CVE-2025-53882

CWE-807 CWE-2734 documents4 sources

Severity

4.8MEDIUM

EPSS

0.0%

top 92.63%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Suse Opensuse Tumbleweed

Timeline

PublishedJul 23

Description

A Reliance on Untrusted Inputs in a Security Decision vulnerability in the logrotate configuration for openSUSE mailman3 package allows the mailman user to sent SIGHUP to arbitrary processes. This issue affects openSUSE Tumbleweed: from ? before 3.3.10-2.1.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Packages1 packages

▶CVEListV5suse/opensuse_tumbleweed? — 3.3.10-2.1

🔴Vulnerability Details

GHSA

GHSA-jp65-2h7q-qfg7: A Reliance on Untrusted Inputs in a Security Decision vulnerability in the logrotate configuration for openSUSEs mailman3 package allows potential esc↗2025-07-23

▶

CVEList

The logrotate configuration in the python-mailman of openSUSE allows the mailman user to sent SIGHUP to arbitrary proceess↗2025-07-23

▶

📋Vendor Advisories

Debian

CVE-2025-53882: mailman3 - A Reliance on Untrusted Inputs in a Security Decision vulnerability in the logro...↗2025

▶