Security update for glibc SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:0510-1 Final 1 1 2025-02-13T11:33:41Z current 2025-02-13T11:33:41Z 2025-02-13T11:33:41Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for glibc This update for glibc fixes the following issue: - CVE-2025-0395: Fix underallocation of abort_msg_s struct (bsc#1236282, BZ #32582)) - s390x-wcsncmp patch: s390x: Fix segfault in wcsncmp (bsc#1228044). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Container suse/ltss/sle12.5/sles12sp5:latest-2025-510,Image SLES12-SP5-EC2-BYOS-2025-510,Image SLES12-SP5-EC2-On-Demand-2025-510,Image SLES12-SP5-EC2-SAP-BYOS-2025-510,Image SLES12-SP5-EC2-SAP-On-Demand-2025-510,Image SLES12-SP5-SAP-Azure-LI-BYOS-Production-2025-510,Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production-2025-510,SUSE-2025-510,SUSE-SLE-SERVER-12-SP5-LTSS-2025-510,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-510 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-20250510-1/ Link for SUSE-SU-2025:0510-1 https://lists.suse.com/pipermail/sle-security-updates/2025-February/020333.html E-Mail link for SUSE-SU-2025:0510-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1228044 SUSE Bug 1228044 https://bugzilla.suse.com/1236282 SUSE Bug 1236282 https://www.suse.com/security/cve/CVE-2025-0395/ SUSE CVE CVE-2025-0395 page Container suse/ltss/sle12.5/sles12sp5:latest Image SLES12-SP5-EC2-BYOS Image SLES12-SP5-EC2-On-Demand Image SLES12-SP5-EC2-SAP-BYOS Image SLES12-SP5-EC2-SAP-On-Demand Image SLES12-SP5-SAP-Azure-LI-BYOS-Production Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production SUSE Linux Enterprise Server 12 SP5-LTSS SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 glibc-2.22-114.40.1 glibc-i18ndata-2.22-114.40.1 glibc-locale-2.22-114.40.1 nscd-2.22-114.40.1 glibc-32bit-2.22-114.40.1 glibc-devel-2.22-114.40.1 glibc-64bit-2.22-114.40.1 glibc-devel-32bit-2.22-114.40.1 glibc-devel-64bit-2.22-114.40.1 glibc-devel-static-2.22-114.40.1 glibc-devel-static-32bit-2.22-114.40.1 glibc-devel-static-64bit-2.22-114.40.1 glibc-extra-2.22-114.40.1 glibc-html-2.22-114.40.1 glibc-info-2.22-114.40.1 glibc-locale-32bit-2.22-114.40.1 glibc-locale-64bit-2.22-114.40.1 glibc-obsolete-2.22-114.40.1 glibc-profile-2.22-114.40.1 glibc-profile-32bit-2.22-114.40.1 glibc-profile-64bit-2.22-114.40.1 glibc-utils-2.22-114.40.1 glibc-utils-32bit-2.22-114.40.1 glibc-utils-64bit-2.22-114.40.1 glibc-2.22-114.40.1 as a component of Container suse/ltss/sle12.5/sles12sp5:latest glibc-2.22-114.40.1 as a component of Image SLES12-SP5-EC2-BYOS glibc-i18ndata-2.22-114.40.1 as a component of Image SLES12-SP5-EC2-BYOS glibc-locale-2.22-114.40.1 as a component of Image SLES12-SP5-EC2-BYOS nscd-2.22-114.40.1 as a component of Image SLES12-SP5-EC2-BYOS glibc-2.22-114.40.1 as a component of Image SLES12-SP5-EC2-On-Demand glibc-i18ndata-2.22-114.40.1 as a component of Image SLES12-SP5-EC2-On-Demand glibc-locale-2.22-114.40.1 as a component of Image SLES12-SP5-EC2-On-Demand nscd-2.22-114.40.1 as a component of Image SLES12-SP5-EC2-On-Demand glibc-2.22-114.40.1 as a component of Image SLES12-SP5-EC2-SAP-BYOS glibc-i18ndata-2.22-114.40.1 as a component of Image SLES12-SP5-EC2-SAP-BYOS glibc-locale-2.22-114.40.1 as a component of Image SLES12-SP5-EC2-SAP-BYOS nscd-2.22-114.40.1 as a component of Image SLES12-SP5-EC2-SAP-BYOS glibc-2.22-114.40.1 as a component of Image SLES12-SP5-EC2-SAP-On-Demand glibc-i18ndata-2.22-114.40.1 as a component of Image SLES12-SP5-EC2-SAP-On-Demand glibc-locale-2.22-114.40.1 as a component of Image SLES12-SP5-EC2-SAP-On-Demand nscd-2.22-114.40.1 as a component of Image SLES12-SP5-EC2-SAP-On-Demand glibc-2.22-114.40.1 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production glibc-32bit-2.22-114.40.1 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production glibc-devel-2.22-114.40.1 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production glibc-i18ndata-2.22-114.40.1 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production glibc-locale-2.22-114.40.1 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production nscd-2.22-114.40.1 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production glibc-2.22-114.40.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production glibc-32bit-2.22-114.40.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production glibc-devel-2.22-114.40.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production glibc-i18ndata-2.22-114.40.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production glibc-locale-2.22-114.40.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production nscd-2.22-114.40.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production glibc-2.22-114.40.1 as a component of SUSE Linux Enterprise Server 12 SP5-LTSS glibc-32bit-2.22-114.40.1 as a component of SUSE Linux Enterprise Server 12 SP5-LTSS glibc-devel-2.22-114.40.1 as a component of SUSE Linux Enterprise Server 12 SP5-LTSS glibc-devel-32bit-2.22-114.40.1 as a component of SUSE Linux Enterprise Server 12 SP5-LTSS glibc-devel-static-2.22-114.40.1 as a component of SUSE Linux Enterprise Server 12 SP5-LTSS glibc-html-2.22-114.40.1 as a component of SUSE Linux Enterprise Server 12 SP5-LTSS glibc-i18ndata-2.22-114.40.1 as a component of SUSE Linux Enterprise Server 12 SP5-LTSS glibc-info-2.22-114.40.1 as a component of SUSE Linux Enterprise Server 12 SP5-LTSS glibc-locale-2.22-114.40.1 as a component of SUSE Linux Enterprise Server 12 SP5-LTSS glibc-locale-32bit-2.22-114.40.1 as a component of SUSE Linux Enterprise Server 12 SP5-LTSS glibc-profile-2.22-114.40.1 as a component of SUSE Linux Enterprise Server 12 SP5-LTSS glibc-profile-32bit-2.22-114.40.1 as a component of SUSE Linux Enterprise Server 12 SP5-LTSS nscd-2.22-114.40.1 as a component of SUSE Linux Enterprise Server 12 SP5-LTSS glibc-2.22-114.40.1 as a component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 glibc-32bit-2.22-114.40.1 as a component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 glibc-devel-2.22-114.40.1 as a component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 glibc-devel-32bit-2.22-114.40.1 as a component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 glibc-devel-static-2.22-114.40.1 as a component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 glibc-html-2.22-114.40.1 as a component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 glibc-i18ndata-2.22-114.40.1 as a component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 glibc-info-2.22-114.40.1 as a component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 glibc-locale-2.22-114.40.1 as a component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 glibc-locale-32bit-2.22-114.40.1 as a component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 glibc-profile-2.22-114.40.1 as a component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 glibc-profile-32bit-2.22-114.40.1 as a component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 nscd-2.22-114.40.1 as a component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size. CVE-2025-0395 Container suse/ltss/sle12.5/sles12sp5:latest:glibc-2.22-114.40.1 Image SLES12-SP5-EC2-BYOS:glibc-2.22-114.40.1 Image SLES12-SP5-EC2-BYOS:glibc-i18ndata-2.22-114.40.1 Image SLES12-SP5-EC2-BYOS:glibc-locale-2.22-114.40.1 Image SLES12-SP5-EC2-BYOS:nscd-2.22-114.40.1 Image SLES12-SP5-EC2-On-Demand:glibc-2.22-114.40.1 Image SLES12-SP5-EC2-On-Demand:glibc-i18ndata-2.22-114.40.1 Image SLES12-SP5-EC2-On-Demand:glibc-locale-2.22-114.40.1 Image SLES12-SP5-EC2-On-Demand:nscd-2.22-114.40.1 Image SLES12-SP5-EC2-SAP-BYOS:glibc-2.22-114.40.1 Image SLES12-SP5-EC2-SAP-BYOS:glibc-i18ndata-2.22-114.40.1 Image SLES12-SP5-EC2-SAP-BYOS:glibc-locale-2.22-114.40.1 Image SLES12-SP5-EC2-SAP-BYOS:nscd-2.22-114.40.1 Image SLES12-SP5-EC2-SAP-On-Demand:glibc-2.22-114.40.1 Image SLES12-SP5-EC2-SAP-On-Demand:glibc-i18ndata-2.22-114.40.1 Image SLES12-SP5-EC2-SAP-On-Demand:glibc-locale-2.22-114.40.1 Image SLES12-SP5-EC2-SAP-On-Demand:nscd-2.22-114.40.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:glibc-2.22-114.40.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:glibc-32bit-2.22-114.40.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:glibc-devel-2.22-114.40.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:glibc-i18ndata-2.22-114.40.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:glibc-locale-2.22-114.40.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:nscd-2.22-114.40.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:glibc-2.22-114.40.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:glibc-32bit-2.22-114.40.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:glibc-devel-2.22-114.40.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:glibc-i18ndata-2.22-114.40.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:glibc-locale-2.22-114.40.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:nscd-2.22-114.40.1 SUSE Linux Enterprise Server 12 SP5-LTSS:glibc-2.22-114.40.1 SUSE Linux Enterprise Server 12 SP5-LTSS:glibc-32bit-2.22-114.40.1 SUSE Linux Enterprise Server 12 SP5-LTSS:glibc-devel-2.22-114.40.1 SUSE Linux Enterprise Server 12 SP5-LTSS:glibc-devel-32bit-2.22-114.40.1 SUSE Linux Enterprise Server 12 SP5-LTSS:glibc-devel-static-2.22-114.40.1 SUSE Linux Enterprise Server 12 SP5-LTSS:glibc-html-2.22-114.40.1 SUSE Linux Enterprise Server 12 SP5-LTSS:glibc-i18ndata-2.22-114.40.1 SUSE Linux Enterprise Server 12 SP5-LTSS:glibc-info-2.22-114.40.1 SUSE Linux Enterprise Server 12 SP5-LTSS:glibc-locale-2.22-114.40.1 SUSE Linux Enterprise Server 12 SP5-LTSS:glibc-locale-32bit-2.22-114.40.1 SUSE Linux Enterprise Server 12 SP5-LTSS:glibc-profile-2.22-114.40.1 SUSE Linux Enterprise Server 12 SP5-LTSS:glibc-profile-32bit-2.22-114.40.1 SUSE Linux Enterprise Server 12 SP5-LTSS:nscd-2.22-114.40.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:glibc-2.22-114.40.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:glibc-32bit-2.22-114.40.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:glibc-devel-2.22-114.40.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:glibc-devel-32bit-2.22-114.40.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:glibc-devel-static-2.22-114.40.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:glibc-html-2.22-114.40.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:glibc-i18ndata-2.22-114.40.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:glibc-info-2.22-114.40.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:glibc-locale-2.22-114.40.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:glibc-locale-32bit-2.22-114.40.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:glibc-profile-2.22-114.40.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:glibc-profile-32bit-2.22-114.40.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:nscd-2.22-114.40.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250510-1/ https://www.suse.com/security/cve/CVE-2025-0395.html CVE-2025-0395 https://bugzilla.suse.com/1236282 SUSE Bug 1236282