Security update for duc (moderate)

openSUSE Security Update: Security update for duc Announcement ID: openSUSE-SU-2025:0496-1 Rating: moderate References: 1254566 Cross-References: CVE-2025-13654 CVSS scores: CVE-2025-13654 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Backports SLE-15-SP6 An...

CVE-2025-13654

A stack buffer overflow vulnerability exists in the bufferget function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read. Mitigation To mitigate this issue, if the duc package is not required, it can be removed from the system...

SUSE CVE-2025-13654

A stack buffer overflow vulnerability exists in the bufferget function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read...

CVE-2025-13654

A stack buffer overflow vulnerability exists in the bufferget function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read...

CVE-2025-13654

A stack buffer overflow vulnerability exists in the bufferget function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read...

UBUNTU-CVE-2025-13654

A stack buffer overflow vulnerability exists in the bufferget function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read...

CVE-2025-13654

The CVE-2025-13654 issue affects the duc tool (disk usage analyzer). The vulnerability is a stack/underflow in buffer_get that can trigger an out-of-bounds read. OpenSUSE/SUSE and Fedora advisories indicate the fix is in version 1.4.6 of duc (update to 1.4.6). Descriptions confirm the root cause ...

CVE-2025-13654 CVE-2025-13654

A stack buffer overflow vulnerability exists in the bufferget function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read...

CVE-2025-13654

A stack buffer overflow vulnerability exists in the bufferget function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read...

Duc contains a stack buffer overflow vulnerability in the buffer_get function, allowing for out-of-bounds memory read

Overview Duc, an open-source disk management tool, contains a stack-based buffer overflow vulnerability allowing for out-of-bounds memory read. An attacker can exploit this vulnerability through malformed input data, and can cause the tool to either crash or cause it to disclose portions of memor...

duc 安全漏洞

duc is a tool for checking disk usage by the individual developer Ico Doornekamp. A security vulnerability exists in duc that stems from a stack buffer overflow in the bufferget function, which could lead to out-of-bounds reads...