{"affected":[{"ecosystem_specific":{"binaries":[{"glibc":"2.38-9.1","glibc-devel":"2.38-9.1","glibc-locale":"2.38-9.1","glibc-locale-base":"2.38-9.1"}]},"package":{"ecosystem":"SUSE:Linux Micro 6.0","name":"glibc","purl":"pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Micro%206.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.38-9.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for glibc fixes the following issues:\n\n- CVE-2025-4802: Fixed local root exploits when using static built setuid root applications. (elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static) (bsc#1243317)\n- pthreads NPTL: lost wakeup fix 2 (bsc#1234128, BZ #25847)\n- Mark functions in libc_nonshared.a as hidden (bsc#1239883)\n\n","id":"SUSE-SU-2025:20332-1","modified":"2025-05-21T11:04:20Z","published":"2025-05-21T11:04:20Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-202520332-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1234128"},{"type":"REPORT","url":"https://bugzilla.suse.com/1239883"},{"type":"REPORT","url":"https://bugzilla.suse.com/1243317"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-4802"}],"related":["CVE-2025-4802"],"summary":"Security update for glibc","upstream":["CVE-2025-4802"]}