Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -1 articles for you...
100
security advisorymoderatesecurity updateopenSUSE Leap 15.4: Moderate Security Update for rav1e CVE-2022-24713
* bsc#1196972 Cross-References: * CVE-2022-24713 . # Security update for rav1e Announcement ID: SUSE-SU-2025:3911-1 Release Date: 2025-11-02T12:18:39Z Rating: moderate References: * bsc#1196972 Cross-References: * CVE-2022-24713 CVSS scores: * CVE-2022-24713 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2022-24713 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 An update that solves one vulnerability can now be installed. ## Description: This update for rav1e fixes the following issues: * CVE-2022-24713: Updated crate regex to 1.5.5 that resolves a ReDoS issue (bsc#1196972) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-3911=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * rav1e-0.5.1+0-150400.3.6.1 * rav1e-debugsource-0.5.1+0-150400.3.6.1 * librav1e0-0.5.1+0-150400.3.6.1 * rav1e-devel-0.5.1+0-150400.3.6.1 * librav1e0-debuginfo-0.5.1+0-150400.3.6.1 * rav1e-debuginfo-0.5.1+0-150400.3.6.1 * openSUSE Leap 15.4 (x86_64) * librav1e0-32bit-debuginfo-0.5.1+0-150400.3.6.1 * librav1e0-32bit-0.5.1+0-150400.3.6.1 * openSUSE Leap 15.4 (aarch64_ilp32) * librav1e0-64bit-0.5.1+0-150400.3.6.1 * librav1e0-64bit-debuginfo-0.5.1+0-150400.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-24713.html * https://bugzilla.suse.com/show_bug.cgi?id=1196972 . Critical update for rav1e in openSUSE Leap 15.4 addressing CVE-2022-24713 with moderate severity.. rav1e security fix, openSUSE Leap 15.4 update, ReDoS vulnerability, moderate security advisory. . LinuxSecurity.com Team
Nov 03, 2025
SuSE
202
security advisorymoderatepatchopenSUSE Leap 15.4: rav1e Moderate ReDoS Threat Advisory 2025:3911-1
An update that solves one vulnerability can now be installed.. # Security update for rav1e Announcement ID: SUSE-SU-2025:3911-1 Release Date: 2025-11-02T12:18:39Z Rating: moderate References: * bsc#1196972 Cross-References: * CVE-2022-24713 CVSS scores: * CVE-2022-24713 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2022-24713 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 An update that solves one vulnerability can now be installed. ## Description: This update for rav1e fixes the following issues: * CVE-2022-24713: Updated crate regex to 1.5.5 that resolves a ReDoS issue (bsc#1196972) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-3911=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * rav1e-0.5.1+0-150400.3.6.1 * rav1e-debugsource-0.5.1+0-150400.3.6.1 * librav1e0-0.5.1+0-150400.3.6.1 * rav1e-devel-0.5.1+0-150400.3.6.1 * librav1e0-debuginfo-0.5.1+0-150400.3.6.1 * rav1e-debuginfo-0.5.1+0-150400.3.6.1 * openSUSE Leap 15.4 (x86_64) * librav1e0-32bit-debuginfo-0.5.1+0-150400.3.6.1 * librav1e0-32bit-0.5.1+0-150400.3.6.1 * openSUSE Leap 15.4 (aarch64_ilp32) * librav1e0-64bit-0.5.1+0-150400.3.6.1 * librav1e0-64bit-debuginfo-0.5.1+0-150400.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-24713.html * https://bugzilla.suse.com/show_bug.cgi?id=1196972 . An update resolves a moderate severity ReDoS vulnerability in openSUSE's rav1e. Install patch promptly.. openSUSE security update, rav1e security fix, ReDoS issue, moderate severity patch. . LinuxSecurity.com Team
Nov 03, 2025
OpenSUSE
100
security advisorymoderatecommand injectionopenSUSE: Moderate Command Injection Vulnerability Fix for CVE-2024-58266
* bsc#1230028 * bsc#1247207 Cross-References: * CVE-2024-58266 . # Security update for rav1e Announcement ID: SUSE-SU-2025:03092-1 Release Date: 2025-09-05T17:20:55Z Rating: moderate References: * bsc#1230028 * bsc#1247207 Cross-References: * CVE-2024-58266 CVSS scores: * CVE-2024-58266 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-58266 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-58266 ( NVD ): 3.2 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2024-58266 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for rav1e fixes the following issues: * Update crate shlex to 1.3.0: * CVE-2024-58266: Fixed command injection (bsc#1247207) * RUSTSEC-2024-0006: Fixed multiple issues involving quote API (bsc#1230028) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-3092=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * librav1e0-debuginfo-0.5.1+0-150400.3.3.1 * rav1e-debuginfo-0.5.1+0-150400.3.3.1 * rav1e-0.5.1+0-150400.3.3.1 * rav1e-debugsource-0.5.1+0-150400.3.3.1 * librav1e0-0.5.1+0-150400.3.3.1 * rav1e-devel-0.5.1+0-150400.3.3.1 * openSUSE Leap 15.4 (x86_64) * librav1e0-32bit-debuginfo-0.5.1+0-150400.3.3.1 * librav1e0-32bit-0.5.1+0-150400.3.3.1 * openSUSE Leap 15.4 (aarch64_ilp32) * librav1e0-64bit-0.5.1+0-150400.3.3.1 * librav1e0-64bit-debuginfo-0.5.1+0-150400.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-58266.html * https://bugzilla.suse.com/show_bug.cgi?id=1230028 *https://bugzilla.suse.com/show_bug.cgi?id=1247207 . Critical patch for rav1e on openSUSE resolves command injection vulnerability CVE-2024-58266. Prompt response needed!. rav1e update, SUSE security patch, openSUSE vulnerability. . LinuxSecurity.com Team
Sep 05, 2025
SuSE
202
security advisorymoderatecommand injectionopenSUSE: rav1e Moderate Command Injection CVE-2024-58266 2025:03092-1
An update that solves one vulnerability and has one security fix can now be installed.. # Security update for rav1e Announcement ID: SUSE-SU-2025:03092-1 Release Date: 2025-09-05T17:20:55Z Rating: moderate References: * bsc#1230028 * bsc#1247207 Cross-References: * CVE-2024-58266 CVSS scores: * CVE-2024-58266 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-58266 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-58266 ( NVD ): 3.2 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2024-58266 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for rav1e fixes the following issues: * Update crate shlex to 1.3.0: * CVE-2024-58266: Fixed command injection (bsc#1247207) * RUSTSEC-2024-0006: Fixed multiple issues involving quote API (bsc#1230028) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-3092=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * librav1e0-debuginfo-0.5.1+0-150400.3.3.1 * rav1e-debuginfo-0.5.1+0-150400.3.3.1 * rav1e-0.5.1+0-150400.3.3.1 * rav1e-debugsource-0.5.1+0-150400.3.3.1 * librav1e0-0.5.1+0-150400.3.3.1 * rav1e-devel-0.5.1+0-150400.3.3.1 * openSUSE Leap 15.4 (x86_64) * librav1e0-32bit-debuginfo-0.5.1+0-150400.3.3.1 * librav1e0-32bit-0.5.1+0-150400.3.3.1 * openSUSE Leap 15.4 (aarch64_ilp32) * librav1e0-64bit-0.5.1+0-150400.3.3.1 * librav1e0-64bit-debuginfo-0.5.1+0-150400.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-58266.html * https://bugzilla.suse.com/show_bug.cgi?id=1230028 *https://bugzilla.suse.com/show_bug.cgi?id=1247207 . A security patch for rav1e released by OpenSUSE mitigates command execution vulnerabilities classified as having moderate risk.. openSUSE Security, Rav1e Update, Command Injection, SUSE Advisory. . LinuxSecurity.com Team
Sep 05, 2025
OpenSUSE
202
security advisorymoderateupdateFedora: Critical Patch Update for VLC Severe Buffer Overflow 2025:02045-3
An update that solves one vulnerability and has one security fix can now be installed.. # Security update for rav1e Announcement ID: SUSE-SU-2025:03077-1 Release Date: 2025-09-04T10:55:03Z Rating: moderate References: * bsc#1230028 * bsc#1247207 Cross-References: * CVE-2024-58266 CVSS scores: * CVE-2024-58266 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-58266 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-58266 ( NVD ): 3.2 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2024-58266 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for rav1e fixes the following issues: * CVE-2024-58266: shlex: Fixed certain bytes allowed to appear unquoted and unescaped in command arguments (bsc#1247207) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-3077=1 SUSE-2025-3077=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-3077=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-3077=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) *librav1e0_6-debuginfo-0.6.6-150600.3.6.1 * rav1e-debuginfo-0.6.6-150600.3.6.1 * librav1e0_6-0.6.6-150600.3.6.1 * rav1e-devel-0.6.6-150600.3.6.1 * rav1e-0.6.6-150600.3.6.1 * rav1e-debugsource-0.6.6-150600.3.6.1 * openSUSE Leap 15.6 (x86_64) * librav1e0_6-32bit-0.6.6-150600.3.6.1 * librav1e0_6-32bit-debuginfo-0.6.6-150600.3.6.1 * openSUSE Leap 15.6 (aarch64_ilp32) * librav1e0_6-64bit-0.6.6-150600.3.6.1 * librav1e0_6-64bit-debuginfo-0.6.6-150600.3.6.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * rav1e-debuginfo-0.6.6-150600.3.6.1 * rav1e-debugsource-0.6.6-150600.3.6.1 * librav1e0_6-0.6.6-150600.3.6.1 * librav1e0_6-debuginfo-0.6.6-150600.3.6.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * rav1e-debuginfo-0.6.6-150600.3.6.1 * rav1e-debugsource-0.6.6-150600.3.6.1 * librav1e0_6-0.6.6-150600.3.6.1 * librav1e0_6-debuginfo-0.6.6-150600.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-58266.html * https://bugzilla.suse.com/show_bug.cgi?id=1230028 * https://bugzilla.suse.com/show_bug.cgi?id=1247207 . A recent update for rav1e tackles a critical security flaw, boosting protections within openSUSE systems. Key patch now accessible.. openSUSE security update,rav1e command injection,SUSE Linux patch,security updates. . Severity: Important. LinuxSecurity.com Team
Sep 04, 2025
•Important
OpenSUSE
100
security advisorymoderateSuSESUSE: rav1e Moderate Command Injection Vuln 2025:03077-1
* bsc#1230028 * bsc#1247207 Cross-References: * CVE-2024-58266 . # Security update for rav1e Announcement ID: SUSE-SU-2025:03077-1 Release Date: 2025-09-04T10:55:03Z Rating: moderate References: * bsc#1230028 * bsc#1247207 Cross-References: * CVE-2024-58266 CVSS scores: * CVE-2024-58266 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-58266 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-58266 ( NVD ): 3.2 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2024-58266 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for rav1e fixes the following issues: * CVE-2024-58266: shlex: Fixed certain bytes allowed to appear unquoted and unescaped in command arguments (bsc#1247207) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-3077=1 SUSE-2025-3077=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-3077=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-3077=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * librav1e0_6-debuginfo-0.6.6-150600.3.6.1 *rav1e-debuginfo-0.6.6-150600.3.6.1 * librav1e0_6-0.6.6-150600.3.6.1 * rav1e-devel-0.6.6-150600.3.6.1 * rav1e-0.6.6-150600.3.6.1 * rav1e-debugsource-0.6.6-150600.3.6.1 * openSUSE Leap 15.6 (x86_64) * librav1e0_6-32bit-0.6.6-150600.3.6.1 * librav1e0_6-32bit-debuginfo-0.6.6-150600.3.6.1 * openSUSE Leap 15.6 (aarch64_ilp32) * librav1e0_6-64bit-0.6.6-150600.3.6.1 * librav1e0_6-64bit-debuginfo-0.6.6-150600.3.6.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * rav1e-debuginfo-0.6.6-150600.3.6.1 * rav1e-debugsource-0.6.6-150600.3.6.1 * librav1e0_6-0.6.6-150600.3.6.1 * librav1e0_6-debuginfo-0.6.6-150600.3.6.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * rav1e-debuginfo-0.6.6-150600.3.6.1 * rav1e-debugsource-0.6.6-150600.3.6.1 * librav1e0_6-0.6.6-150600.3.6.1 * librav1e0_6-debuginfo-0.6.6-150600.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-58266.html * https://bugzilla.suse.com/show_bug.cgi?id=1230028 * https://bugzilla.suse.com/show_bug.cgi?id=1247207 . The SUSE Security Update for libav1 addresses a potential command injection flaw and offers comprehensive instructions for users to implement the solution.. SUSE Update,rav1e Patch,Security Risk,Command Injection,Linux Updates. . LinuxSecurity.com Team
Sep 04, 2025
SuSE
202
security advisorymoderatepatchopenSUSE: rav1e Moderate Security Fix CVE-2024-12224 SUSE-SU-2025:02586-1
An update that solves one vulnerability can now be installed.. # Security update for rav1e Announcement ID: SUSE-SU-2025:02586-1 Release Date: 2025-08-01T08:49:19Z Rating: moderate References: * bsc#1243855 Cross-References: * CVE-2024-12224 CVSS scores: * CVE-2024-12224 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-12224 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-12224 ( NVD ): 5.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for rav1e fixes the following issues: * CVE-2024-12224: Fixed improper validation of unsafe equivalence in punycode. (bsc#1243855) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2586=1 openSUSE-SLE-15.6-2025-2586=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2586=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2586=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * librav1e0_6-0.6.6-150600.3.3.1 * rav1e-devel-0.6.6-150600.3.3.1 * rav1e-debuginfo-0.6.6-150600.3.3.1 * librav1e0_6-debuginfo-0.6.6-150600.3.3.1 * rav1e-debugsource-0.6.6-150600.3.3.1 * rav1e-0.6.6-150600.3.3.1 * openSUSE Leap 15.6 (x86_64) * librav1e0_6-32bit-debuginfo-0.6.6-150600.3.3.1 * librav1e0_6-32bit-0.6.6-150600.3.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * librav1e0_6-64bit-debuginfo-0.6.6-150600.3.3.1 * librav1e0_6-64bit-0.6.6-150600.3.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * librav1e0_6-debuginfo-0.6.6-150600.3.3.1 * librav1e0_6-0.6.6-150600.3.3.1 * rav1e-debugsource-0.6.6-150600.3.3.1 * rav1e-debuginfo-0.6.6-150600.3.3.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * librav1e0_6-debuginfo-0.6.6-150600.3.3.1 * librav1e0_6-0.6.6-150600.3.3.1 * rav1e-debugsource-0.6.6-150600.3.3.1 * rav1e-debuginfo-0.6.6-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12224.html * https://bugzilla.suse.com/show_bug.cgi?id=1243855 . The latest rav1e update on openSUSE resolves a moderately severe issue regarding unsafe equivalence validation, enhancing security and system integrity. openSUSE, rav1e, security update. . LinuxSecurity.com Team
Aug 01, 2025
OpenSUSE
100
security advisorymoderatebuffer overflowSUSE Linux: rav1e Moderate CVE-2024-12224 Advisory 2025:02586-1
* bsc#1243855 Cross-References: * CVE-2024-12224 . # Security update for rav1e Announcement ID: SUSE-SU-2025:02586-1 Release Date: 2025-08-01T08:49:19Z Rating: moderate References: * bsc#1243855 Cross-References: * CVE-2024-12224 CVSS scores: * CVE-2024-12224 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-12224 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-12224 ( NVD ): 5.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for rav1e fixes the following issues: * CVE-2024-12224: Fixed improper validation of unsafe equivalence in punycode. (bsc#1243855) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2586=1 openSUSE-SLE-15.6-2025-2586=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2586=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2586=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * librav1e0_6-0.6.6-150600.3.3.1 * rav1e-devel-0.6.6-150600.3.3.1 *rav1e-debuginfo-0.6.6-150600.3.3.1 * librav1e0_6-debuginfo-0.6.6-150600.3.3.1 * rav1e-debugsource-0.6.6-150600.3.3.1 * rav1e-0.6.6-150600.3.3.1 * openSUSE Leap 15.6 (x86_64) * librav1e0_6-32bit-debuginfo-0.6.6-150600.3.3.1 * librav1e0_6-32bit-0.6.6-150600.3.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * librav1e0_6-64bit-debuginfo-0.6.6-150600.3.3.1 * librav1e0_6-64bit-0.6.6-150600.3.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * librav1e0_6-debuginfo-0.6.6-150600.3.3.1 * librav1e0_6-0.6.6-150600.3.3.1 * rav1e-debugsource-0.6.6-150600.3.3.1 * rav1e-debuginfo-0.6.6-150600.3.3.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * librav1e0_6-debuginfo-0.6.6-150600.3.3.1 * librav1e0_6-0.6.6-150600.3.3.1 * rav1e-debugsource-0.6.6-150600.3.3.1 * rav1e-debuginfo-0.6.6-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12224.html * https://bugzilla.suse.com/show_bug.cgi?id=1243855 . SUSE has released an important update for the rav1e encoder to tackle moderate vulnerabilities like CVE-2024-12224, improving security and stability for users. SUSE, rav1e, security advisory, patching, CVE-2024-12224. . LinuxSecurity.com Team
Aug 01, 2025
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!