SB20250918107 - SUSE update for curl

Security Bulletin ID SB20250918107

Severity

Low

Patch available

YES

Number of vulnerabilities 2

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Use of insufficiently random values (CVE-ID: CVE-2025-10148)

The vulnerability allows a remote attacker to perform cache poisoning.

The vulnerability exists due to the websocket code does not update the 32 bit mask pattern for each new outgoing frame as the specification says.Instead it used a fixed mask that persisted and was used throughout the entire connection. As a result, a malicious server can induce traffic between the two communicating parties that can be interpreted by an involved proxy and poison cached content.

2) Out-of-bounds read (CVE-ID: CVE-2025-9086)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition when reading cookie path. A malicious server can set a specially crafted cookie path using the secure keyword, trigger an out-of-bounds read error and crash the application.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2025/suse-su-202503267-1/