Critical Security Update for SUSE Linux: Transfig Vulnerabilities Patched (CVE-2025-31162 to CVE-2025-31164)

 

SUSE Linux releases a critical security update for Transfig, patching 3 vulnerabilities (CVE-2025-31162 to CVE-2025-31164) with CVSS 6.6 scores. Learn how to patch heap overflows, DoS flaws, and memory corruption risks in SUSE Enterprise Server 12 SP5. Protect your Linux systems now.

SUSE has released a moderate-rated security update addressing three critical vulnerabilities in Transfig, a key component for vector graphics conversion in Linux environments. 

These flaws could allow local privilege escalation, memory corruption, or system crashes—posing risks to enterprises relying on SUSE Linux for mission-critical operations.

🔍 Vulnerability Breakdown & Risks

The update patches the following CVSS 6.6-rated vulnerabilities (High Severity):

1. CVE-2025-31164: Heap-buffer overflow in fig2dev create_line_with_spline() → Potential arbitrary code execution.

2. CVE-2025-31162: Floating-point exception in fig2dev get_slope() → Denial-of-Service (DoS) risk.

3. CVE-2025-31163: Segmentation fault in fig2dev put_patternarc() → Memory corruption attacks.

Affected Products:

• SUSE Linux Enterprise Server 12 SP5

• SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security

• SUSE Linux Enterprise Server for SAP Applications 12 SP5

🛡️ Patch Instructions & Mitigation

To secure your systems:

• Recommended: Use zypper patch or YaST Online Update.

• Manual Patch: For LTSS Extended Security, run:

  bash

  Copy

  Download

  zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1540=1

Package Updates:

• transfig-3.2.8b-2.23.1

• transfig-debuginfo-3.2.8b-2.23.1

• transfig-debugsource-3.2.8b-2.23.1

📌 Additional Resources

• SUSE CVE-2025-31162 Advisory

• Bugzilla Reports (bsc#1240379-1240381)