Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

SUSE: Cloud-Init Important Vulnerabilities Cumulative Fixes 2025:20755-1

suse
Calendar Grey September 26, 2025
Dist Suse Esm H88
Critical update for cloud-init addresses important vulnerabilities in SUSE Linux Micro 6.1. Essential patching required.
* bsc#1035106 * bsc#1047363 * bsc#1116767 * bsc#1121878 * bsc#1170154

Summary

## This update for cloud-init fixes the following issues: Update to version 25.1.3 (bsc#1245401,bsc#1245403): * docs: provide example3 for PAM and ssh_pwauth behavior (#27) * fix: Make hotplug socket writable only by root (#25) (CVE-2024-11584) * fix: Don't attempt to identify non-x86 OpenStack instances (LP: #2069607) (CVE-2024-6174) From 25.1.2: * fix: ensure MAAS datasource retries on failure (#6167) Update to version 25.1.1 (bsc#1239715,jsc#PED-8680,bsc#1228414): * Drop hidesensitivedata in 16 & greater * test: pytestify cc_chef tests, add migration test * chef: migrate files in old config directories for backups and cache * fix: correct the path for Chef's backups (#5994) * fix(Azure): don't reraise FileNotFoundError during ephemeral setup (#6113)

References

* bsc#1035106

* bsc#1047363

* bsc#1116767

* bsc#1121878

* bsc#1170154

* bsc#1174443

* bsc#1174444

* bsc#1181283

* bsc#1186004

* bsc#1192343

* bsc#1210277

* bsc#1214169

* bsc#1228414

* bsc#1233649

* bsc#1236720

* bsc#1237764

* bsc#1239715

* bsc#1245401

* bsc#1245403

* bsc#918952

* bsc#919305

* bsc#998103

* jsc#PED-8680

* jsc#PM-2335

* jsc#PM-3175

* jsc#PM-3181

Cross-

* CVE-2023-1786

* CVE-2024-11584

* CVE-2024-6174

CVSS scores:

* CVE-2023-1786 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

* CVE-2023-1786 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

* CVE-2024-11584 ( SUSE ): 5.1

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

* CVE-2024-11584 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:20755-1
Release Date: 2025-09-23T09:04:46Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here