Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE: libvirt Moderate Info Disclosure DoS Advisory 2025:21082-1

suse
Calendar Grey November 28, 2025
Dist Suse Esm H88
Update for SUSE libvirt addresses moderate threats including Information disclosure and Denial of service issues.
* bsc#1253278 * bsc#1253642 * bsc#1253703 * jsc#PED-9265

Summary

## This update for libvirt fixes the following issues: * CVE-2025-13193: Fixed Information disclosure via world-readable VM snapshots (bsc#1253703) * CVE-2025-12748: Fixed Denial of service in XML parsing (bsc#1253278) Other fixes: * spec: Adjust dbus dependency (bsc#1253642) * qemu: Add support for Intel TDX (jsc#PED-9265) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-66=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * libvirt-libs-debuginfo-11.4.0-160000.3.1 * libvirt-daemon-driver-storage-core-debuginfo-11.4.0-160000.3.1

Topics%20covered

Topics Covered

security advisory moderate denial of service SuSE information disclosure libvirt

References

* bsc#1253278

* bsc#1253642

* bsc#1253703

* jsc#PED-9265

Cross-

* CVE-2025-12748

* CVE-2025-13193

CVSS scores:

* CVE-2025-12748 ( SUSE ): 6.9

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2025-12748 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2025-12748 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2025-13193 ( SUSE ): 5.7

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

* CVE-2025-13193 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

* CVE-2025-13193 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* SUSE Linux Micro 6.2

An update that solves two vulnerabilities, contains one feature and has one fix

can now be installed.

##

Announcement ID: SUSE-SU-2025:21082-1
Release Date: 2025-11-27T10:23:06Z
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate denial of service SuSE information disclosure libvirt

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here