8 matches found
SUSE-SU-2025:4411-1 Security update for librsvg
This update for librsvg fixes the following issues: Update to version 2.52.12. - CVE-2024-12224: idna: incorrect hostname comparisons and URL parsing may be performed due to acceptance of Punycode labels that do not produce any non-ASCII output when decoded bsc1243867. - CVE-2024-43806: rustix:...
`rustix::fs::Dir` iterator with the `linux_raw` backend can cause memory explosion
...
AZL-48324 CVE-2024-43806 affecting package kata-containers-cc for versions less than 3.2.0.azl2-7
Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and...
DEBIAN-CVE-2024-43806
Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and...
AZL-48300 CVE-2024-43806 affecting package cloud-hypervisor for versions less than 32.0-7
Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and...
AZL-48333 CVE-2024-43806 affecting package kata-containers for versions less than 3.2.0.azl4-1
Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and...
AZL-48312 CVE-2024-43806 affecting package virtiofsd for versions less than 1.8.0-3
Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and...
PT-2023-32952
Name of the Vulnerable Software and Affected Versions Rustix versions prior to 0.35.15 Rustix versions prior to 0.36.16 Rustix versions prior to 0.37.25 Rustix versions prior to 0.38.19 Description The issue arises when using rustix::fs::Dir with the linux raw backend, where the iterator can get...