Security update for duc (moderate)

openSUSE Security Update: Security update for duc Announcement ID: openSUSE-SU-2025:0496-1 Rating: moderate References: 1254566 Cross-References: CVE-2025-13654 CVSS scores: CVE-2025-13654 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Backports SLE-15-SP6 An...

CVE-2025-13654

A stack buffer overflow vulnerability exists in the bufferget function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read. Mitigation To mitigate this issue, if the duc package is not required, it can be removed from the system...

SUSE CVE-2025-13654

A stack buffer overflow vulnerability exists in the bufferget function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read...

CVE-2025-13654

A stack buffer overflow vulnerability exists in the bufferget function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read...

CVE-2025-13654

A stack buffer overflow vulnerability exists in the bufferget function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read...

UBUNTU-CVE-2025-13654

A stack buffer overflow vulnerability exists in the bufferget function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read...

CVE-2025-13654

The CVE-2025-13654 issue affects the duc tool (disk usage analyzer). The vulnerability is a stack/underflow in buffer_get that can trigger an out-of-bounds read. OpenSUSE/SUSE and Fedora advisories indicate the fix is in version 1.4.6 of duc (update to 1.4.6). Descriptions confirm the root cause ...

CVE-2025-13654 CVE-2025-13654

A stack buffer overflow vulnerability exists in the bufferget function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read...

CVE-2025-13654

A stack buffer overflow vulnerability exists in the bufferget function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read...

duc 安全漏洞

duc is a tool for checking disk usage by the individual developer Ico Doornekamp. A security vulnerability exists in duc that stems from a stack buffer overflow in the bufferget function, which could lead to out-of-bounds reads...

Duc contains a stack buffer overflow vulnerability in the buffer_get function, allowing for out-of-bounds memory read

Overview Duc, an open-source disk management tool, contains a stack-based buffer overflow vulnerability allowing for out-of-bounds memory read. An attacker can exploit this vulnerability through malformed input data, and can cause the tool to either crash or cause it to disclose portions of memor...