RHSA-2025:7524
- Source
- https://access.redhat.com/errata/RHSA-2025:7524
- Import Source
- https://security.access.redhat.com/data/osv/RHSA-2025:7524.json
- JSON Data
- https://api.osv.dev/v1/vulns/RHSA-2025:7524
- Published
- 2025-05-14T10:06:48Z
- Modified
- 2025-05-14T10:46:05.265953Z
- Upstream
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Red Hat Security Advisory: xz security update
- Details
- References
-
- https://access.redhat.com/errata/RHSA-2025:7524
- https://access.redhat.com/security/updates/classification/#important
- https://bugzilla.redhat.com/show_bug.cgi?id=2357249
- https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_7524.json
- https://access.redhat.com/security/cve/CVE-2025-31115
- https://www.cve.org/CVERecord?id=CVE-2025-31115
- https://nvd.nist.gov/vuln/detail/CVE-2025-31115
- https://github.com/tukaani-project/xz/commit/d5a2ffe41bb77b918a8c96084885d4dbe4bf6480
- https://github.com/tukaani-project/xz/security/advisories/GHSA-6cc8-p5mm-29w2
- https://tukaani.org/xz/xz-cve-2025-31115.patch
Affected packages
Red Hat:enterprise_linux:10.0 / xz
Package
- Name
- xz
- Purl
- pkg:rpm/redhat/xz
Red Hat:enterprise_linux:10.0 / xz-debuginfo
Package
- Name
- xz-debuginfo
- Purl
- pkg:rpm/redhat/xz-debuginfo
Red Hat:enterprise_linux:10.0 / xz-debugsource
Package
- Name
- xz-debugsource
- Purl
- pkg:rpm/redhat/xz-debugsource
Red Hat:enterprise_linux:10.0 / xz-devel
Package
- Name
- xz-devel
- Purl
- pkg:rpm/redhat/xz-devel
Red Hat:enterprise_linux:10.0 / xz-libs
Package
- Name
- xz-libs
- Purl
- pkg:rpm/redhat/xz-libs
Red Hat:enterprise_linux:10.0 / xz-libs-debuginfo
Package
- Name
- xz-libs-debuginfo
- Purl
- pkg:rpm/redhat/xz-libs-debuginfo
Red Hat:enterprise_linux:10.0 / xz-lzma-compat
Package
- Name
- xz-lzma-compat
- Purl
- pkg:rpm/redhat/xz-lzma-compat