CVE-2025-47229

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service varsetleavequiet assertion failure and application exit via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code...

CVE-2025-47229

CVE-2025-47229 affects GNU PSPP (libpspp-core.a) up to version 2.0.1. The root cause is a denial-of-service condition triggered by crafted input data that causes a var_set_leave_quiet assertion failure and application exit, via a call path from src/data/dictionary.c into src/data/variable.c. Mult...

CVE-2025-47229

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service varsetleavequiet assertion failure and application exit via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code...

PT-2025-18938 · Gnu +1 · Gnu Pspp +1

Name of the Vulnerable Software and Affected Versions: GNU PSPP versions through 2.0.1 Description: The issue allows attackers to cause a denial of service, resulting in an application exit, via crafted input data. This can be triggered by specific data that causes a call from the...

CVE-2025-47229

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service varsetleavequiet assertion failure and application exit via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code...

CVE-2025-47153

Certain build processes for libuv and Node.js for 32-bit systems, such as for the nodejs binary package through nodejs20.19.0+dfsg-2i386.deb for Debian GNU/Linux, have an inconsistent offt size e.g., building on i386 Debian always uses FILEOFFSETBITS=64 for the libuv dynamic library, but uses the...

CVE-2025-47153

CVE-2025-47153 concerns build-time handling on 32-bit systems (i386) where libuv binaries and Node.js binaries are built with inconsistent off_t sizing. Specifically, 32-bit Debian builds may set _FILE_OFFSET_BITS=64 for the libuv dynamic library but rely on the system default (32) for nodejs, ca...

PT-2025-18371 · Libuv +2 · Libuv +2

Name of the Vulnerable Software and Affected Versions: libuv and Node.js versions prior to nodejs 20.19.0+dfsg-2 i386.deb Description: The issue arises from certain build processes for libuv and Node.js on 32-bit systems, where the off t size is inconsistent. This inconsistency occurs because the...

[SECURITY] [DLA 4143-1] glibc security update

Debian LTS Advisory DLA-4143-1 [email protected] https://www.debian.org/lts/security/ Sean Whitton April 30, 2025 https://wiki.debian.org/LTS Package : glibc Version : 2.31-13+deb11u12 CVE ID : CVE-2025-0395 A flaw was discovered in the implementation of the assert function in the GNU C...

[SECURITY] Fedora 40 Update: icecat-115.22.0-2.rh1.fc40

GNU IceCat is the GNU version of the Firefox ESR browser. Extensions included to this version of IceCat: LibreJS GNU LibreJS aims to address the JavaScript problem described in the article "The JavaScript Trap" of Richard Stallman. JShelter: Mitigates potential threats from JavaScript, including...

[SECURITY] Fedora 41 Update: icecat-115.22.0-2.rh1.fc41

GNU IceCat is the GNU version of the Firefox ESR browser. Extensions included to this version of IceCat: LibreJS GNU LibreJS aims to address the JavaScript problem described in the article "The JavaScript Trap" of Richard Stallman. JShelter: Mitigates potential threats from JavaScript, including...

GNU GRUB Buffer Overflow Vulnerability

GNU GRUB is a Linux system boot program from the GNU community. GNU GRUB suffers from a buffer overflow vulnerability, which stems from an integer overflow problem contained in the read module, that can be exploited by an attacker to overwrite sensitive information, thereby bypassing secure boot...

[SECURITY] Fedora 42 Update: icecat-115.22.0-2.rh1.fc42

GNU IceCat is the GNU version of the Firefox ESR browser. Extensions included to this version of IceCat: LibreJS GNU LibreJS aims to address the JavaScript problem described in the article "The JavaScript Trap" of Richard Stallman. JShelter: Mitigates potential threats from JavaScript, including...

USN-7423-2: GNU binutils vulnerabilities

USN-7423-1 fixed several vulnerabilities in GNU. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that GNU binutils incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash o...

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities listed herein. Vulnerability Details CVEID:CVE-2023-49569 DESCRIPTION: go-git could allow a remote attacker to traverse directories on the system. By sending a specially crafted request using the ChrootOS...

Medium: binutils

Issue Overview: A vulnerability was found in GNU Binutils 2.43 and classified as critical. This issue affects the function bfdelfgcmarkrsec of the file elflink.c of the component ld. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The complexity of an...

GNU GRUB2 Buffer Overflow Vulnerability (CNVD-2025-09673)

GNU GRUB2 is a Linux system bootloader from the GNU community. GNU GRUB2 suffers from a buffer overflow vulnerability that stems from the jfs file system module not properly checking for integer overflow issues, which can be exploited by an attacker to cause a heap out-of-bounds write issue that...

GNU GRUB2 Buffer Overflow Vulnerability (CNVD-2025-09674)

GNU GRUB2 is a Linux system bootloader from the GNU community. GNU GRUB2 suffers from a buffer overflow vulnerability that stems from the reiserfs fs module not properly checking for integer overflow issues, which can be exploited by an attacker to cause a heap out-of-bounds write, corrupt critic...

Amazon Linux 2023 : binutils, binutils-devel, binutils-gprofng (ALAS2023-2025-956)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-956 advisory. A vulnerability was found in GNU Binutils 2.43 and classified as critical. This issue affects the function bfdelfgcmarkrsec of the file elflink.c of the component ld. The manipulation leads to...

glibc: buffer overflow in the GNU C Library's assert()

A flaw was found in the GNU C Library glibc. A buffer overflow condition via the assert function may be triggered due to glibc not allocating enough space for the assertion failure message string and size information. In certain conditions, a local attacker can exploit this, potentially leading t...