gnutls security update

An update is available for gnutls. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gnutls packages provide the GNU Transport Layer Security GnuTLS library,...

RLSA-2026:20612 Important: gnutls security update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: Fix qsort comparator in DTLS reassembly CVE-2026-42009 gnutls: Fix crashing on an underflow with a DTLS datagram...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the hp-bioscfg platform driver attempting to register an empty name attribute, which may cause kernel...

Azure Linux 3.0 Security Update: libarchive (CVE-2024-37407)

The version of libarchive installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-37407 advisory. - Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and...

EUVD-2024-36641

Malicious code in bioql PyPI...

UBUNTU-CVE-2025-37956

In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent rename with empty string Client can send empty newname string to ksmbd server. It will cause a kernel oops from dalloc. This patch return the error when attempting to rename a file or directory with an empty new na...

Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurp_central_directory in archive_read_support_format_zip.c.

...

SUSE CVE-2022-48777

In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: qcom: Fix kernel panic on skipped partition In the event of a skipped partition case when the entry name is empty the kernel panics in the cleanup function as the name entry is NULL. Rework the parser logic by first...

SUSE CVE-2024-37407

Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurpcentraldirectory in archivereadsupportformatzip.c...

AZL-42471 CVE-2024-37407 affecting package libarchive for versions less than 3.7.1-2

Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurpcentraldirectory in archivereadsupportformatzip.c...

CVE-2024-37407

Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurpcentraldirectory in archivereadsupportformatzip.c...

CVE-2024-37407

Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurpcentraldirectory in archivereadsupportformatzip.c...

CVE-2024-37407

Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurpcentraldirectory in archivereadsupportformatzip.c...

CVE-2024-37407

CVE-2024-37407 affects the libarchive library (before 3.7.4). The vulnerability occurs when processing a ZIP archive that contains an empty-name file with mac-ext enabled, in slurp_central_directory of archive_read_support_format_zip.c, which can cause name out-of-bounds access. Affected versions...

CVE-2024-37407

Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurpcentraldirectory in archivereadsupportformatzip.c...

CVE-2024-37407

Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurpcentraldirectory in archivereadsupportformatzip.c...

PT-2024-4147 · Unknown +1 · Libarchive +1

Name of the Vulnerable Software and Affected Versions: Libarchive versions prior to 3.7.4 Description: The issue is related to a buffer overflow vulnerability when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in the slurp central directory function in archive read...

CVE-2023-52443

In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid crash when parsed profile name is empty When processing a packed profile in unpackprofile described like "profile :ns::samba-dcerpcd /usr/lib/samba/,samba/samba-dcerpcd ..." a string ":samba-dcerpcd" is unpacked a...

SUSE CVE-2005-2098

The KEYCTLJOINSESSIONKEYRING operation in the Linux kernel before 2.6.12.5 contains an error path that does not properly release the session management semaphore, which allows local users or remote attackers to cause a denial of service semaphore hang via a new session keyring 1 with an empty nam...

UBUNTU-CVE-2018-11356

In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in an SRV record...