Security update for protobuf SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:3722-1 Final 1 1 2025-10-22T11:20:32Z current 2025-10-22T11:20:32Z 2025-10-22T11:20:32Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for protobuf This update for protobuf fixes the following issues: - CVE-2025-4565: parsing of untrusted Protocol Buffers data containing an arbitrary number of recursive groups or messages can lead to crash due to a `RecursionError` (bsc#1244663). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2025-3722,SUSE-SLE-Micro-5.3-2025-3722,SUSE-SLE-Micro-5.4-2025-3722,SUSE-SLE-Micro-5.5-2025-3722,SUSE-SLE-Module-Basesystem-15-SP6-2025-3722,SUSE-SLE-Module-Basesystem-15-SP7-2025-3722,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-3722,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-3722,SUSE-SLE-Module-Public-Cloud-15-SP3-2025-3722,SUSE-SLE-Module-Public-Cloud-15-SP4-2025-3722,SUSE-SLE-Module-Public-Cloud-15-SP5-2025-3722,SUSE-SLE-Module-Public-Cloud-15-SP6-2025-3722,SUSE-SLE-Module-Public-Cloud-15-SP7-2025-3722,SUSE-SUSE-MicroOS-5.1-2025-3722,SUSE-SUSE-MicroOS-5.2-2025-3722 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-20253722-1/ Link for SUSE-SU-2025:3722-1 https://lists.suse.com/pipermail/sle-security-updates/2025-October/022970.html E-Mail link for SUSE-SU-2025:3722-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1244663 SUSE Bug 1244663 https://www.suse.com/security/cve/CVE-2025-4565/ SUSE CVE CVE-2025-4565 page SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Micro 5.4 SUSE Linux Enterprise Micro 5.5 SUSE Linux Enterprise Module for Basesystem 15 SP6 SUSE Linux Enterprise Module for Basesystem 15 SP7 SUSE Linux Enterprise Module for Package Hub 15 SP6 SUSE Linux Enterprise Module for Package Hub 15 SP7 SUSE Linux Enterprise Module for Public Cloud 15 SP3 SUSE Linux Enterprise Module for Public Cloud 15 SP4 SUSE Linux Enterprise Module for Public Cloud 15 SP5 SUSE Linux Enterprise Module for Public Cloud 15 SP6 SUSE Linux Enterprise Module for Public Cloud 15 SP7 libprotobuf-lite20-3.9.2-150200.4.27.1 libprotobuf-lite20-32bit-3.9.2-150200.4.27.1 libprotobuf-lite20-64bit-3.9.2-150200.4.27.1 libprotobuf20-3.9.2-150200.4.27.1 libprotobuf20-32bit-3.9.2-150200.4.27.1 libprotobuf20-64bit-3.9.2-150200.4.27.1 libprotoc20-3.9.2-150200.4.27.1 libprotoc20-32bit-3.9.2-150200.4.27.1 libprotoc20-64bit-3.9.2-150200.4.27.1 protobuf-devel-3.9.2-150200.4.27.1 protobuf-java-3.9.2-150200.4.27.1 protobuf-java-bom-3.9.2-150200.4.27.1 protobuf-java-parent-3.9.2-150200.4.27.1 protobuf-source-3.9.2-150200.4.27.1 python2-protobuf-3.9.2-150200.4.27.1 python3-protobuf-3.9.2-150200.4.27.1 libprotobuf-lite20-3.9.2-150200.4.27.1 as a component of SUSE Linux Enterprise Micro 5.1 libprotobuf-lite20-3.9.2-150200.4.27.1 as a component of SUSE Linux Enterprise Micro 5.2 libprotobuf-lite20-3.9.2-150200.4.27.1 as a component of SUSE Linux Enterprise Micro 5.3 libprotobuf-lite20-3.9.2-150200.4.27.1 as a component of SUSE Linux Enterprise Micro 5.4 libprotobuf-lite20-3.9.2-150200.4.27.1 as a component of SUSE Linux Enterprise Micro 5.5 libprotobuf20-3.9.2-150200.4.27.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 libprotobuf20-3.9.2-150200.4.27.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 python3-protobuf-3.9.2-150200.4.27.1 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP6 python3-protobuf-3.9.2-150200.4.27.1 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP7 python3-protobuf-3.9.2-150200.4.27.1 as a component of SUSE Linux Enterprise Module for Public Cloud 15 SP3 python3-protobuf-3.9.2-150200.4.27.1 as a component of SUSE Linux Enterprise Module for Public Cloud 15 SP4 python3-protobuf-3.9.2-150200.4.27.1 as a component of SUSE Linux Enterprise Module for Public Cloud 15 SP5 python3-protobuf-3.9.2-150200.4.27.1 as a component of SUSE Linux Enterprise Module for Public Cloud 15 SP6 python3-protobuf-3.9.2-150200.4.27.1 as a component of SUSE Linux Enterprise Module for Public Cloud 15 SP7 Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =>6.31.1 or beyond commit 17838beda2943d08b8a9d4df5b68f5f04f26d901 CVE-2025-4565 SUSE Linux Enterprise Micro 5.1:libprotobuf-lite20-3.9.2-150200.4.27.1 SUSE Linux Enterprise Micro 5.2:libprotobuf-lite20-3.9.2-150200.4.27.1 SUSE Linux Enterprise Micro 5.3:libprotobuf-lite20-3.9.2-150200.4.27.1 SUSE Linux Enterprise Micro 5.4:libprotobuf-lite20-3.9.2-150200.4.27.1 SUSE Linux Enterprise Micro 5.5:libprotobuf-lite20-3.9.2-150200.4.27.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:libprotobuf20-3.9.2-150200.4.27.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:libprotobuf20-3.9.2-150200.4.27.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:python3-protobuf-3.9.2-150200.4.27.1 SUSE Linux Enterprise Module for Package Hub 15 SP7:python3-protobuf-3.9.2-150200.4.27.1 SUSE Linux Enterprise Module for Public Cloud 15 SP3:python3-protobuf-3.9.2-150200.4.27.1 SUSE Linux Enterprise Module for Public Cloud 15 SP4:python3-protobuf-3.9.2-150200.4.27.1 SUSE Linux Enterprise Module for Public Cloud 15 SP5:python3-protobuf-3.9.2-150200.4.27.1 SUSE Linux Enterprise Module for Public Cloud 15 SP6:python3-protobuf-3.9.2-150200.4.27.1 SUSE Linux Enterprise Module for Public Cloud 15 SP7:python3-protobuf-3.9.2-150200.4.27.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20253722-1/ https://www.suse.com/security/cve/CVE-2025-4565.html CVE-2025-4565 https://bugzilla.suse.com/1244663 SUSE Bug 1244663