SUSE Linux Enterprise users: Patch CVE-2025-22247 in open-vm-tools 12.5.2 now! Fixes insecure file handling, GCC 15 errors & containerd compatibility. Step-by-step update guide included
Severity: Moderate
Affected Products: SUSE Linux Enterprise 15 SP7 (Server, Desktop, SAP, Real Time)
A newly released security update for open-vm-tools (version 12.5.2) addresses a critical vulnerability (CVE-2025-22247) and includes essential stability fixes. System administrators and DevOps teams running SUSE Linux Enterprise should apply this patch immediately to mitigate risks.
Key Security Fixes & Enhancements
1. Critical Vulnerability Patch: CVE-2025-22247
CVSS Score: 6.9 (SUSE) | 6.1 (NVD)
Risk: Insecure file handling leading to potential local privilege escalation
Impact: Attackers could exploit this flaw to manipulate files or escalate permissions within a compromised VM.
Affected Systems: All SUSE Linux Enterprise 15 SP7 variants, including Basesystem, Containers, and Desktop Modules.
2. Additional Stability Fixes
✔ Fixed GCC 15 compile-time errors (bsc#1241938)
✔ Improved compatibility with containerd 1.7.25+ (bsc#1237147)
How to Apply the Update
Recommended Patch Methods
YaST Online Update (GUI)
Command Line (zypper):
# For Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-1565=1 # For Containers Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2025-1565=1 # For Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-1565=1
Full Changelog & References
Why This Update Matters for Enterprises
Virtualization security is critical for cloud infrastructure, DevOps, and enterprise IT environments. Unpatched vulnerabilities in VM tools can lead to:
Data breaches via file manipulation
Service disruptions due to unstable builds
Compliance risks in regulated industries
Proactive patching ensures system integrity, uptime, and regulatory compliance.
Nenhum comentário:
Postar um comentário