CVE-2025-47229

CVE-2025-47229 affects GNU PSPP (libpspp-core.a) up to version 2.0.1. The root cause is a denial-of-service condition triggered by crafted input data that causes a var_set_leave_quiet assertion failure and application exit, via a call path from src/data/dictionary.c into src/data/variable.c. Mult...

PT-2025-18938 · Gnu +1 · Gnu Pspp +1

Name of the Vulnerable Software and Affected Versions: GNU PSPP versions through 2.0.1 Description: The issue allows attackers to cause a denial of service, resulting in an application exit, via crafted input data. This can be triggered by specific data that causes a call from the...

CVE-2025-47229

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service varsetleavequiet assertion failure and application exit via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code...

CVE-2025-47229

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service varsetleavequiet assertion failure and application exit via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code...

CVE-2025-47229

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service varsetleavequiet assertion failure and application exit via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code...

CVE-2025-47153

Certain build processes for libuv and Node.js for 32-bit systems, such as for the nodejs binary package through nodejs20.19.0+dfsg-2i386.deb for Debian GNU/Linux, have an inconsistent offt size e.g., building on i386 Debian always uses FILEOFFSETBITS=64 for the libuv dynamic library, but uses the...

CVE-2025-47153

CVE-2025-47153 concerns build-time handling on 32-bit systems (i386) where libuv binaries and Node.js binaries are built with inconsistent off_t sizing. Specifically, 32-bit Debian builds may set _FILE_OFFSET_BITS=64 for the libuv dynamic library but rely on the system default (32) for nodejs, ca...

PT-2025-18371 · Libuv +2 · Libuv +2

Name of the Vulnerable Software and Affected Versions: libuv and Node.js versions prior to nodejs 20.19.0+dfsg-2 i386.deb Description: The issue arises from certain build processes for libuv and Node.js on 32-bit systems, where the off t size is inconsistent. This inconsistency occurs because the...

[SECURITY] [DLA 4143-1] glibc security update

Debian LTS Advisory DLA-4143-1 [email protected] https://www.debian.org/lts/security/ Sean Whitton April 30, 2025 https://wiki.debian.org/LTS Package : glibc Version : 2.31-13+deb11u12 CVE ID : CVE-2025-0395 A flaw was discovered in the implementation of the assert function in the GNU C...

[SECURITY] Fedora 40 Update: icecat-115.22.0-2.rh1.fc40

GNU IceCat is the GNU version of the Firefox ESR browser. Extensions included to this version of IceCat: LibreJS GNU LibreJS aims to address the JavaScript problem described in the article "The JavaScript Trap" of Richard Stallman. JShelter: Mitigates potential threats from JavaScript, including...

[SECURITY] Fedora 41 Update: icecat-115.22.0-2.rh1.fc41

GNU IceCat is the GNU version of the Firefox ESR browser. Extensions included to this version of IceCat: LibreJS GNU LibreJS aims to address the JavaScript problem described in the article "The JavaScript Trap" of Richard Stallman. JShelter: Mitigates potential threats from JavaScript, including...

GNU GRUB Buffer Overflow Vulnerability

GNU GRUB is a Linux system boot program from the GNU community. GNU GRUB suffers from a buffer overflow vulnerability, which stems from an integer overflow problem contained in the read module, that can be exploited by an attacker to overwrite sensitive information, thereby bypassing secure boot...

[SECURITY] Fedora 42 Update: icecat-115.22.0-2.rh1.fc42

GNU IceCat is the GNU version of the Firefox ESR browser. Extensions included to this version of IceCat: LibreJS GNU LibreJS aims to address the JavaScript problem described in the article "The JavaScript Trap" of Richard Stallman. JShelter: Mitigates potential threats from JavaScript, including...

USN-7423-2: GNU binutils vulnerabilities

USN-7423-1 fixed several vulnerabilities in GNU. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that GNU binutils incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash o...

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities listed herein. Vulnerability Details CVEID:CVE-2023-49569 DESCRIPTION: go-git could allow a remote attacker to traverse directories on the system. By sending a specially crafted request using the ChrootOS...

GNU GRUB2 Buffer Overflow Vulnerability (CNVD-2025-09674)

GNU GRUB2 is a Linux system bootloader from the GNU community. GNU GRUB2 suffers from a buffer overflow vulnerability that stems from the reiserfs fs module not properly checking for integer overflow issues, which can be exploited by an attacker to cause a heap out-of-bounds write, corrupt critic...

Medium: binutils

Issue Overview: A vulnerability was found in GNU Binutils 2.43 and classified as critical. This issue affects the function bfdelfgcmarkrsec of the file elflink.c of the component ld. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The complexity of an...

Amazon Linux 2023 : binutils, binutils-devel, binutils-gprofng (ALAS2023-2025-956)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-956 advisory. A vulnerability was found in GNU Binutils 2.43 and classified as critical. This issue affects the function bfdelfgcmarkrsec of the file elflink.c of the component ld. The manipulation leads to...

GNU GRUB2 Buffer Overflow Vulnerability (CNVD-2025-09673)

GNU GRUB2 is a Linux system bootloader from the GNU community. GNU GRUB2 suffers from a buffer overflow vulnerability that stems from the jfs file system module not properly checking for integer overflow issues, which can be exploited by an attacker to cause a heap out-of-bounds write issue that...

glibc: buffer overflow in the GNU C Library's assert()

A flaw was found in the GNU C Library glibc. A buffer overflow condition via the assert function may be triggered due to glibc not allocating enough space for the assertion failure message string and size information. In certain conditions, a local attacker can exploit this, potentially leading t...