Alerts This Week
Warning Icon 1 1,003
Alerts This Week
Warning Icon 1 1,003

SUSE Tar Important File Overwrite Issue Advisory 2026-2615-1 CVE-2025-45582

suse
Calendar Grey June 24, 2026
Dist Suse Esm H88
A security update for tar addresses an important file overwrite issue via directory traversal. Install to safeguard your systems.
An update that solves one vulnerability and contains one feature can now be installed.

Summary

## This update for tar fixes the following issues: Upgrade tar to version 1.34 (jsc#PED-16073). Security issues fixed: * CVE-2025-45582: file overwrite via directory traversal in crafted TAR archives (bsc#1246399). Other updates and bugfixes: * Changes from 1.28: * New --one-top-level option: extract all files into a subdirectory named after the archive base name * New --sort option: sort directory entries by name or inode when creating archives * New exclusion options: --exclude-ignore, --exclude-ignore-recursive, and --exclude-vcs-ignores * New checkpoint action: totals; extended checkpoint format specifiers * Official tar(1) and rmt(8) manpages now provided upstream * Refuse to read from or write archives to a tty device * Changes from 1.29:

Topics%20covered

Topics Covered

security advisory SuSE directory traversal file overwrite important tar

References

* bsc#1246399

* jsc#PED-16073

Cross-

* CVE-2025-45582

CVSS scores:

* CVE-2025-45582 ( SUSE ): 8.5

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2025-45582 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

* CVE-2025-45582 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L

Affected Products:

* SUSE Linux Enterprise High Performance Computing 12 SP5

* SUSE Linux Enterprise Server 12 SP5

* SUSE Linux Enterprise Server 12 SP5 LTSS

* SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security

* SUSE Linux Enterprise Server for SAP Applications 12 SP5

An update that solves one vulnerability and contains one feature can now be

installed.

##

* https://www.suse.com/security/cve/CVE-2025-45582.html

* https://bugzilla.suse.com/show_bug.cgi?id=1246399

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:2615-1
Release Date: 2026-06-24T09:02:40Z
Rating: important

Topics%20covered

Topics Covered

security advisory SuSE directory traversal file overwrite important tar

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here