CVE-2025-56225 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2025-56225 Interim 1 1 2026-03-05T00:29:49Z current 2026-03-05T00:29:49Z 2026-03-05T00:29:49Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2025-56225 fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluid_synth_monopoly.c, that can be triggered when loading an invalid midi file. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings Container suse/sl-micro/6.0/baremetal-os-container:2.1.3-6.35 Container suse/sl-micro/6.0/base-os-container:2.1.3-7.4 Container suse/sl-micro/6.0/kvm-os-container:2.1.3-6.31 Container suse/sl-micro/6.0/rt-os-container:2.1.3-7.36 Container suse/sl-micro/6.0/toolbox:13.2-9.1 Image SL-Micro Image SLE-Micro Image SLE-Micro-Azure Image SLE-Micro-BYOS Image SLE-Micro-BYOS-Azure Image SLE-Micro-BYOS-EC2 Image SLE-Micro-BYOS-GCE Image SLE-Micro-EC2 Image SLE-Micro-GCE openSUSE Leap 16.0 openSUSE Tumbleweed fluidsynth-2.3.5-160000.3.1 fluidsynth-2.5.2-2.1 fluidsynth-devel-2.3.5-160000.3.1 fluidsynth-devel-2.5.2-2.1 libfluidsynth3-2.3.5-160000.3.1 libfluidsynth3-2.5.2-2.1 libfluidsynth3-32bit-2.5.2-2.1 libxml2-2-2.11.6-8.1 libxml2-tools-2.11.6-8.1 libxml2-2-2.11.6-8.1 as a component of Container suse/sl-micro/6.0/baremetal-os-container:2.1.3-6.35 libxml2-2-2.11.6-8.1 as a component of Container suse/sl-micro/6.0/base-os-container:2.1.3-7.4 libxml2-2-2.11.6-8.1 as a component of Container suse/sl-micro/6.0/kvm-os-container:2.1.3-6.31 libxml2-2-2.11.6-8.1 as a component of Container suse/sl-micro/6.0/rt-os-container:2.1.3-7.36 libxml2-2-2.11.6-8.1 as a component of Container suse/sl-micro/6.0/toolbox:13.2-9.1 libxml2-2-2.11.6-8.1 as a component of Image SL-Micro libxml2-2-2.11.6-8.1 as a component of Image SLE-Micro libxml2-tools-2.11.6-8.1 as a component of Image SLE-Micro libxml2-2-2.11.6-8.1 as a component of Image SLE-Micro-Azure libxml2-tools-2.11.6-8.1 as a component of Image SLE-Micro-Azure libxml2-2-2.11.6-8.1 as a component of Image SLE-Micro-BYOS libxml2-tools-2.11.6-8.1 as a component of Image SLE-Micro-BYOS libxml2-2-2.11.6-8.1 as a component of Image SLE-Micro-BYOS-Azure libxml2-tools-2.11.6-8.1 as a component of Image SLE-Micro-BYOS-Azure libxml2-2-2.11.6-8.1 as a component of Image SLE-Micro-BYOS-EC2 libxml2-tools-2.11.6-8.1 as a component of Image SLE-Micro-BYOS-EC2 libxml2-2-2.11.6-8.1 as a component of Image SLE-Micro-BYOS-GCE libxml2-tools-2.11.6-8.1 as a component of Image SLE-Micro-BYOS-GCE libxml2-2-2.11.6-8.1 as a component of Image SLE-Micro-EC2 libxml2-tools-2.11.6-8.1 as a component of Image SLE-Micro-EC2 libxml2-2-2.11.6-8.1 as a component of Image SLE-Micro-GCE libxml2-tools-2.11.6-8.1 as a component of Image SLE-Micro-GCE fluidsynth-2.3.5-160000.3.1 as a component of openSUSE Leap 16.0 fluidsynth-devel-2.3.5-160000.3.1 as a component of openSUSE Leap 16.0 libfluidsynth3-2.3.5-160000.3.1 as a component of openSUSE Leap 16.0 fluidsynth-2.5.2-2.1 as a component of openSUSE Tumbleweed fluidsynth-devel-2.5.2-2.1 as a component of openSUSE Tumbleweed libfluidsynth3-2.5.2-2.1 as a component of openSUSE Tumbleweed libfluidsynth3-32bit-2.5.2-2.1 as a component of openSUSE Tumbleweed fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluid_synth_monopoly.c, that can be triggered when loading an invalid midi file. CVE-2025-56225 Container suse/sl-micro/6.0/baremetal-os-container:2.1.3-6.35:libxml2-2-2.11.6-8.1 Container suse/sl-micro/6.0/base-os-container:2.1.3-7.4:libxml2-2-2.11.6-8.1 Container suse/sl-micro/6.0/kvm-os-container:2.1.3-6.31:libxml2-2-2.11.6-8.1 Container suse/sl-micro/6.0/rt-os-container:2.1.3-7.36:libxml2-2-2.11.6-8.1 Container suse/sl-micro/6.0/toolbox:13.2-9.1:libxml2-2-2.11.6-8.1 Image SL-Micro:libxml2-2-2.11.6-8.1 Image SLE-Micro:libxml2-2-2.11.6-8.1 Image SLE-Micro:libxml2-tools-2.11.6-8.1 Image SLE-Micro-Azure:libxml2-2-2.11.6-8.1 Image SLE-Micro-Azure:libxml2-tools-2.11.6-8.1 Image SLE-Micro-BYOS:libxml2-2-2.11.6-8.1 Image SLE-Micro-BYOS:libxml2-tools-2.11.6-8.1 Image SLE-Micro-BYOS-Azure:libxml2-2-2.11.6-8.1 Image SLE-Micro-BYOS-Azure:libxml2-tools-2.11.6-8.1 Image SLE-Micro-BYOS-EC2:libxml2-2-2.11.6-8.1 Image SLE-Micro-BYOS-EC2:libxml2-tools-2.11.6-8.1 Image SLE-Micro-BYOS-GCE:libxml2-2-2.11.6-8.1 Image SLE-Micro-BYOS-GCE:libxml2-tools-2.11.6-8.1 Image SLE-Micro-EC2:libxml2-2-2.11.6-8.1 Image SLE-Micro-EC2:libxml2-tools-2.11.6-8.1 Image SLE-Micro-GCE:libxml2-2-2.11.6-8.1 Image SLE-Micro-GCE:libxml2-tools-2.11.6-8.1 openSUSE Leap 16.0:fluidsynth-2.3.5-160000.3.1 openSUSE Leap 16.0:fluidsynth-devel-2.3.5-160000.3.1 openSUSE Leap 16.0:libfluidsynth3-2.3.5-160000.3.1 openSUSE Tumbleweed:fluidsynth-2.5.2-2.1 openSUSE Tumbleweed:fluidsynth-devel-2.5.2-2.1 openSUSE Tumbleweed:libfluidsynth3-2.5.2-2.1 openSUSE Tumbleweed:libfluidsynth3-32bit-2.5.2-2.1 important 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H