Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

SUSE: Docker Critical Security Patch 2025:20743-2 CVE-2025-54389

suse
Calendar Grey September 26, 2025
Dist Suse Esm H88
Moderate security update for Docker on SUSE addressing CVE-2025-54388 and more significant issues promptly.
* bsc#1247367 * bsc#1247594 * jsc#PED-12534 * jsc#PED-8905

Summary

## This update for docker fixes the following issues: Update to docker-buildx v0.28.0. See upstream changelog: Update to Docker 28.4.0-ce. See upstream changelog: * Update warnings and errors related to "docker buildx ..." so that they reference our openSUSE docker-buildx packages. * Enable building docker-buildx for SLE15 systems with SUSEConnect secret injection enabled.jsc#PED-12534jsc#PED-8905 bsc#1247594 As docker-buildx does not support our SUSEConnect secret injection (and some users depend "docker build" working transparently), patch the docker CLI so that "docker build" will no longer automatically call "docker buildx build",

References

* bsc#1247367

* bsc#1247594

* jsc#PED-12534

* jsc#PED-8905

Cross-

* CVE-2025-54388

CVSS scores:

* CVE-2025-54388 ( SUSE ): 5.1

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

* CVE-2025-54388 ( SUSE ): 5.2 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

* CVE-2025-54388 ( NVD ): 5.1

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

* CVE-2025-54388 ( NVD ): 4.6 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Affected Products:

* SUSE Linux Micro 6.1

An update that solves one vulnerability, contains two features and has one fix

can now be installed.

##

* https://www.suse.com/security/cve/CVE-2025-54388.html

Announcement ID: SUSE-SU-2025:20743-1
Release Date: 2025-09-10T16:10:30Z
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here