- openSUSE Bugs

[Bug 1239839] New: VUL-0: CVE-2025-0313: ollama: improper validation of array index bounds when processing GGUF model files
by bugzilla_noreply＠suse.com 20 Mar '25

20 Mar '25

https://bugzilla.suse.com/show_bug.cgi?id=1239839 Bug ID: 1239839 Summary: VUL-0: CVE-2025-0313: ollama: improper validation of array index bounds when processing GGUF model files Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/446183/ OS: Other Status: NEW Severity: Major Priority: P5 - None Component: Security Assignee: eyadlorenzo(a)gmail.com Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: camila.matos(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to create a GGUF model that can cause a denial of service (DoS) attack. The vulnerability is due to improper validation of array index bounds in the GGUF model handling code, which can be exploited via a remote network. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2025-0313 https://www.cve.org/CVERecord?id=CVE-2025-0313 https://huntr.com/bounties/450c90f9-bc02-4560-afd4-d0aa057ac82c -- You are receiving this mail because: You are on the CC list for the bug.

1 2

[Bug 1239834] New: VUL-0: CVE-2024-12055: ollama: possible out-of-bounds read when processing GGUF model files
by bugzilla_noreply＠suse.com 20 Mar '25

20 Mar '25

https://bugzilla.suse.com/show_bug.cgi?id=1239834 Bug ID: 1239834 Summary: VUL-0: CVE-2024-12055: ollama: possible out-of-bounds read when processing GGUF model files Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/445975/ OS: Other Status: NEW Severity: Major Priority: P5 - None Component: Security Assignee: eyadlorenzo(a)gmail.com Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: camila.matos(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- A vulnerability in Ollama versions <=0.3.14 allows a malicious user to create a customized gguf model file that can be uploaded to the public Ollama server. When the server processes this malicious model, it crashes, leading to a Denial of Service (DoS) attack. The root cause of the issue is an out-of-bounds read in the gguf.go file. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-12055 https://www.cve.org/CVERecord?id=CVE-2024-12055 https://huntr.com/bounties/7b111d55-8215-4727-8807-c5ed4cf1bfbe -- You are receiving this mail because: You are on the CC list for the bug.

1 2

[Bug 1239838] New: VUL-0: CVE-2025-0312: ollama: possible null pointer dereference when processing GGUF model files
by bugzilla_noreply＠suse.com 20 Mar '25

20 Mar '25

https://bugzilla.suse.com/show_bug.cgi?id=1239838 Bug ID: 1239838 Summary: VUL-0: CVE-2025-0312: ollama: possible null pointer dereference when processing GGUF model files Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/446182/ OS: Other Status: NEW Severity: Major Priority: P5 - None Component: Security Assignee: eyadlorenzo(a)gmail.com Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: camila.matos(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to create a customized GGUF model file that, when uploaded and created on the Ollama server, can cause a crash due to an unchecked null pointer dereference. This can lead to a Denial of Service (DoS) attack via remote network. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2025-0312 https://www.cve.org/CVERecord?id=CVE-2025-0312 https://huntr.com/bounties/522c87b6-a7ac-41b2-84f3-62fd58921f21 -- You are receiving this mail because: You are on the CC list for the bug.

1 2

[Bug 1239840] New: VUL-0: CVE-2025-0315: ollama: unlimited memory allocation when processing GGUF model files
by bugzilla_noreply＠suse.com 20 Mar '25

20 Mar '25

https://bugzilla.suse.com/show_bug.cgi?id=1239840 Bug ID: 1239840 Summary: VUL-0: CVE-2025-0315: ollama: unlimited memory allocation when processing GGUF model files Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/446184/ OS: Other Status: NEW Severity: Major Priority: P5 - None Component: Security Assignee: eyadlorenzo(a)gmail.com Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: camila.matos(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- A vulnerability in ollama/ollama <=0.3.14 allows a malicious user to create a customized GGUF model file, upload it to the Ollama server, and create it. This can cause the server to allocate unlimited memory, leading to a Denial of Service (DoS) attack. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2025-0315 https://www.cve.org/CVERecord?id=CVE-2025-0315 https://huntr.com/bounties/da414d29-b55a-496f-b135-17e0fcec67bc -- You are receiving this mail because: You are on the CC list for the bug.

1 2

[Bug 1236907] New: rpm,quilt: update to rpm 4.20 breaks many "quilt setup" invocations
by bugzilla_noreply＠suse.com 20 Mar '25

20 Mar '25

https://bugzilla.suse.com/show_bug.cgi?id=1236907 Bug ID: 1236907 Summary: rpm,quilt: update to rpm 4.20 breaks many "quilt setup" invocations Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem Assignee: mls(a)suse.com Reporter: matthias.gerstner(a)suse.com QA Contact: qa-bugs(a)suse.de CC: jdelvare(a)suse.com Target Milestone: --- Found By: --- Blocker: --- Since the update to a recent Tumbleweed snapshot most of my "quilt setup <pkg.spec>" calls fail. It turns out that the trigger for this was the update of the rpm package from version 4.19 to version 4.20. I'm not entirely sure what aspect of rpm breaks it and whether rpm or quilt is to blame. It looks like any OBS package that contains patches can no longer be unpacked using quilt. Here are two examples of many: ``` $ osc co openSUSE:Factory/pam_kwallet6 $ cd openSUSE:Factory/pam_kwallet6 $ quilt setup -v pam_kwallet6.spec Executing(%mkbuilddir): /usr/bin/bash -e /var/tmp/rpm-tmp.InY3HF + umask 022 + cd /var/tmp/quiltNeJpJv/build/pam_kwallet6-6.2.5-build + test -d /var/tmp/quiltNeJpJv/build/pam_kwallet6-6.2.5-build + /usr/bin/chmod -Rf a+rX,u+w,g-w,o-w /var/tmp/quiltNeJpJv/build/pam_kwallet6-6.2.5-build + /usr/bin/rm -rf /var/tmp/quiltNeJpJv/build/pam_kwallet6-6.2.5-build + /usr/bin/mkdir -p /var/tmp/quiltNeJpJv/build/pam_kwallet6-6.2.5-build + /usr/bin/mkdir -p /var/tmp/quiltNeJpJv/build/pam_kwallet6-6.2.5-build/SPECPARTS + RPM_EC=0 ++ jobs -p + exit 0 Executing(%prep): /usr/bin/bash -e /var/tmp/rpm-tmp.lZXckr + umask 022 + cd /var/tmp/quiltNeJpJv/build/pam_kwallet6-6.2.5-build + cd /var/tmp/quiltNeJpJv/build/pam_kwallet6-6.2.5-build + rm -rf kwallet-pam-6.2.5 + /usr/lib/rpm/rpmuncompress -x /tmp/tmp5d2b5y86/obs.current/kwallet-pam-6.2.5.tar.xz + STATUS=0 + '[' 0 -ne 0 ']' + cd kwallet-pam-6.2.5 + /usr/bin/chmod -Rf a+rX,u+w,g-w,o-w . + /usr/lib/rpm/rpmuncompress /tmp/tmp5d2b5y86/obs.current/0002-Use-GNUInstallDirs-instead-of-KDEInstallDirs.patch + /var/tmp/quiltNeJpJv/bin/patch -p1 -s --fuzz=0 --no-backup-if-mismatch -f md5sum < /tmp/tmp5d2b5y86/obs.current/0002-Use-GNUInstallDirs-instead-of-KDEInstallDirs.patch md5sum < /tmp/tmp5d2b5y86/obs.current/md5sums md5sum < /tmp/tmp5d2b5y86/obs.current/plasma.keyring + RPM_EC=0 ++ jobs -p + exit 0 RPM build warnings: Could not canonicalize hostname: NSJAIL ln: failed to create symbolic link 'kwallet-pam-6.2.5/patches': No such file or directory /usr/share/quilt/setup: line 540: cd: kwallet-pam-6.2.5: No such file or directory /usr/share/quilt/setup: line 551: kwallet-pam-6.2.5/series: No such file or directory /usr/share/quilt/setup: line 554: kwallet-pam-6.2.5/series: No such file or directory ``` When trying to unpack the osc package, then it seems to look for files in ~/rpmbuild/SOURCES instead of the CWD: ``` $ osc co openSUSE:Factory/osc $ cd openSUSE:Factory/osc $ quilt setup -v osc.spec Building target platforms: noarch Building for target noarch warning: Could not canonicalize hostname: NSJAIL Executing(%mkbuilddir): /usr/bin/bash -e /var/tmp/rpm-tmp.0HCbTQ + umask 022 + cd /home/jenkins/rpmbuild/BUILD/osc-1.12.0-build + test -d /home/jenkins/rpmbuild/BUILD/osc-1.12.0-build + /usr/bin/chmod -Rf a+rX,u+w,g-w,o-w /home/jenkins/rpmbuild/BUILD/osc-1.12.0-build + /usr/bin/rm -rf /home/jenkins/rpmbuild/BUILD/osc-1.12.0-build + /usr/bin/mkdir -p /home/jenkins/rpmbuild/BUILD/osc-1.12.0-build + /usr/bin/mkdir -p /home/jenkins/rpmbuild/BUILD/osc-1.12.0-build/SPECPARTS + RPM_EC=0 ++ jobs -p + exit 0 Executing(%prep): /usr/bin/bash -e /var/tmp/rpm-tmp.pLtlLh + umask 022 + cd /home/jenkins/rpmbuild/BUILD/osc-1.12.0-build + cd /home/jenkins/rpmbuild/BUILD/osc-1.12.0-build + rm -rf osc-1.12.0 + /usr/lib/rpm/rpmuncompress -x /home/jenkins/rpmbuild/SOURCES/osc-1.12.0.tar.gz error: File /home/jenkins/rpmbuild/SOURCES/osc-1.12.0.tar.gz: No such file or directory error: Bad exit status from /var/tmp/rpm-tmp.pLtlLh (%prep) RPM build warnings: Could not canonicalize hostname: NSJAIL RPM build errors: Bad exit status from /var/tmp/rpm-tmp.pLtlLh (%prep) The %prep section of osc.spec failed; results may be incomplete ``` -- You are receiving this mail because: You are on the CC list for the bug.

1 45

[Bug 1239843] New: google-chrome instlalation - busybox-which conflicts with xdg-utils
by bugzilla_noreply＠suse.com 20 Mar '25

20 Mar '25

https://bugzilla.suse.com/show_bug.cgi?id=1239843 Bug ID: 1239843 Summary: google-chrome instlalation - busybox-which conflicts with xdg-utils Classification: openSUSE Product: openSUSE Distribution Version: Leap 16.0 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Patterns Assignee: lubos.kocman(a)suse.com Reporter: lubos.kocman(a)suse.com QA Contact: qa-bugs(a)suse.de Target Milestone: --- Found By: --- Blocker: --- Seems like SLES pushes busybox, in favor of other tools, this is fine for containers but shouldn't be the case on a fully fledged desktop. sudo zypper in google-chrome-stable_current_x86_64.rpm We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. For security reasons, the password you type will not be visible. [sudo] password for lkocman: Refreshing service 'openSUSE'. Loading repository data... Reading installed packages... Resolving package dependencies... Problem: 1: the to be installed google-chrome-stable-134.0.6998.117-1.x86_64 requires 'xdg-utils', but this requirement cannot be provided not installable providers: xdg-utils-1.1.3+20210805-160000.1.4.noarch[openSUSE:repo-oss] Solution 1: deinstallation of busybox-which-1.37.0-160000.2.3.noarch Solution 2: do not install google-chrome-stable-134.0.6998.117-1.x86_64 Solution 3: break google-chrome-stable-134.0.6998.117-1.x86_64 by ignoring some of its dependencies Choose from above solutions by number or cancel [1/2/3/c/d/?] (c): -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1237423] New: file -s /bin/ls | Bad system call (core dumped)
by bugzilla_noreply＠suse.com 20 Mar '25

20 Mar '25

https://bugzilla.suse.com/show_bug.cgi?id=1237423 Bug ID: 1237423 Summary: file -s /bin/ls | Bad system call (core dumped) Classification: openSUSE Product: openSUSE Distribution Version: Leap 16.0 Hardware: PowerPC-64 OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem Assignee: screening-team-bugs(a)suse.de Reporter: hector.oron(a)suse.com QA Contact: qa-bugs(a)suse.de Target Milestone: --- Found By: --- Blocker: --- On a Leap 16.0 system installed from: https://download.opensuse.org/repositories/openSUSE:/Leap:/16.0:/Images/ima… jostaberry-11:~ # strace file -s /bin/ls execve("/usr/bin/file", ["file", "-s", "/bin/ls"], 0x7fffcf43a330 /* 49 vars */) = 0 brk(NULL) = 0x100247a0000 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=17959, ...}) = 0 mmap(NULL, 17959, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fff87ab0000 close(3) = 0 openat(AT_FDCWD, "/lib64/libmagic.so.1", O_RDONLY|O_CLOEXEC) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\25\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=264464, ...}) = 0 mmap(NULL, 263224, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fff87a60000 mmap(0x7fff87a90000, 131072, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x30000) = 0x7fff87a90000 close(3) = 0 openat(AT_FDCWD, "/lib64/libseccomp.so.2", O_RDONLY|O_CLOEXEC) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\25\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=198592, ...}) = 0 mmap(NULL, 262216, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fff87a10000 mmap(0x7fff87a40000, 131072, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x20000) = 0x7fff87a40000 close(3) = 0 openat(AT_FDCWD, "/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3 read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0\25\0\1\0\0\0 \236\2\0\0\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=2628840, ...}) = 0 mmap(NULL, 2417408, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fff877c0000 mmap(0x7fff879f0000, 131072, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x220000) = 0x7fff879f0000 close(3) = 0 openat(AT_FDCWD, "/lib64/libzstd.so.1", O_RDONLY|O_CLOEXEC) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\25\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=854096, ...}) = 0 mmap(NULL, 917648, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fff876d0000 mmap(0x7fff877a0000, 131072, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xc0000) = 0x7fff877a0000 close(3) = 0 openat(AT_FDCWD, "/lib64/liblzma.so.5", O_RDONLY|O_CLOEXEC) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\25\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=329696, ...}) = 0 mmap(NULL, 393232, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fff87660000 mmap(0x7fff876b0000, 131072, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x40000) = 0x7fff876b0000 close(3) = 0 openat(AT_FDCWD, "/lib64/libbz2.so.1", O_RDONLY|O_CLOEXEC) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\25\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=133104, ...}) = 0 mmap(NULL, 196624, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fff87620000 mmap(0x7fff87640000, 131072, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x10000) = 0x7fff87640000 close(3) = 0 openat(AT_FDCWD, "/lib64/libz.so.1", O_RDONLY|O_CLOEXEC) = 3 read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0\25\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=133160, ...}) = 0 mmap(NULL, 196632, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fff875e0000 mmap(0x7fff87600000, 131072, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x10000) = 0x7fff87600000 close(3) = 0 set_tid_address(0x7fff87b55330) = 2300 set_robust_list(0x7fff87b55340, 24) = 0 rseq(0x7fff87b55980, 0x20, 0, 0xfe5000b) = 0 mprotect(0x7fff879f0000, 65536, PROT_READ) = 0 mprotect(0x7fff87600000, 65536, PROT_READ) = 0 mprotect(0x7fff87640000, 65536, PROT_READ) = 0 mprotect(0x7fff876b0000, 65536, PROT_READ) = 0 mprotect(0x7fff877a0000, 65536, PROT_READ) = 0 mprotect(0x7fff87a40000, 65536, PROT_READ) = 0 mprotect(0x7fff87a90000, 65536, PROT_READ) = 0 mprotect(0x12d870000, 65536, PROT_READ) = 0 mprotect(0x7fff87b40000, 65536, PROT_READ) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 munmap(0x7fff87ab0000, 17959) = 0 getrandom("\x95\x50\x62\xd7\x90\x0b\x4f\xcf", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x100247a0000 brk(0x100247d0000) = 0x100247d0000 openat(AT_FDCWD, "/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) openat(AT_FDCWD, "/usr/share/locale/locale.alias", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=2940, ...}) = 0 read(3, "# Locale name alias data base.\n#"..., 4096) = 2940 read(3, "", 4096) = 0 close(3) = 0 openat(AT_FDCWD, "/usr/lib/locale/en_US.UTF-8/LC_CTYPE", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) openat(AT_FDCWD, "/usr/lib/locale/en_US.utf8/LC_CTYPE", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=357584, ...}) = 0 mmap(NULL, 357584, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fff87580000 close(3) = 0 openat(AT_FDCWD, "/usr/lib64/gconv/gconv-modules.cache", O_RDONLY|O_CLOEXEC) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=27012, ...}) = 0 mmap(NULL, 27012, PROT_READ, MAP_SHARED, 3, 0) = 0x7fff87ab0000 close(3) = 0 futex(0x7fff87a0193c, FUTEX_WAKE_PRIVATE, 2147483647) = 0 prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) = 0 seccomp(SECCOMP_SET_MODE_STRICT, 0x1, NULL) = -1 EINVAL (Invalid argument) seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC, NULL) = -1 EFAULT (Bad address) seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_LOG, NULL) = -1 EFAULT (Bad address) seccomp(SECCOMP_GET_ACTION_AVAIL, 0, [SECCOMP_RET_LOG]) = 0 seccomp(SECCOMP_GET_ACTION_AVAIL, 0, [SECCOMP_RET_KILL_PROCESS]) = 0 seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_SPEC_ALLOW, NULL) = -1 EFAULT (Bad address) seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_NEW_LISTENER, NULL) = -1 EFAULT (Bad address) seccomp(SECCOMP_GET_NOTIF_SIZES, 0, {seccomp_notif=80, seccomp_notif_resp=24, seccomp_data=64}) = 0 seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC_ESRCH, NULL) = -1 EFAULT (Bad address) prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) = 0 seccomp(SECCOMP_SET_MODE_FILTER, 0, {len=55, filter=0x100247af140}) = 0 newfstatat(AT_FDCWD, "/root/.magic.mgc", 0x7fffcc95bf48, 0) = -1 ENOENT (No such file or directory) newfstatat(AT_FDCWD, "/root/.magic", 0x7fffcc95bf48, 0) = -1 ENOENT (No such file or directory) openat(AT_FDCWD, "/etc/magic.mgc", O_RDONLY) = -1 ENOENT (No such file or directory) newfstatat(AT_FDCWD, "/etc/magic", {st_mode=S_IFREG|0644, st_size=113, ...}, 0) = 0 openat(AT_FDCWD, "/etc/magic", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=113, ...}) = 0 read(3, "# Localstuff: file(1) magic(5) f"..., 4096) = 113 read(3, "", 4096) = 0 close(3) = 0 openat(AT_FDCWD, "/usr/share/file/magic.mgc", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=10373184, ...}) = 0 mmap(NULL, 10373184, PROT_READ|PROT_WRITE, MAP_PRIVATE, 3, 0) = 0x7fff86b90000 close(3) = 0 mprotect(0x7fff86b90000, 10373184, PROT_READ) = 0 brk(0x10024800000) = 0x10024800000 fstat(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(0xe5, 0), ...}) = 0 ioctl(1, TCGETS, {c_iflag=, c_oflag=NL0|CR0|TAB0|BS0|VT0|FF0|, c_cflag=B0|CS5|, c_lflag=, ...}) = 1 +++ killed by SIGSYS (core dumped) +++ Bad system call (core dumped) I thought this could be related to SELinux, and I had disabled it, but file still coredumps with SELinux disabled. -- You are receiving this mail because: You are on the CC list for the bug.

1 21

[Bug 1239785] transactional-update.service got error on private repository, cli-command won't get the error
by bugzilla_noreply＠suse.com 20 Mar '25

20 Mar '25

https://bugzilla.suse.com/show_bug.cgi?id=1239785 https://bugzilla.suse.com/show_bug.cgi?id=1239785#c8 Fabian Vogt <fvogt(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags| |needinfo?(dirk.datzert@gmx. | |de) CC| |dirk.datzert(a)gmx.de, | |fvogt(a)suse.com --- Comment #8 from Fabian Vogt <fvogt(a)suse.com> --- Does it also fail with "transactional-update dup" or "transactional-update pkg in doesnotexist"? Also please attach zypper.log. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1239498] New: VUL-0: CVE-2025-22869: gokart: golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh
by bugzilla_noreply＠suse.com 20 Mar '25

20 Mar '25

https://bugzilla.suse.com/show_bug.cgi?id=1239498 Bug ID: 1239498 Summary: VUL-0: CVE-2025-22869: gokart: golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/442884/ OS: Other Status: NEW Severity: Major Priority: P5 - None Component: Security Assignee: alexandre.vicenzi(a)suse.com Reporter: camila.matos(a)suse.com QA Contact: security-team(a)suse.de CC: camila.matos(a)suse.com, security-team(a)suse.de Blocks: 1239322 Target Milestone: --- Found By: --- Blocker: --- +++ This bug was initially created as a clone of Bug #1239322 +++ SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2025-22869 https://github.com/CVEProject/cvelistV5/blob/main//cves/2025/22xxx/CVE-2025… https://bugzilla.redhat.com/show_bug.cgi?id=2348367 -- You are receiving this mail because: You are on the CC list for the bug.

1 5

[Bug 1239832] New: VUL-0: CVE-2025-0317: ollama: possible division by zero when importing GGUF models in the Modelfile
by bugzilla_noreply＠suse.com 20 Mar '25

20 Mar '25

https://bugzilla.suse.com/show_bug.cgi?id=1239832 Bug ID: 1239832 Summary: VUL-0: CVE-2025-0317: ollama: possible division by zero when importing GGUF models in the Modelfile Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/446185/ OS: Other Status: NEW Severity: Major Priority: P5 - None Component: Security Assignee: eyadlorenzo(a)gmail.com Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: camila.matos(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to upload and create a customized GGUF model file on the Ollama server. This can lead to a division by zero error in the ggufPadding function, causing the server to crash and resulting in a Denial of Service (DoS) attack. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2025-0317 https://www.cve.org/CVERecord?id=CVE-2025-0317 https://huntr.com/bounties/a9951bca-9bd8-49b2-b143-4cd4219f9fa0 -- You are receiving this mail because: You are on the CC list for the bug.

1 4