Mageia: Security Advisory (MGASA-2025-0121)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2025-1331 zvbi security update

The ZVBI library provides functions to read from Linux V4L, V4L2 and FreeBSD BKTR raw VBI capture devices, from Linux DVB devices and from a VBI proxy to share V4L and V4L2 VBI devices between multiple applications. It can demodulate raw to sliced VBI data in software, with support for a wide ran...

SUSE: Security Advisory (SUSE-SU-2025:0988-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : zvbi (SUSE-SU-2025:0988-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0988-1 advisory. - CVE-2025-2173: Fixed check on srclength to avoid an unitinialized heap read bsc1239222. - CVE-2025-2174: Fixed integer overflow leading to he...

SUSE-SU-2025:0988-1 Security update for zvbi

This update for zvbi fixes the following issues: - CVE-2025-2173: Fixed check on srclength to avoid an unitinialized heap read bsc1239222. - CVE-2025-2174: Fixed integer overflow leading to heap overflow in src/conv.c, src/io-sim.c, src/search.c bsc1239299. - CVE-2025-2175: Fixed integer overflow...

libzvbi-chains0-0.2.44-1.1 on GA media (moderate)

libzvbi-chains0-0.2.44-1.1 on GA media Announcement ID: openSUSE-SU-2025:14891-1 Rating: moderate Cross-References: CVE-2025-2173 CVE-2025-2174 CVE-2025-2175 CVE-2025-2176 CVE-2025-2177 CVSS scores: CVE-2025-2173 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2025-2173 SUSE : 6.9...

CVE-2025-2173

A vulnerability was found in libzvbi up to 0.2.43. It has been classified as problematic. Affected is the function vbistrndupiconvucs2 of the file src/conv.c. The manipulation of the argument srclength leads to uninitialized pointer. It is possible to launch the attack remotely. The exploit has...

CVE-2025-2173

A vulnerability was found in libzvbi up to 0.2.43. It has been classified as problematic. Affected is the function vbistrndupiconvucs2 of the file src/conv.c. The manipulation of the argument srclength leads to uninitialized pointer. It is possible to launch the attack remotely. The exploit has...

CVE-2025-2173 libzvbi conv.c vbi_strndup_iconv_ucs2 uninitialized pointer

A vulnerability was found in libzvbi up to 0.2.43. It has been classified as problematic. Affected is the function vbistrndupiconvucs2 of the file src/conv.c. The manipulation of the argument srclength leads to uninitialized pointer. It is possible to launch the attack remotely. The exploit has...

CVE-2025-2173 libzvbi conv.c vbi_strndup_iconv_ucs2 uninitialized pointer

A vulnerability was found in libzvbi up to 0.2.43. It has been classified as problematic. Affected is the function vbistrndupiconvucs2 of the file src/conv.c. The manipulation of the argument srclength leads to uninitialized pointer. It is possible to launch the attack remotely. The exploit has...

CVE-2025-2173

CVE-2025-2173 affects libzvbi up to 0.2.43, specifically the function _vbi_strndup_iconv_ucs2 in src/conv.c. The issue is an uninitialized pointer caused by improper handling of src_length, enabling a remote attack and, per sources, an exploit has been disclosed publicly. Multiple advisories conf...

CVE-2025-2175

A vulnerability was found in libzvbi up to 0.2.43. It has been rated as problematic. Affected by this issue is the function vbistrndupiconv. The manipulation leads to integer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to...