SUSE SLES12 Security Update : zvbi (SUSE-SU-2025:0988-1)

🗓️ 25 Mar 2025 00:00:00Reported by TenableType

SUSE SLES12 hosts vulnerable to multiple integer overflow issues, addressed in the security update.

Reporter	Title	Published	Views	Family All 130
AstraLinux	Astra Linux - уязвимость в zvbi	3 May 202623:59	–	astralinux
AstraLinux	Astra Linux - уязвимость в zvbi	3 May 202623:59	–	astralinux
AstraLinux	Astra Linux - уязвимость в zvbi	3 May 202623:59	–	astralinux
AstraLinux	Astra Linux - уязвимость в zvbi	3 May 202623:59	–	astralinux
AstraLinux	Astra Linux - уязвимость в zvbi	3 May 202623:59	–	astralinux
Circl	CVE-2025-2173	11 Mar 202507:39	–	circl
Circl	CVE-2025-2174	11 Mar 202507:39	–	circl
Circl	CVE-2025-2175	11 Mar 202507:39	–	circl
Circl	CVE-2025-2176	11 Mar 202507:39	–	circl
Circl	CVE-2025-2177	11 Mar 202507:39	–	circl

Source	Link
bugzilla	www.bugzilla.suse.com/1239222
bugzilla	www.bugzilla.suse.com/1239299
bugzilla	www.bugzilla.suse.com/1239312
bugzilla	www.bugzilla.suse.com/1239319
bugzilla	www.bugzilla.suse.com/1239320
nessus	www.nessus.org/u
suse	www.suse.com/security/cve/CVE-2025-2173
suse	www.suse.com/security/cve/CVE-2025-2174
suse	www.suse.com/security/cve/CVE-2025-2175
suse	www.suse.com/security/cve/CVE-2025-2176

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2025:0988-1. The text itself
# is copyright (C) SUSE.
##

include('compat.inc');

if (description)
{
  script_id(233314);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/03/25");

  script_cve_id(
    "CVE-2025-2173",
    "CVE-2025-2174",
    "CVE-2025-2175",
    "CVE-2025-2176",
    "CVE-2025-2177"
  );
  script_xref(name:"SuSE", value:"SUSE-SU-2025:0988-1");

  script_name(english:"SUSE SLES12 Security Update : zvbi (SUSE-SU-2025:0988-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in
the SUSE-SU-2025:0988-1 advisory.

    - CVE-2025-2173: Fixed check on src_length to avoid an unitinialized heap read (bsc#1239222).
    - CVE-2025-2174: Fixed integer overflow leading to heap overflow in src/conv.c, src/io-sim.c, src/search.c
    (bsc#1239299).
    - CVE-2025-2175: Fixed integer overflow in _vbi_strndup_iconv (bsc#1239312).
    - CVE-2025-2176: Fixed integer overflow in function vbi_capture_sim_load_caption in src/io-sim.c
    (bsc#1239319).
    - CVE-2025-2177: Fixed integer overflow in function vbi_search_new in src/search.c (bsc#1239320).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1239222");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1239299");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1239312");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1239319");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1239320");
  # https://lists.suse.com/pipermail/sle-security-updates/2025-March/020581.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?bf2f7f6b");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2025-2173");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2025-2174");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2025-2175");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2025-2176");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2025-2177");
  script_set_attribute(attribute:"solution", value:
"Update the affected libzvbi0 and / or zvbi-devel packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss4_vector", value:"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N");
  script_set_attribute(attribute:"cvss4_threat_vector", value:"CVSS:4.0/E:U");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-2177");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2025/03/11");
  script_set_attribute(attribute:"patch_publication_date", value:"2025/03/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/03/25");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libzvbi0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:zvbi-devel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12', 'SUSE (' + os_ver + ')');

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);

var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES12 SP5", os_ver + " SP" + service_pack);

var pkgs = [
    {'reference':'libzvbi0-0.2.35-3.3.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-extended-security-release-12.5']},
    {'reference':'zvbi-devel-0.2.35-3.3.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-extended-security-release-12.5']},
    {'reference':'libzvbi0-0.2.35-3.3.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},
    {'reference':'zvbi-devel-0.2.35-3.3.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']}
];

var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
  var reference = NULL;
  var _release = NULL;
  var sp = NULL;
  var _cpu = NULL;
  var exists_check = NULL;
  var rpm_spec_vers_cmp = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) _release = package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (reference && _release) {
    if (exists_check) {
      var check_flag = 0;
      foreach var check (exists_check) {
        if (!rpm_exists(release:_release, rpm:check)) continue;
        if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;
        check_flag++;
      }
      if (!check_flag) continue;
    }
    if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
  }
}

if (flag)
{
  var ltss_plugin_caveat = NULL;
  if(ltss_caveat_required) ltss_plugin_caveat = '\n' +
    'NOTE: This vulnerability check contains fixes that apply to\n' +
    'packages only available in SUSE Enterprise Linux Server LTSS\n' +
    'repositories. Access to these package security updates require\n' +
    'a paid SUSE LTSS subscription.\n';
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get() + ltss_plugin_caveat
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libzvbi0 / zvbi-devel');
}

25 Mar 2025 00:00Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.17.3 - 7.5

CVSS 27.5

CVSS 46.9

CVSS 37.3

EPSS0.00277

SSVC