CVE-2025-15469

A flaw was found in openssl. When a user signs or verifies files larger than 16MB using the openssl dgst command with one-shot algorithms, the tool silently truncates the input to 16MB. This creates an integrity gap, allowing trailing data beyond the initial 16MB to be modified without detection...

Ubuntu 24.04 LTS. : libvirt vulnerabilities (USN-6734-2)

The remote Ubuntu 24.04 LTS. host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6734-2 advisory. USN-6734-1 fixed vulnerabilities in libvirt. This update provides the corresponding updates for Ubuntu 24.04 LTS. Tenable has extracted the preceding...

Medium: libvirt

Issue Overview: An off-by-one error flaw was found in the udevListInterfacesByStatus function in libvirt when the number of interfaces exceeds the size of the names array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : libvirt vulnerabilities (USN-6734-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6734-1 advisory. Alexander Kuznetsov discovered that libvirt incorrectly handled certain API calls. An attacker could possibly use this issue to cause...