Security update for python311

This update for python311 fixes the following issues: CVE-2025-8194: Fixed infinite loop and deadlock caused by tar archives with negative offsets bsc1247249 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

kernel: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice

A use-after-free UAF vulnerability, which also presents a potential infinite loop condition, has been resolved in the Linux kernel. This flaw affects the HFSC Hierarchical Fair Service Curve queuing discipline when it is used in conjunction with NETEM Network Emulation. A malicious user could...

CVE-2025-55582

D-Link DCS-825L firmware v1.08.01 contains a vulnerability in the watchdog script mydlink-watch-dog.sh, which blindly respawns binaries such as dcp and signalc without verifying integrity, authenticity, or permissions. An attacker with local filesystem access via physical access, firmware...

Linux Distros Unpatched Vulnerability : CVE-2022-35166

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libjpeg commit 842c7ba was discovered to contain an infinite loop via the component JPEG::ReadInternal. CVE-2022-35166 Note that Nessus relies on the presence o...

Linux Distros Unpatched Vulnerability : CVE-2021-21235

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kamadak-exif is an exif parsing library written in pure Rust. In kamadak-exif version 0.5.2, there is an infinite loop in parsing crafted PNG files. Specificall...

Linux Distros Unpatched Vulnerability : CVE-2023-50120

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MP4Box GPAC version 2.3-DEV-rev636-gfbd7e13aa-master was discovered to contain an infinite loop in the function av1uvlc at mediatools/avparsers.c. This...

Linux Distros Unpatched Vulnerability : CVE-2021-40592

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GPAC version before commit 71460d72ec07df766dab0a4d52687529f3efcf0a version v1.0.1 onwards contains loop with unreachable exit condition 'infinite loop'...

Linux Distros Unpatched Vulnerability : CVE-2021-31812

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior...

Linux Distros Unpatched Vulnerability : CVE-2021-45297

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An infinite loop vulnerability exists in Gpac 1.0.1 in gfgetbitsize. CVE-2021-45297 Note that Nessus relies on the presence of the package as reported by the...

Linux Distros Unpatched Vulnerability : CVE-2022-44617

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an...

Linux Distros Unpatched Vulnerability : CVE-2021-37146

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An infinite loop in Open Robotics roscomm XMLRPC server in ROS Melodic through 1.4.11 and ROS Noetic through1.15.11 allows remote attackers to cause a Denial of...

Linux Distros Unpatched Vulnerability : CVE-2018-8036

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefully crafted or fuzzed file can trigger an infinite loop which leads to an out of memory excepti...

Linux Distros Unpatched Vulnerability : CVE-2020-10675

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Library API in buger jsonparser through 2019-12-04 allows attackers to cause a denial of service infinite loop via a Delete call. CVE-2020-10675 Note that...

Linux Distros Unpatched Vulnerability : CVE-2018-11365

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sas/readstatsas7bcatread.c in libreadstat.a in ReadStat 0.1.1 has an infinite loop. CVE-2018-11365 Note that Nessus relies on the presence of the package as...

Linux Distros Unpatched Vulnerability : CVE-2024-22654

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tcpreplay v4.4.4 was discovered to contain an infinite loop via the tcprewrite function at get.c. CVE-2024-22654 Note that Nessus relies on the presence of the...

Linux Distros Unpatched Vulnerability : CVE-2020-36227

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancelextop Cancel operation, resulting in denial of service...

cpython: Cpython infinite loop when parsing a tarfile

A flaw was found in the Python tarfile module. Processing a specially crafted tar archive, specifically an archive with negative offsets, can cause an infinite loop and deadlock. This issue results in a denial of service in the Python application using the tarfile module...

Moderate: Red Hat Security Advisory: python3 security update

An update for python3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

cpython: Cpython infinite loop when parsing a tarfile

A flaw was found in the Python tarfile module. Processing a specially crafted tar archive, specifically an archive with negative offsets, can cause an infinite loop and deadlock. This issue results in a denial of service in the Python application using the tarfile module...

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Network Address Translation DNS Inspection DoS (cisco-sa-asaftd-nat-dns-dos-bqhynHTM)

According to its self-reported version, Cisco Adaptive Security Appliance ASA Software is affected by a vulnerability. - A vulnerability in the function that performs IPv4 and IPv6 Network Address Translation NAT DNS inspection for Cisco Secure Firewall Adaptive Security Appliance ASA Software an...