FERRAMENTAS LINUX: Critical Security Update: CVE-2025-3360 Vulnerability Patched in SUSE Linux Enterprise Micro

quarta-feira, 7 de maio de 2025

Critical Security Update: CVE-2025-3360 Vulnerability Patched in SUSE Linux Enterprise Micro

 

SUSE



SUSE has released a critical security update addressing CVE-2025-3360, a high-severity vulnerability (CVSS 8.2) in glib2 affecting ISO 8601 timestamp parsing. Learn how to patch SUSE Linux Enterprise Micro 5.1/5.2 and Rancher deployments to prevent buffer underread exploits.


Severity and Impact of CVE-2025-3360

A newly discovered vulnerability in glib2's ISO 8601 timestamp parsing function (g_date_time_new_from_iso8601()) could allow attackers to trigger:

  • Integer overflow leading to system instability

  • Buffer underread risks exposing sensitive memory data

CVSS Scores:

  • SUSE Rating: 8.2 (High) – Network-exploitable, low attack complexity

  • NVD Rating: 3.7 (Low) – Requires specific conditions

Why this matters: Systems processing untrusted timestamp data (e.g., log aggregators, cloud orchestration tools) are at highest risk.

Affected SUSE Linux Enterprise Micro Versions

ProductPatch Required
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Micro for Rancher 5.2

High-Risk Environments:

  • Cloud-native deployments

  • Kubernetes clusters using SUSE MicroOS

  • IoT edge devices with automated timestamp processing

Step-by-Step Patch Instructions

Method 1: Recommended Update (YaST/zypper)

bash
Copy
Download
zypper patch

or

bash
Copy
Download
zypper in -t patch [PATCH_NAME]

Version-Specific Commands

  • SUSE Micro 5.1:

    bash
    Copy
    Download
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-1457=1

  • SUSE Micro 5.2 / Rancher 5.2:

    bash
    Copy
    Download
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1457=1

Post-Update Verification:

bash
Copy
Download
rpm -qa | grep glib2

Expected output: glib2-2.62.6-150200.3.27.1

Updated Package List (AArch64, s390x, x86_64)

  • libgmodule-2_0-0-2.62.6-150200.3.27.1

  • libgobject-2_0-0-2.62.6-150200.3.27.1

  • glib2-tools-2.62.6-150200.3.27.1 (Includes debugging utilities)

  • glib2-debugsource-2.62.6-150200.3.27.1

Why Prompt Patching is Critical for Enterprises

  1. Prevent Zero-Day Exploits: Active scanning for vulnerable systems has increased 42% YoY (Q1 2025 Linux threat report).

  2. Compliance Requirements: Meets CIS Benchmark 3.1.1 for timestamp validation.

  3. Cloud Security: Mitigates risks in containerized environments like Rancher/Kubernetes.

Enterprise Solutions to Consider:

Additional Resources

🔗 SUSE CVE-2025-3360 Advisory
🔗 Bugzilla Report (bsc#1240897)


FAQ

Q: Does this affect non-SUSE distributions?

A: Only if using unpatched glib2 ≥v2.62. Check with ldd --version.

Q: Can this be exploited remotely?

A: Yes, via network services processing malicious timestamps (CVSS:4.0 AV:N).

Q: Are workarounds available?

A: Disabling ISO 8601 parsing in custom apps is temporary mitigation.

Cezar Henrique at
Marcadores: Linux, Android, Segurança ,

Nenhum comentário:

Postar um comentário

Assinar: Postar comentários (Atom)