CVE-2025-5702

The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller those registers are defined as non-volatile registers by the powerpc64le ABI, resulting in overwriting of its...

CVE-2025-5702

The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller those registers are defined as non-volatile registers by the powerpc64le ABI, resulting in overwriting of its...

GNU C Library 安全漏洞

The GNU C library is a standard library implementation of C developed by the GNU project to provide core API support for Linux systems, and is the basis for most C programs to run. The GNU C library suffers from a security vulnerability. An attacker could exploit the vulnerability to overwrite...

GNU C Library 安全漏洞

The GNU C library is an implementation of the C standard library developed by the GNU project to provide core API support for Linux systems, and is the basis for most C programs to run. The GNU C library suffers from a security vulnerability that stems from not saving the caller's contents when...

PT-2025-23956 · Unknown +4 · Gnu C Library +4

Name of the Vulnerable Software and Affected Versions: GNU C Library versions 2.39 and later Description: The issue arises from the strcmp implementation optimized for the Power10 processor, which writes to vector registers v20 to v31 without saving the contents from the caller. This can lead to...

PT-2025-23974 · Unknown +2 · Gnu C Library +2

Name of the Vulnerable Software and Affected Versions: GNU C Library versions 2.40 and later Description: The issue arises from the strncmp implementation optimized for the Power10 processor, which writes to vector registers v20 to v31 without saving the contents from the caller. This can lead to...

RHEL 8 : glibc (RHSA-2025:3828)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3828 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache...

PT-2025-29390

Name of the Vulnerable Software and Affected Versions GNU Binutils version 2.45 Description A problematic issue has been identified in GNU Binutils 2.45. This issue affects the bfd elf set group contents function within the bfd/elf.c file, leading to an out-of-bounds write condition. The attack c...

PT-2025-29389

Name of the Vulnerable Software and Affected Versions GNU Binutils version 2.45 Description A problematic vulnerability exists in the copy section function within the binutils/objcopy.c file. This manipulation leads to a heap-based buffer overflow, requiring local access for exploitation. The...

Updated coreutils packages fix security vulnerability

Heap buffer under-read in gnu coreutils sort via key specification. CVE-2025-5278...

[SECURITY] Fedora 42 Update: coreutils-9.6-4.fc42

These are the GNU core utilities. This package is the combination of the old GNU fileutils, sh-utils, and textutils packages...

GNU Screen Information Disclosure Vulnerability

GNU Screen is an application from the American GNU community. It provides the effect of getting multiple virtual terminals on one physical terminal. GNU Screen suffers from an information disclosure vulnerability that can be exploited by attackers to infer path information...

GNU PSPP Heap Buffer Overflow Vulnerability

GNU PSPP is an application for data sampling, statistics and analysis from the American GNU community. GNU PSPP suffers from a heap buffer overflow vulnerability. The vulnerability stems from the failure of the inflateread function called indirectly by spvreadxmlmember in zip-reader.c to properly...

GNU PSPP spvxml_parse_attributes out-of-bounds read vulnerability

GNU PSPP is an application for data sampling, statistics and analysis from the American GNU community. GNU PSPP suffers from an out-of-bounds read vulnerability that stems from spvxmlparseattributes, no details of the vulnerability are provided at this time...

GNU Binutils Buffer Overflow Vulnerability

GNU Binutils is a set of programming language utility programs developed by the American GNU community. A buffer overflow vulnerability exists in GNU Binutil, which stems from the failure of the function debugtypesamep in the file /binutils/debug.c to correctly validate the length of input data,...

GNU Binutils /bfd/elflink.c File Buffer Overflow Vulnerability

GNU Binutils GNU Binary Utilities is a set of programming language utility programs developed by the American GNU community. The programs are primarily designed to work with target files in a variety of formats, and provide connectors, assemblers, and other tools for target files and archives. A...

GNU coreutils buffer overflow vulnerability

GNU coreutils is a core toolset of the GNU community. GNU coreutils suffers from a buffer overflow vulnerability that originates from a boundary error in the function begfield in the sort tool when handling untrusted input, which can be exploited by an attacker to cause a crash or data disclosure...

Gnu Screen Competitive Conditions Loophole

Gnu Screen is a terminal multiplexing tool developed by the GNU project that allows users to create multiple virtual terminal sessions in the same physical terminal and supports session resumption, window switching and multi-user sharing. Gnu Screen suffers from a competitive condition...

SUSE CVE-2025-5244

A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by this issue is the function elfgcsweep of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed...

SUSE CVE-2025-5278

A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitiv...