SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-2244

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-2244

Security update for systemd

Type: security

Severity: moderate

Issued: 2025-07-08

Description:

This update for systemd fixes the following issues:

- CVE-2025-4598: Fixed race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump (bsc#1243935).

Other bugfixes:

- logs-show: get timestamp and boot ID only when necessary (bsc#1242827).

References

CVE: CVE-2025-4598
Bugzilla: 1243935 VUL-0: CVE-2025-4598: systemd: systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump
Bugzilla: 1242827 L3: systemd: real_journal_next() calls journal_file_fstat() after every line and multiplied by each journal file

Packages

systemd-254.25-150600.4.40.1