<div class="container">
<h1>Security update for systemd</h1>
<table class="table table-striped table-bordered">
<tbody>
<tr>
<th>Announcement ID:</th>
<td>SUSE-SU-2025:20041-1</td>
</tr>
<tr>
<th>Release Date:</th>
<td>2025-02-03T08:54:03Z</td>
</tr>
<tr>
<th>Rating:</th>
<td>critical</td>
</tr>
<tr>
<th>References:</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1200723">bsc#1200723</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1204968">bsc#1204968</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213873">bsc#1213873</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218110">bsc#1218110</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1221906">bsc#1221906</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1226414">bsc#1226414</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1226415">bsc#1226415</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228091">bsc#1228091</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228223">bsc#1228223</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228809">bsc#1228809</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1229518">bsc#1229518</a>
</li>
<li style="display: inline;">
<a href="https://jira.suse.com/browse/PED-5659">jsc#PED-5659</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>
Cross-References:
</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2022-3821.html">CVE-2022-3821</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>CVSS scores:</th>
<td>
<ul class="list-group">
<li class="list-group-item">
<span class="cvss-reference">CVE-2022-3821</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">5.5</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2022-3821</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">5.5</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2022-3821</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">5.5</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H</span>
</li>
</ul>
</td>
</tr>
<tr>
<th>Affected Products:</th>
<td>
<ul class="list-group">
<li class="list-group-item">SUSE Linux Micro 6.0</li>
<li class="list-group-item">SUSE Linux Micro Extras 6.0</li>
</ul>
</td>
</tr>
</tbody>
</table>
<p>An update that solves one vulnerability, contains one feature and has 10 fixes can now be installed.</p>
<h2>Description:</h2>
<p>This update for systemd fixes the following issues:</p>
<ul>
<li>
<p>Import commit 0512d0d1fc0b54a84964281708036a46ab39c153
0512d0d1fc cgroup: Rename effective limits internal table (jsc#PED-5659)
765846b70b cgroup: Restrict effective limits with global resource provision (jsc#PED-5659)
e29909088b test: Add effective cgroup limits testing (jsc#PED-5659)
beacac6df0 test: Convert rlimit test to subtest of generic limit testing (jsc#PED-5659)
e3b789e512 cgroup: Add EffectiveMemoryMax=, EffectiveMemoryHigh= and EffectiveTasksMax= properties (jsc#PED-5659)
5aa063ae16 bus-print-properties: prettify more unset properties
a53122c9bd bus-print-properties: ignore CGROUP_LIMIT_MAX for Memory*{Current, Peak}
8418791441 cgroup: rename TasksMax structure to CGroupTasksMax</p>
</li>
<li>
<p>Don't try to restart the udev socket units anymore (bsc#1228809)</p>
</li>
</ul>
<p>There's currently no way to restart a socket activable service and its socket
units "atomically" and safely.</p>
<ul>
<li>Make the 32bit version of libudev.so available again (bsc#1228223)</li>
</ul>
<p>The symlink for building 32bit applications was mistakenly dropped when the
content of libudev-devel was merged into systemd-devel.</p>
<p>Provide the 32bit flavor of systemd-devel again, which should restore the plug
and play support in Wine for 32bit windows applications.</p>
<ul>
<li>Import commit up to 5aa182660dff86fe9d5cba61b0c6542bb2f2db23 (merge of v254.17)</li>
</ul>
<h2>Special Instructions and Notes:</h2>
<ul>
<li>Please reboot the system after installing this update.</li>
</ul>
<h2>Patch Instructions:</h2>
<p>
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".<br/>
Alternatively you can run the command listed for your product:
</p>
<ul class="list-group">
<li class="list-group-item">
SUSE Linux Micro 6.0
<br/>
<code>zypper in -t patch SUSE-SLE-Micro-6.0-73=1</code>
</li>
<li class="list-group-item">
SUSE Linux Micro Extras 6.0
<br/>
<code>zypper in -t patch SUSE-SLE-Micro-6.0-73=1</code>
</li>
</ul>
<h2>Package List:</h2>
<ul>
<li>
SUSE Linux Micro 6.0 (aarch64 s390x x86_64)
<ul>
<li>systemd-experimental-254.18-1.1</li>
<li>systemd-debuginfo-254.18-1.1</li>
<li>systemd-coredump-254.18-1.1</li>
<li>libudev1-254.18-1.1</li>
<li>libudev1-debuginfo-254.18-1.1</li>
<li>systemd-journal-remote-debuginfo-254.18-1.1</li>
<li>systemd-coredump-debuginfo-254.18-1.1</li>
<li>systemd-container-254.18-1.1</li>
<li>libsystemd0-254.18-1.1</li>
<li>systemd-journal-remote-254.18-1.1</li>
<li>udev-254.18-1.1</li>
<li>udev-debuginfo-254.18-1.1</li>
<li>systemd-debugsource-254.18-1.1</li>
<li>systemd-experimental-debuginfo-254.18-1.1</li>
<li>libsystemd0-debuginfo-254.18-1.1</li>
<li>systemd-254.18-1.1</li>
<li>systemd-container-debuginfo-254.18-1.1</li>
<li>systemd-portable-debuginfo-254.18-1.1</li>
<li>systemd-portable-254.18-1.1</li>
</ul>
</li>
<li>
SUSE Linux Micro Extras 6.0 (aarch64 s390x x86_64)
<ul>
<li>systemd-devel-254.18-1.1</li>
<li>systemd-debugsource-254.18-1.1</li>
</ul>
</li>
</ul>
<h2>References:</h2>
<ul>
<li>
<a href="https://www.suse.com/security/cve/CVE-2022-3821.html">https://www.suse.com/security/cve/CVE-2022-3821.html</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1200723">https://bugzilla.suse.com/show_bug.cgi?id=1200723</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1204968">https://bugzilla.suse.com/show_bug.cgi?id=1204968</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213873">https://bugzilla.suse.com/show_bug.cgi?id=1213873</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218110">https://bugzilla.suse.com/show_bug.cgi?id=1218110</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1221906">https://bugzilla.suse.com/show_bug.cgi?id=1221906</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1226414">https://bugzilla.suse.com/show_bug.cgi?id=1226414</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1226415">https://bugzilla.suse.com/show_bug.cgi?id=1226415</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228091">https://bugzilla.suse.com/show_bug.cgi?id=1228091</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228223">https://bugzilla.suse.com/show_bug.cgi?id=1228223</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228809">https://bugzilla.suse.com/show_bug.cgi?id=1228809</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1229518">https://bugzilla.suse.com/show_bug.cgi?id=1229518</a>
</li>
<li>
<a href="https://jira.suse.com/browse/PED-5659">https://jira.suse.com/browse/PED-5659</a>
</li>
</ul>
</div>