SUSE Linux Enterprise Server 12 SP5 users: Patch CVE-2025-3155 now! This Yelp vulnerability (CVSS 7.4) allows JavaScript execution & file reads via malicious help docs. Learn how to secure your system with our step-by-step guide.
SUSE Linux Enterprise Server Vulnerability Fix – June 2025
🔒 Key Takeaways
Moderate-risk vulnerability (CVE-2025-3155) allows JavaScript execution & arbitrary file reads via malicious help files.
Affects SUSE Linux Enterprise Server 12 SP5 and related SAP/LTSS versions.
CVSS Scores: Up to 7.4 (NVD) – Exploitable via network with user interaction.
Patch now using
zypperor YaST to prevent exploitation.
📌 Vulnerability Details & Impact
CVE-2025-3155: Critical Security Flaw in Yelp Help Viewer
A newly discovered vulnerability in Yelp (GNOME’s help documentation system) could allow attackers to:
✔ Execute arbitrary JavaScript via crafted help files.
✔ Read sensitive system files through manipulated ghelp: URLs.
Affected Systems:
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
SUSE Linux Enterprise Server for SAP Applications 12 SP5
CVSS Breakdown:
| Source | CVSS v3.1 | CVSS v4.0 | Risk Level |
|---|---|---|---|
| NVD | 7.4 (High) | – | Network-exploitable |
| SUSE | 6.5 (Medium) | 6.9 (Medium) | Requires user interaction |
🛡️ How to Patch CVE-2025-3155
Step-by-Step Update Instructions
For SUSE Linux Enterprise Server 12 SP5 LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2169=1Alternative Methods:
Use YaST Online Update for automated patching.
Manually install updated packages (listed below).
Patched Packages
| Architecture | Package | Version |
|---|---|---|
| x86_64 | libyelp0, yelp, yelp-devel | 3.20.1-7.3.1 |
| noarch | yelp-lang | 3.20.1-7.3.1 |
❓ Why This Update Matters
This patch prevents client-side attacks where a user could be tricked into opening a malicious help file, leading to:
Data leaks (file access via
ghelp:).Remote code execution (via JavaScript injection).
🔗 Official References:
📢 FAQ: Yelp Security Update
Q: Is this vulnerability actively exploited?
A: No known exploits yet, but patch immediately due to moderate risk.
Q: Can I ignore this if I don’t use Yelp?
A: No – If installed, it’s a potential attack vector.
Q: What’s the worst-case scenario?
A: Attackers could steal files or hijack sessions via crafted links.
🚀 Final Recommendations
Enterprise users: Deploy patches via SUSE Manager for centralized updates.
Sysadmins: Audit systems for yelp dependencies.
End-users: Avoid opening untrusted .help files.
Nenhum comentário:
Postar um comentário