minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments

Summary matchOne performs unbounded recursive backtracking when a glob pattern contains multiple non-adjacent GLOBSTAR segments and the input path does not match. The time complexity is OCn, k -- binomial -- where n is the number of path segments and k is the number of globstars. With k=11 and...

DEBIAN-CVE-2025-39790

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Detect events pointing to unexpected TREs When a remote device sends a completion event to the host, it contains a pointer to the consumed TRE. The host uses this pointer to process all of the TREs between it and...