Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

openSUSE: openssh Moderate Code Execution Fix CVE-2025-61984 2025:4112-1

suse
Calendar Grey November 17, 2025
Dist Suse Esm H88
This advisory informs about security updates for openSSH addressing critical code execution risks.
* bsc#1251198 * bsc#1251199 Cross-References: * CVE-2025-61984

Summary

## This update for openssh fixes the following issues: * CVE-2025-61984: Fixed code execution via control characters in usernames when a ProxyCommand is used (bsc#1251198) * CVE-2025-61985: Fixed code execution via '\0' character in ssh:// URI when a ProxyCommand is used (bsc#1251199) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Retail Branch Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-LTS-2025-4112=1 * SUSE Manager Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-4112=1 * SUSE Enterprise Storage 7.1

Topics%20covered

Topics Covered

security advisory moderate update code execution openssh OpenSUSE

References

* bsc#1251198

* bsc#1251199

Cross-

* CVE-2025-61984

* CVE-2025-61985

CVSS scores:

* CVE-2025-61984 ( SUSE ): 2.0

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

* CVE-2025-61984 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

* CVE-2025-61984 ( NVD ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

* CVE-2025-61985 ( SUSE ): 2.0

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

* CVE-2025-61985 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

* CVE-2025-61985 ( NVD ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

Affected Products:

* openSUSE Leap 15.3

* SUSE Enterprise Storage 7.1

* SUSE Linux Enterprise High Performance Computing 15 SP3

* SUSE Linux Enterprise High Performance Computing 15 SP4

Announcement ID: SUSE-SU-2025:4112-1
Release Date: 2025-11-15T22:39:02Z
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate update code execution openssh OpenSUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here