OpenClaw affected by denial of service via unbounded URL-backed media fetch

Summary URL-backed media fetch handling allocated the entire response payload in memory arrayBuffer before enforcing maxBytes, allowing oversized responses to cause memory exhaustion. Affected Versions - openclaw npm: res.writeHead200,"content-type":"application/octet-stream";forlet...

DEBIAN-CVE-2025-38425

In the Linux kernel, the following vulnerability has been resolved: i2c: tegra: check msg length in SMBUS block read For SMBUS block read, do not continue to read if the message length passed from the device is '0' or greater than the maximum allowed bytes...