27 matches found
Azure Linux 3.0 Security Update: xz (CVE-2025-31115)
The version of xz installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-31115 advisory. - XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to...
RLSA-2025:7524 Important: xz security update
XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm LZMA, which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short. Security Fixes: xz: XZ has a...
Security update for xz
This update for xz fixes the following issues: CVE-2025-31115: Fixed heap use after free and writing to an address based on the null pointer plus an offset bsc1240414 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
SUSE-SU-2025:20553-1 Security update for xz
This update for xz fixes the following issues: - CVE-2025-31115: Fixed heap use after free and writing to an address based on the null pointer plus an offset bsc1240414...
K000152366: XZ Utils vulnerability CVE-2025-31115
Security Advisory Description XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz decoder in liblzma has a bug where invalid input can at least result in a crash. The effects include heap use after free and...
FreeBSD-SA-25:06.xz
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-25:06.xz Security Advisory The FreeBSD Project Topic: Use-after-free in multi-threaded xz decoder Category: contrib Module: xz Announced: 2025-07-02 Affects:...
Oracle Linux 10 : xz (ELSA-2025-7524)
The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-7524 advisory. - Fix: heap-use-after-free bug in threaded .xz decoder CVE-2025-31115 Tenable has extracted the preceding description block directly from the Oracle Linux...
RHEL 10 : xz (RHSA-2025:7524)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7524 advisory. XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv- Markov chain algorithm LZMA, which performs...
SUSE: Security Advisory (SUSE-SU-2025:1137-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian dsa-5895 : liblzma-dev - security update
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5895 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5895-1 [email protected] https://www.debian.org/security/...
Important: Red Hat Security Advisory: xz security update
An update for xz is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
ALSA-2025:7524 Important: xz security update
XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm LZMA, which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short. Security Fixes: xz: XZ has a...
Fedora: Security Advisory (FEDORA-2025-4871b31998)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 41 : perl-Compress-Raw-Lzma / xz (2025-051becf4f2)
The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-051becf4f2 advisory. xz 5.8.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this issue but...
Fedora 40 : perl-Compress-Raw-Lzma / xz (2025-4871b31998)
The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-4871b31998 advisory. xz 5.8.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this issue but...
OESA-2025-1431 xz security update
XZ Utils is free general-purpose data compression software with a high compression ratio. XZ Utils were written for POSIX-like systems, but also work on some not-so-POSIX systems. XZ Utils are the successor to LZMA Utils. Security Fixes: XZ Utils provide a general-purpose data-compression library...
CVE-2025-31115 affecting package xz for versions less than 5.4.4-2
CVE-2025-31115 affecting package xz for versions less than 5.4.4-2. A patched version of the package is available...
MGASA-2025-0131 Updated xz packages fix security vulnerability
XZ has a heap-use-after-free bug in threaded .xz decoder. CVE-2025-31115...
Mageia: Security Advisory (MGASA-2025-0131)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Photon OS 5.0: Xz PHSA-2025-5.0-0496
An update of the xz package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0496. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid233960...