SUSE update for python
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2025-8291 |
| CWE-ID | CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
SUSE Package Hub 15 Operating systems & Components / Operating system SUSE Linux Enterprise Real Time 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise Desktop 15 Operating systems & Components / Operating system openSUSE Leap Operating systems & Components / Operating system python-doc Operating systems & Components / Operating system package or component python-doc-pdf Operating systems & Components / Operating system package or component libpython2_7-1_0-32bit Operating systems & Components / Operating system package or component python-32bit Operating systems & Components / Operating system package or component python-32bit-debuginfo Operating systems & Components / Operating system package or component python-base-32bit Operating systems & Components / Operating system package or component python-base-32bit-debuginfo Operating systems & Components / Operating system package or component libpython2_7-1_0-32bit-debuginfo Operating systems & Components / Operating system package or component python-tk-debuginfo Operating systems & Components / Operating system package or component python-demo Operating systems & Components / Operating system package or component python-idle Operating systems & Components / Operating system package or component python-tk Operating systems & Components / Operating system package or component python-devel Operating systems & Components / Operating system package or component python-base-debuginfo Operating systems & Components / Operating system package or component python-base Operating systems & Components / Operating system package or component python-debugsource Operating systems & Components / Operating system package or component libpython2_7-1_0-debuginfo Operating systems & Components / Operating system package or component python-curses-debuginfo Operating systems & Components / Operating system package or component libpython2_7-1_0 Operating systems & Components / Operating system package or component python-debuginfo Operating systems & Components / Operating system package or component python Operating systems & Components / Operating system package or component python-xml-debuginfo Operating systems & Components / Operating system package or component python-gdbm-debuginfo Operating systems & Components / Operating system package or component python-xml Operating systems & Components / Operating system package or component python-gdbm Operating systems & Components / Operating system package or component python-curses Operating systems & Components / Operating system package or component python-base-debugsource Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Input validation error
EUVDB-ID: #VU116971
Risk: Medium
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-8291
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to extract files into arbitrary locations on the system.
The vulnerability exists due to the zipfile module does not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value when extracting files. A remote attacker can use a specially crafted zip file to extract data into arbitrary locations on the system.
MitigationUpdate the affected package python to the latest version.
Vulnerable software versionsSUSE Package Hub 15: 15-SP6 - 15-SP7
SUSE Linux Enterprise Real Time 15: SP6 - SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP6 - SP7
SUSE Linux Enterprise Server 15: SP6 - SP7
SUSE Linux Enterprise Desktop 15: SP6 - SP7
openSUSE Leap: 15.6
python-doc: before 2.7.18-150000.86.1
python-doc-pdf: before 2.7.18-150000.86.1
libpython2_7-1_0-32bit: before 2.7.18-150000.86.1
python-32bit: before 2.7.18-150000.86.1
python-32bit-debuginfo: before 2.7.18-150000.86.1
python-base-32bit: before 2.7.18-150000.86.1
python-base-32bit-debuginfo: before 2.7.18-150000.86.1
libpython2_7-1_0-32bit-debuginfo: before 2.7.18-150000.86.1
python-tk-debuginfo: before 2.7.18-150000.86.1
python-demo: before 2.7.18-150000.86.1
python-idle: before 2.7.18-150000.86.1
python-tk: before 2.7.18-150000.86.1
python-devel: before 2.7.18-150000.86.1
python-base-debuginfo: before 2.7.18-150000.86.1
python-base: before 2.7.18-150000.86.1
python-debugsource: before 2.7.18-150000.86.1
libpython2_7-1_0-debuginfo: before 2.7.18-150000.86.1
python-curses-debuginfo: before 2.7.18-150000.86.1
libpython2_7-1_0: before 2.7.18-150000.86.1
python-debuginfo: before 2.7.18-150000.86.1
python: before 2.7.18-150000.86.1
python-xml-debuginfo: before 2.7.18-150000.86.1
python-gdbm-debuginfo: before 2.7.18-150000.86.1
python-xml: before 2.7.18-150000.86.1
python-gdbm: before 2.7.18-150000.86.1
python-curses: before 2.7.18-150000.86.1
python-base-debugsource: before 2.7.18-150000.86.1
CPE2.3- cpe:2.3:o:suse:suse_package_hub_15:15-SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_package_hub_15:15-SP7:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP7:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP7:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP7:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop_15:SP7:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:*
- cpe:2.3:a:suse:python-doc:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:python-doc-pdf:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libpython2_7-1_0-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:python-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:python-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:python-base-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:python-base-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libpython2_7-1_0-32bit-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:python-tk-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:python-demo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:python-idle:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:python-tk:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:python-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:python-base-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:python-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:python-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libpython2_7-1_0-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:python-curses-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libpython2_7-1_0:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:python-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:python:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:python-xml-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:python-gdbm-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:python-xml:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:python-gdbm:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:python-curses:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:python-base-debugsource:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20254313-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
