[SECURITY] Fedora 43 Update: rust-reqsign-file-read-tokio-2.0.0-1.fc43

Tokio-based file reader implementation for reqsign...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989076)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989076 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctlfibmultipathuseneigh. While reading sysctlfibmultipathuseneigh...

CVE-2025-12108

The CVE-2025-12108 instance affects the Survision LPR Camera system, where authentication is not enforced by default, allowing access to the configuration wizard without login credentials. Affected component: the device’s access/configuration flow (license plate recognition camera system). Impact...

MGASA-2025-0256 Updated golang packages fix security vulnerabilities

Insufficient validation of bracketed IPv6 hostnames in net/url. CVE-2025-47912 Unbounded allocation when parsing GNU sparse map in archive/tar. CVE-2025-58183 Parsing DER payload can cause memory exhaustion in encoding/asn1. CVE-2025-58185 Lack of limit when parsing cookies can cause memory...

[SECURITY] Fedora 42 Update: rust-reqsign-file-read-tokio-2.0.0-1.fc42

Tokio-based file reader implementation for reqsign...

[SECURITY] Fedora 42 Update: rust-astral-tokio-tar-0.5.6-1.fc42

A Rust implementation of an async TAR file reader and writer. This library does not currently handle compression, but it is abstract over all I/O readers and writers. Additionally, great lengths are taken to ensure that the entire contents are never required to be entirely resident in memory all ...

[SECURITY] Fedora 41 Update: rust-reqsign-file-read-tokio-2.0.0-1.fc41

Tokio-based file reader implementation for reqsign...

[SECURITY] Fedora 41 Update: rust-astral-tokio-tar-0.5.6-1.fc41

A Rust implementation of an async TAR file reader and writer. This library does not currently handle compression, but it is abstract over all I/O readers and writers. Additionally, great lengths are taken to ensure that the entire contents are never required to be entirely resident in memory all ...

Excessive CPU consumption in Reader.ReadResponse in net/textproto

...

EUVD-2025-37031

The following HP Card Readers B Models X3D03B & Y7C05B are potentially vulnerable to information disclosure, allowing prior user identity to be inherited under certain conditions —e.g., when an NFC device such as a smartphone/smartwatches is in proximity during a card swipe event...

CVE-2025-11998 HP Card Readers (B Models) – Potential Information Disclosure

The following HP Card Readers B Models X3D03B & Y7C05B are potentially vulnerable to information disclosure, allowing prior user identity to be inherited under certain conditions —e.g., when an NFC device such as a smartphone/smartwatches is in proximity during a card swipe event...

EUVD-2025-36730

The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...

EUVD-2025-36731

tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a...

CVE-2025-61724

The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...

AZL-69164 CVE-2025-61724 affecting package msft-golang 1.24.13-1

The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...

AZL-69251 CVE-2025-58183 affecting package golang 1.26.0-1

tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a...

AZL-69002 CVE-2025-58183 affecting package cri-o 1.30.1-1

tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a...

AZL-69005 CVE-2025-58183 affecting package podman 5.6.1-7

tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a...

UBUNTU-CVE-2025-61724

The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...

CVE-2025-58183 Unbounded allocation when parsing GNU sparse map in archive/tar

tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a...