-6052 ( SUSE ): 7.3

CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2025-6052 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

* CVE-2025-6052 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* SUSE Linux Micro 6.0

An update that solves two vulnerabilities can now be installed.

##

* https://www.suse.com/security/cve/CVE-2025-4373.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:20508-1
Release Date: 2025-07-24T11:46:50Z
Rating: important

Topics%20covered

Topics Covered

security advisory SuSE important integer overflow buffer underflow glib2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here