Azure Linux 3.0 Security Update: orc (CVE-2024-40897)

The version of orc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-40897 advisory. - Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer ...

MiracleLinux 8 : orc-0.4.28-4.el8_10 (AXSA:2024-8673:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8673:01 advisory. orc: Stack-based buffer overflow vulnerability in ORC CVE-2024-40897 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 9 : orc-0.4.31-7.el9_4 (AXSA:2024-8781:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8781:02 advisory. orc: Stack-based buffer overflow vulnerability in ORC CVE-2024-40897 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 7 : orc-0.4.26-1.0.1.el7.AXS7 (AXSA:2024-8902:03)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8902:03 advisory. CVE-2024-40897: fix stack buffer overflow while construct error messages Disable gtk-doc building due lack of gtkdoc-mktmpl command in gtk-doc-1.28-2.el7 CVE...

TencentOS Server 4: orc (TSSA-2024:0290)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0290 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 3: orc (TSSA-2024:0397)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0397 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

GLSA-202505-05 : Orc: Arbitrary Code Execution

The remote host is affected by the vulnerability described in GLSA-202505-05 Orc: Arbitrary Code Execution Please review the CVE identifier referenced below for details. Tenable has extracted the preceding description block directly from the Gentoo Linux security advisory. Note that Nessus has no...

RLSA-2024:5306 Moderate: orc security update

Orc is a library and set of tools for compiling and executing very simple programs that operate on arrays of data. The "language" is a generic assembly language that represents many of the features available in SIMD architectures, including saturated addition and subtraction, and many arithmetic...

Linux Distros Unpatched Vulnerability : CVE-2024-40897

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file wi...

Advisory ROSA-SA-2025-2741

Software: orc 0.4.28 OS: ROSA Virtualization 3.0 packageevrstring: orc-0.4.28-4.rv30 CVE-ID: CVE-2024-40897 BDU-ID: 2024-06669 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the orcparse.c file of the library for compiling and executing programs that operate on GStreamer ORC data arrays is relate...

CVE-2024-40897 affecting package orc for versions less than 0.4.39-2

CVE-2024-40897 affecting package orc for versions less than 0.4.39-2. An upgraded version of the package is available that resolves this issue...

openSUSE Security Advisory (SUSE-SU-2025:0344-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2025:0344-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2025:0344-1 Security update for orc

This update for orc fixes the following issues: - CVE-2024-40897: Fixed stack-based buffer overflow in the Orc compiler when formatting error messages for certain input files bsc1228184...

SUSE SLES12 Security Update : orc (SUSE-SU-2025:0314-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:0314-1 advisory. - CVE-2024-40897: Fixed stack-based buffer overflow in the Orc compiler when formatting error messages for certain input files bsc1228184 Tenable has...

SUSE: Security Advisory (SUSE-SU-2025:0314-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for orc

This update for orc fixes the following issues: CVE-2024-40897: Fixed stack-based buffer overflow in the Orc compiler when formatting error messages for certain input files bsc1228184 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

SUSE-SU-2025:0314-1 Security update for orc

This update for orc fixes the following issues: - CVE-2024-40897: Fixed stack-based buffer overflow in the Orc compiler when formatting error messages for certain input files bsc1228184...

Advisory ROSA-SA-2025-2587

software: orc 0.4.40 WASP: ROSA-CHROME packageevrstring: orc-0.4.40-1 CVE-ID: CVE-2024-40897 BDU-ID: 2024-06669 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the orcparse.c file of the library for compiling and executing programs that operate on GStreamer ORC data arrays is related to a...

Amazon Linux 2 : orc (ALAS-2025-2727)

The version of orc installed on the remote host is prior to 0.4.26-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2727 advisory. Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a...