84 matches found
ROOT-OS-UBUNTU-2404-CVE-2026-31498 CVE-2026-31498 in rootio-linux - Patched by Root
Root has patched CVE-2026-31498 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2026-31498 CVE-2026-31498 in rootio-linux - Patched by Root
Root has patched CVE-2026-31498 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-31498 CVE-2026-31498 in rootio-linux - Patched by Root
Root has patched CVE-2026-31498 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
SUSE-SU-2026:2450-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-10263: arm64: Add workaround for Cortex-A76 erratum 1286807 bsc1266290. - CVE-2025-40253: s390/ctcm: Fix double-kfree bsc1255084. - CVE-2025-68822: Input: alps -...
BELL-CVE-2026-31498
Bulletin has no description...
DEBIAN-CVE-2026-31498
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix ERTM re-init and zero pdulen infinite loop l2capconfigreq processes CONFIGREQ for channels in BTCONNECTED state to support L2CAP reconfiguration e.g. MTU changes. However, since both CONFINPUTDONE and...
CVE-2026-31498
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix ERTM re-init and zero pdulen infinite loop l2capconfigreq processes CONFIGREQ for channels in BTCONNECTED state to support L2CAP reconfiguration e.g. MTU changes. However, since both CONFINPUTDONE and...
Security Bulletin: Use-After-Free Vulnerability in c-ares read_answers() Function (v1.32.3–v1.34.4) affects watsonx.data
Summary CVE-2025-31498 - A use-after-free vulnerability exists in c-ares v1.32.3–v1.34.4 within the readanswers function. It can occur when processanswer re-enqueues queries under certain DNS conditions, potentially leading to crashes or unexpected behavior. This can affect watsonx.data...
Azure Linux 3.0 Security Update: fluent-bit (CVE-2025-31498)
The version of fluent-bit installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-31498 advisory. - c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in...
MiracleLinux 8 : nodejs:22 (AXSA:2025-9926:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9926:01 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 SQLite: integer overflow in SQLite CVE-2025-3277 Tenable has extracted the precedi...
MiracleLinux 8 : nodejs:20 (AXSA:2025-9918:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9918:01 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 Tenable has extracted the preceding description block directly from the MiracleLinux securi...
MiracleLinux 9 : nodejs:20 (AXSA:2025-10487:02)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10487:02 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 Tenable has extracted the preceding description block directly from the MiracleLinux...
Security Bulletin: IBM DataPower Gateway vulnerable to a denial of service due to C-Ares
Summary C-Ares is used in IBM DataPower Gateway's DNS resolver Vulnerability Details CVEID:CVE-2025-31498 DESCRIPTION: c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in readanswers when processanswer may re-enqueue a query either due to a DNS...
EUVD-2025-31498
Malicious code in bioql PyPI...
RockyLinux 8 : nodejs:20 (RLSA-2025:4461)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:4461 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 Tenable has extracted the preceding description block directly from the RockyLinux security...
RockyLinux 8 : nodejs:22 (RLSA-2025:4459)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:4459 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 SQLite: integer overflow in SQLite CVE-2025-3277 Tenable has extracted the preceding...
RockyLinux 9 : nodejs:20 (RLSA-2025:7426)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:7426 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 Tenable has extracted the preceding description block directly from the RockyLinux security...
RLSA-2025:7426 Moderate: nodejs:20 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 For more details about the security issues, including the impact, a CVSS score,...
RLSA-2025:7433 Important: nodejs:22 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 SQLite: integer overflow in SQLite CVE-2025-3277 For more details about the...
RLSA-2025:4461 Moderate: nodejs:20 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 For more details about the security issues, including the impact, a CVSS score,...