SUSE has released a critical security update for Yelp (CVE-2025-3155) addressing JavaScript execution & arbitrary file read vulnerabilities. Learn patch instructions for openSUSE Leap 15.6, SLE 15 SP6/7, and Desktop Modules.
Why This Update Matters
A newly discovered vulnerability (CVE-2025-3155) in Yelp’s help file parser could allow attackers to:
Execute malicious JavaScript via crafted
ghelp:scheme URLs.Read arbitrary local files (CVSS 7.4 NVD / 6.9 SUSE).
Affected systems include SUSE Linux Enterprise 15 SP6/7, openSUSE Leap 15.6, and related Desktop/Server modules.
Pro Tip: Enterprise users should prioritize patching—this exploit requires no privileges (PR:N) and works remotely (AV:N).
Patch Instructions (Step-by-Step)
1. Recommended Methods
YaST Online Update: Automated patches via SUSE’s tool.
Zypper Patch: Terminal command for granular control.
2. Product-Specific Commands
| Product | Install Command |
|---|---|
| openSUSE Leap 15.6 | zypper in -t patch SUSE-2025-2170=1 openSUSE-SLE-15.6-2025-2170=1 |
| Desktop Apps 15-SP6 | zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-2170=1 |
| SLE Server 15 SP7 | zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-2170=1 |
Technical Deep Dive: CVE-2025-3155
CVSS 4.0: 6.9 (SUSE) – High Confidentiality (VC:H), User Interaction Required (UI:A).
Exploit Flow: Malicious help file → JavaScript execution → File system access.
Mitigation: Patch blocks
ghelp:URL parsing exploits.
Affected Packages:
yelp-42.2,libyelp0, debug/devel packages (see full list).
FAQs
Q: Is this vulnerability actively exploited?
A: No public exploits yet, but PoCs are likely due to low attack complexity (AC:L).
Q: Can I mitigate without patching?
A: Disable Yelp/help file processing in enterprise policies (temporary fix).
Nenhum comentário:
Postar um comentário