CVE-2025-8556 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2025-8556 Interim 1 1 2026-03-05T01:28:46Z current 2026-03-05T01:28:46Z 2026-03-05T01:28:46Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2025-8556 A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2026-February/024109.html E-Mail link for SUSE-SU-2026:0439-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Module for HPC 15 SP7 SUSE Linux Enterprise Server 15 SP6-LTSS openSUSE Leap 15.6 openSUSE Tumbleweed apptainer-1.4.5-1.1 apptainer-1.4.5-150600.4.12.1 apptainer-leap-1.4.5-1.1 apptainer-leap-1.4.5-150600.4.12.1 apptainer-sle15_6-1.4.5-150600.4.12.1 apptainer-sle15_7-1.4.5-1.1 apptainer-sle15_7-1.4.5-150600.4.12.1 apptainer-sle16-1.4.5-1.1 libsquashfuse0-0.5.0-150600.3.2.1 squashfuse-0.5.0-150600.3.2.1 squashfuse-devel-0.5.0-150600.3.2.1 squashfuse-tools-0.5.0-150600.3.2.1 apptainer-1.4.5-150600.4.12.1 as a component of SUSE Linux Enterprise Module for HPC 15 SP7 apptainer-sle15_7-1.4.5-150600.4.12.1 as a component of SUSE Linux Enterprise Module for HPC 15 SP7 libsquashfuse0-0.5.0-150600.3.2.1 as a component of SUSE Linux Enterprise Module for HPC 15 SP7 squashfuse-0.5.0-150600.3.2.1 as a component of SUSE Linux Enterprise Module for HPC 15 SP7 squashfuse-tools-0.5.0-150600.3.2.1 as a component of SUSE Linux Enterprise Module for HPC 15 SP7 apptainer-1.4.5-150600.4.12.1 as a component of SUSE Linux Enterprise Server 15 SP6-LTSS apptainer-sle15_6-1.4.5-150600.4.12.1 as a component of SUSE Linux Enterprise Server 15 SP6-LTSS libsquashfuse0-0.5.0-150600.3.2.1 as a component of SUSE Linux Enterprise Server 15 SP6-LTSS squashfuse-0.5.0-150600.3.2.1 as a component of SUSE Linux Enterprise Server 15 SP6-LTSS squashfuse-tools-0.5.0-150600.3.2.1 as a component of SUSE Linux Enterprise Server 15 SP6-LTSS apptainer-1.4.5-150600.4.12.1 as a component of openSUSE Leap 15.6 apptainer-leap-1.4.5-150600.4.12.1 as a component of openSUSE Leap 15.6 apptainer-sle15_6-1.4.5-150600.4.12.1 as a component of openSUSE Leap 15.6 libsquashfuse0-0.5.0-150600.3.2.1 as a component of openSUSE Leap 15.6 squashfuse-0.5.0-150600.3.2.1 as a component of openSUSE Leap 15.6 squashfuse-devel-0.5.0-150600.3.2.1 as a component of openSUSE Leap 15.6 squashfuse-tools-0.5.0-150600.3.2.1 as a component of openSUSE Leap 15.6 apptainer-1.4.5-1.1 as a component of openSUSE Tumbleweed apptainer-leap-1.4.5-1.1 as a component of openSUSE Tumbleweed apptainer-sle15_7-1.4.5-1.1 as a component of openSUSE Tumbleweed apptainer-sle16-1.4.5-1.1 as a component of openSUSE Tumbleweed A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange. CVE-2025-8556 SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-1.4.5-150600.4.12.1 SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-sle15_7-1.4.5-150600.4.12.1 SUSE Linux Enterprise Module for HPC 15 SP7:libsquashfuse0-0.5.0-150600.3.2.1 SUSE Linux Enterprise Module for HPC 15 SP7:squashfuse-0.5.0-150600.3.2.1 SUSE Linux Enterprise Module for HPC 15 SP7:squashfuse-tools-0.5.0-150600.3.2.1 SUSE Linux Enterprise Server 15 SP6-LTSS:apptainer-1.4.5-150600.4.12.1 SUSE Linux Enterprise Server 15 SP6-LTSS:apptainer-sle15_6-1.4.5-150600.4.12.1 SUSE Linux Enterprise Server 15 SP6-LTSS:libsquashfuse0-0.5.0-150600.3.2.1 SUSE Linux Enterprise Server 15 SP6-LTSS:squashfuse-0.5.0-150600.3.2.1 SUSE Linux Enterprise Server 15 SP6-LTSS:squashfuse-tools-0.5.0-150600.3.2.1 openSUSE Leap 15.6:apptainer-1.4.5-150600.4.12.1 openSUSE Leap 15.6:apptainer-leap-1.4.5-150600.4.12.1 openSUSE Leap 15.6:apptainer-sle15_6-1.4.5-150600.4.12.1 openSUSE Leap 15.6:libsquashfuse0-0.5.0-150600.3.2.1 openSUSE Leap 15.6:squashfuse-0.5.0-150600.3.2.1 openSUSE Leap 15.6:squashfuse-devel-0.5.0-150600.3.2.1 openSUSE Leap 15.6:squashfuse-tools-0.5.0-150600.3.2.1 openSUSE Tumbleweed:apptainer-1.4.5-1.1 openSUSE Tumbleweed:apptainer-leap-1.4.5-1.1 openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-1.1 openSUSE Tumbleweed:apptainer-sle16-1.4.5-1.1 low