SUSE Linux Micro 6.0: Advisory 2025:20717-1 for rust-keylime CVE-2025-55159

suse

September 26, 2025

* bsc#1242623 * bsc#1247193 * bsc#1248006 Cross-References:

Summary

## This update for rust-keylime fixes the following issues: * Update vendored crate slab to version 0.4.11 * CVE-2025-55159: Fixed incorrect bounds check in get_disjoint_mut function leading to undefined behavior or potential crash due to out-of-bounds access (bsc#1248006) * Update to version 0.2.8+12: * build(deps): bump actions/checkout from 4 to 5 * build(deps): bump cfg-if from 1.0.0 to 1.0.1 * build(deps): bump openssl from 0.10.72 to 0.10.73 * build(deps): bump clap from 4.5.39 to 4.5.45 * build(deps): bump pest from 2.8.0 to 2.8.1 * Fix clippy warnings * Use verifier-provided interval for continuous attestation timing * Add meta object with seconds_to_next_attestation to evidence response * Fix boot time retrieval * Fix IMA log format (it must be ['text/plain']) (#1073)

Topics Covered

security advisory moderate SuSE command injection undefined behavior rust-keylime

References

* bsc#1242623

* bsc#1247193

* bsc#1248006

Cross-

* CVE-2024-58266

* CVE-2025-3416

* CVE-2025-55159

CVSS scores:

* CVE-2024-58266 ( SUSE ): 2.0

CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

* CVE-2024-58266 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

* CVE-2024-58266 ( NVD ): 3.2 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

* CVE-2024-58266 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

* CVE-2025-3416 ( SUSE ): 6.3

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

* CVE-2025-3416 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

* CVE-2025-3416 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

* CVE-2025-55159 ( SUSE ): 5.8

CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

Announcement ID: SUSE-SU-2025:20717-1

Release Date: 2025-09-16T07:49:07Z

Rating: moderate

Topics Covered

security advisory moderate SuSE command injection undefined behavior rust-keylime

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux Micro 6.0: Advisory 2025:20717-1 for rust-keylime CVE-2025-55159

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux Micro 6.0: Advisory 2025:20717-1 for rust-keylime CVE-2025-55159

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!