Security update for systemd SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:20041-1 Final 1 1 2025-02-03T08:54:00Z current 2025-02-03T08:54:00Z 2025-02-03T08:54:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for systemd This update for systemd fixes the following issues: - Import commit 0512d0d1fc0b54a84964281708036a46ab39c153 0512d0d1fc cgroup: Rename effective limits internal table (jsc#PED-5659) 765846b70b cgroup: Restrict effective limits with global resource provision (jsc#PED-5659) e29909088b test: Add effective cgroup limits testing (jsc#PED-5659) beacac6df0 test: Convert rlimit test to subtest of generic limit testing (jsc#PED-5659) e3b789e512 cgroup: Add EffectiveMemoryMax=, EffectiveMemoryHigh= and EffectiveTasksMax= properties (jsc#PED-5659) 5aa063ae16 bus-print-properties: prettify more unset properties a53122c9bd bus-print-properties: ignore CGROUP_LIMIT_MAX for Memory*{Current, Peak} 8418791441 cgroup: rename TasksMax structure to CGroupTasksMax - Don't try to restart the udev socket units anymore (bsc#1228809) There's currently no way to restart a socket activable service and its socket units "atomically" and safely. - Make the 32bit version of libudev.so available again (bsc#1228223) The symlink for building 32bit applications was mistakenly dropped when the content of libudev-devel was merged into systemd-devel. Provide the 32bit flavor of systemd-devel again, which should restore the plug and play support in Wine for 32bit windows applications. - Import commit up to 5aa182660dff86fe9d5cba61b0c6542bb2f2db23 (merge of v254.17) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-Micro-6.0-73 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-202520041-1/ Link for SUSE-SU-2025:20041-1 https://lists.suse.com/pipermail/sle-security-updates/2025-June/021335.html E-Mail link for SUSE-SU-2025:20041-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1200723 SUSE Bug 1200723 https://bugzilla.suse.com/1204968 SUSE Bug 1204968 https://bugzilla.suse.com/1213873 SUSE Bug 1213873 https://bugzilla.suse.com/1218110 SUSE Bug 1218110 https://bugzilla.suse.com/1221906 SUSE Bug 1221906 https://bugzilla.suse.com/1226414 SUSE Bug 1226414 https://bugzilla.suse.com/1226415 SUSE Bug 1226415 https://bugzilla.suse.com/1228091 SUSE Bug 1228091 https://bugzilla.suse.com/1228223 SUSE Bug 1228223 https://bugzilla.suse.com/1228809 SUSE Bug 1228809 https://bugzilla.suse.com/1229518 SUSE Bug 1229518 https://www.suse.com/security/cve/CVE-2022-3821/ SUSE CVE CVE-2022-3821 page SUSE Linux Micro 6.0 libsystemd0-254.18-1.1 libudev1-254.18-1.1 systemd-254.18-1.1 systemd-container-254.18-1.1 systemd-coredump-254.18-1.1 systemd-experimental-254.18-1.1 systemd-journal-remote-254.18-1.1 systemd-portable-254.18-1.1 udev-254.18-1.1 libsystemd0-254.18-1.1 as a component of SUSE Linux Micro 6.0 libudev1-254.18-1.1 as a component of SUSE Linux Micro 6.0 systemd-254.18-1.1 as a component of SUSE Linux Micro 6.0 systemd-container-254.18-1.1 as a component of SUSE Linux Micro 6.0 systemd-coredump-254.18-1.1 as a component of SUSE Linux Micro 6.0 systemd-experimental-254.18-1.1 as a component of SUSE Linux Micro 6.0 systemd-journal-remote-254.18-1.1 as a component of SUSE Linux Micro 6.0 systemd-portable-254.18-1.1 as a component of SUSE Linux Micro 6.0 udev-254.18-1.1 as a component of SUSE Linux Micro 6.0 An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service. CVE-2022-3821 SUSE Linux Micro 6.0:libsystemd0-254.18-1.1 SUSE Linux Micro 6.0:libudev1-254.18-1.1 SUSE Linux Micro 6.0:systemd-254.18-1.1 SUSE Linux Micro 6.0:systemd-container-254.18-1.1 SUSE Linux Micro 6.0:systemd-coredump-254.18-1.1 SUSE Linux Micro 6.0:systemd-experimental-254.18-1.1 SUSE Linux Micro 6.0:systemd-journal-remote-254.18-1.1 SUSE Linux Micro 6.0:systemd-portable-254.18-1.1 SUSE Linux Micro 6.0:udev-254.18-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202520041-1/ https://www.suse.com/security/cve/CVE-2022-3821.html CVE-2022-3821 https://bugzilla.suse.com/1204968 SUSE Bug 1204968