RLSA-2026:0052 Moderate: gcc-toolset-14-binutils security update

Binutils is a collection of binary utilities, including ar for creating, modifying and extracting from archives, as a family of GNU assemblers, gprof for displaying call graph profile data, ld the GNU linker, nm for listing symbols from object files, objcopy for copying and translating object...

tar: Tar path traversal

A relative path traversal flaw was found in the gnu tar utility. When archives with relative paths are extracted without the ‘--keep-old-files’ ‘-k’, the extraction process may overwrite existing files that the current user has access to. The server may be impacted if these files are critical to...

Moderate: Red Hat Security Advisory: gcc-toolset-14-binutils security update

An update for gcc-toolset-14-binutils is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

binutils: GNU Binutils Linker heap-based overflow

A head based buffer overflow flaw has been discovered in GNU bin utilities. The affected element is the function elfswapshdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally...

Amazon Linux 2 : amazon-ssm-agent, --advisory ALAS2-2025-3121 (ALAS-2025-3121)

The version of amazon-ssm-agent installed on the remote host is prior to 3.3.3572.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3121 advisory. Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy...

gcc-toolset-14-binutils security update

2.41-5.1 - Fix a potential illegal memory access when linking a corrupt input file. RHEL-130669...

Important: amazon-ssm-agent

Issue Overview: Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon. CVE-2025-22874 Proxy-Authorization and Proxy-Authenticate headers...

ALSA-2026:0067 Moderate: tar security update

The GNU tar program can save multiple files in an archive and restore files from an archive. Security Fixes: tar: Tar path traversal CVE-2025-45582 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page...

GNU Privacy Guard 2.4.9

GnuPG the GNU Privacy Guard or GPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As suc...

GNU Privacy Guard 2.5.16

GnuPG the GNU Privacy Guard or GPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As suc...

gnu-recutils-1.9-3.1 on GA media (moderate)

gnu-recutils-1.9-3.1 on GA media Announcement ID: openSUSE-SU-2026:10000-1 Rating: moderate Cross-References: CVE-2025-65409 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

CVE-2025-65411

A flaw was found in GNU Unrtf. This vulnerability, a NULL pointer dereference in the src/path.c component, allows an attacker to cause a Denial of Service DoS by injecting a specially crafted payload into the searchpath parameter. This can lead to the application becoming unresponsive or crashing...

PT-2026-26340

Name of the Vulnerable Software and Affected Versions wolfSSL version 5.8.4 Description The software contains a flaw in the constant-time masking logic within the sp 256 get entry 256 9 function. When compiled with GCC targeting RISC-V RV32I using the -O3 optimization flag, the logic is altered...

OPENSUSE-SU-2026:10000-1 gnu-recutils-1.9-3.1 on GA media

These are all security issues fixed in the gnu-recutils-1.9-3.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-25096

A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in the bfd linker, allows an attacker to gain access to sensitive information. By convincing a user to process a specially crafted XCOFF object file, an attacker can trigger this...

PT-2026-26671

Name of the Vulnerable Software and Affected Versions GNU C library versions 2.34 through 2.43 Description The GNU C library’s gethostbyaddr and gethostbyaddr r functions, when used with a configured nsswitch.conf file specifying the library’s DNS backend, may return invalid DNS hostnames. This...

PT-2026-5011

Name of the Vulnerable Software and Affected Versions GnuPG versions prior to 2.5.17 Description A long signature packet length can cause the parse signature function to return success while setting the sig-data pointer to a NULL value. This results in a denial of service, specifically an...

PT-2026-25339

GNU inetutils telnetd versions prior to 2.8 Description A buffer overflow exists in the LINEMODE SLC Set Local Characters suboption handler of the telnetd daemon. The issue occurs because the add slc function does not verify if the buffer is full before copying data, leading to an out-of-bounds...

PT-2026-26670

Name of the Vulnerable Software and Affected Versions GNU C Library versions 2.34 through 2.43 Description The GNU C Library contains a flaw where calling the gethostbyaddr or gethostbyaddr r functions with a specific nsswitch.conf configuration utilizing the library’s DNS backend may lead to a...

PT-2026-25097

A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially crafted malicious XCOFF object file. Successful exploitation may...