Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

SUSE: Poppler Important CVE-2025-43718 Buffer Issues 2025:3910-1

suse
Calendar Grey November 3, 2025
Dist Suse Esm H88
Important SUSE security advisory for Poppler addresses critical issues in PDF processing and pointer handling.
* bsc#1250908 * bsc#1251940 Cross-References: * CVE-2025-43718

Summary

## This update for poppler fixes the following issues: * CVE-2025-43718: fixed uncontrolled recursion in the regex-based metadata parser when processing specially crafted PDF files (bsc#1250908) * CVE-2025-52885: improved pointer handling that could have led to dangling pointers when the vector is resized (bsc#1251940) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-3910=1 * SUSE Manager Retail Branch Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-LTS-2025-3910=1 * SUSE Manager Server 4.3 LTS

Topics%20covered

Topics Covered

security advisory SuSE important poppler PDF processing pointer handling

References

* bsc#1250908

* bsc#1251940

Cross-

* CVE-2025-43718

* CVE-2025-52885

CVSS scores:

* CVE-2025-43718 ( SUSE ): 6.8

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N

* CVE-2025-43718 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H

* CVE-2025-43718 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

* CVE-2025-43718 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

* CVE-2025-52885 ( SUSE ): 7.0

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

* CVE-2025-52885 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

* CVE-2025-52885 ( NVD ): 6.1

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:3910-1
Release Date: 2025-11-02T12:18:24Z
Rating: important

Topics%20covered

Topics Covered

security advisory SuSE important poppler PDF processing pointer handling

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here