MAL-2025-28220 Malicious code in omni-law-menu-section (npm)

The package omni-law-menu-section was found to contain malicious code...

Security update for tiff

This update for tiff fixes the following issues: Updated TIFFMergeFieldInfo with readcount=writecount=0 for FIELDIGNORE bsc1243503 CVE-2025-8176: Fixed heap use-after-free in tools/tiffmedian.c bsc1247108 CVE-2025-8177: Fixed possible buffer overflow in tools/thumbnail.c:setrow when processing...

SUSE-SU-2025:02770-1 Security update for tiff

This update for tiff fixes the following issues: - Updated TIFFMergeFieldInfo with readcount=writecount=0 for FIELDIGNORE bsc1243503 - CVE-2025-8176: Fixed heap use-after-free in tools/tiffmedian.c bsc1247108 - CVE-2025-8177: Fixed possible buffer overflow in tools/thumbnail.c:setrow when...

Linux Distros Unpatched Vulnerability : CVE-2023-49557

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the yasmsectionbcsfirst function in the libyasm/section.c component...

GNU Binutils objcopy.c copy_section heap-based overflow

...

SUSE CVE-2025-8224

A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This vulnerability affects the function bfdelfgetstrsection of the file bfd/elf.c of the component BFD Library. The manipulation leads to null pointer dereference. Local access is required to approach this attack...

SUSE CVE-2025-8225

A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function processdebuginfo of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patc...

AZL-73046 CVE-2025-38477 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix race condition on qfqaggregate A race condition can occur when 'agg' is modified in qfqchangeagg called during qfqenqueue while other threads access it concurrently. For example, qfqdumpclass may trigger a...

DEBIAN-CVE-2025-38477

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix race condition on qfqaggregate A race condition can occur when 'agg' is modified in qfqchangeagg called during qfqenqueue while other threads access it concurrently. For example, qfqdumpclass may trigger a...

CVE-2025-38477 net/sched: sch_qfq: Fix race condition on qfq_aggregate

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix race condition on qfqaggregate A race condition can occur when 'agg' is modified in qfqchangeagg called during qfqenqueue while other threads access it concurrently. For example, qfqdumpclass may trigger a...

CVE-2025-38477

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix race condition on qfqaggregate A race condition can occur when 'agg' is modified in qfqchangeagg called during qfqenqueue while other threads access it concurrently. For example, qfqdumpclass may trigger a...

GNU Binutils Buffer Overflow Vulnerability (CNVD-2025-18193)

GNU Binutils is a binary toolset developed by the GNU Project for working with target files and executables. A security vulnerability exists in GNU Binutils version 2.44, which stems from a bfdelfgetstrsection function handling exception in the bfd/elf.c component of the BFD library file. An...

AZL-65960 CVE-2025-8225 affecting package binutils for versions less than 2.37-17

A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function processdebuginfo of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patc...

ALPINE-CVE-2025-8225

A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function processdebuginfo of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patc...

DEBIAN-CVE-2025-8225

A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function processdebuginfo of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patc...

CVE-2025-8225 GNU Binutils DWARF Section dwarf.c process_debug_info memory leak

A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function processdebuginfo of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patc...

CVE-2025-8225

A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function processdebuginfo of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patc...

CVE-2025-8225

The CVE-2025-8225 issue affects GNU Binutils 2.44, specifically the function process_debug_info in binutils/dwarf.c of the DWARF Section Handler. The vulnerability results in a memory leak and requires local access to exploit. A patch is identified by the commit hash e51fdff7d2e538c0e5accdd65649a...

CVE-2025-8225 GNU Binutils DWARF Section dwarf.c process_debug_info memory leak

A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function processdebuginfo of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patc...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the bfdelfgetstrsection function in the bfd/elf.c file. Remediation A fix was pushed into the master branch but not yet published. References - GitHub Commit - POC Credit: John Reiser...