Security update for iputils SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:01776-1 Final 1 1 2025-05-30T13:02:56Z current 2025-05-30T13:02:56Z 2025-05-30T13:02:56Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for iputils This update for iputils fixes the following issues: - CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior (bsc#1242300) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest-2025-1776,Container suse/sle-micro/5.5/toolbox:latest-2025-1776,Container suse/sle-micro/base-5.5:latest-2025-1776,SUSE-2025-1776,SUSE-SLE-Micro-5.5-2025-1776,SUSE-SLE-Module-Basesystem-15-SP6-2025-1776,openSUSE-SLE-15.6-2025-1776 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-202501776-1/ Link for SUSE-SU-2025:01776-1 https://lists.suse.com/pipermail/sle-updates/2025-May/039470.html E-Mail link for SUSE-SU-2025:01776-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1242300 SUSE Bug 1242300 https://www.suse.com/security/cve/CVE-2025-47268/ SUSE CVE CVE-2025-47268 page Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest Container suse/sle-micro/5.5/toolbox:latest Container suse/sle-micro/base-5.5:latest SUSE Linux Enterprise Micro 5.5 SUSE Linux Enterprise Module for Basesystem 15 SP6 openSUSE Leap 15.6 iputils-20221126-150500.3.11.1 iputils-20221126-150500.3.11.1 as a component of Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest iputils-20221126-150500.3.11.1 as a component of Container suse/sle-micro/5.5/toolbox:latest iputils-20221126-150500.3.11.1 as a component of Container suse/sle-micro/base-5.5:latest iputils-20221126-150500.3.11.1 as a component of SUSE Linux Enterprise Micro 5.5 iputils-20221126-150500.3.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 iputils-20221126-150500.3.11.1 as a component of openSUSE Leap 15.6 ping in iputils through 20240905 allows a denial of service (application error or incorrect data collection) via a crafted ICMP Echo Reply packet, because of a signed 64-bit integer overflow in timestamp multiplication. CVE-2025-47268 Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest:iputils-20221126-150500.3.11.1 Container suse/sle-micro/5.5/toolbox:latest:iputils-20221126-150500.3.11.1 Container suse/sle-micro/base-5.5:latest:iputils-20221126-150500.3.11.1 SUSE Linux Enterprise Micro 5.5:iputils-20221126-150500.3.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:iputils-20221126-150500.3.11.1 openSUSE Leap 15.6:iputils-20221126-150500.3.11.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202501776-1/ https://www.suse.com/security/cve/CVE-2025-47268.html CVE-2025-47268 https://bugzilla.suse.com/1242300 SUSE Bug 1242300