Astra Linux - уязвимость в connman

A issue was discovered in the DNS proxy of Connman through version 1.40. The implementation of the TCP server’s reply mechanism lacks a check to ensure that there is sufficient Header Data, resulting in an out-of-bounds read...

EUVD-2025-35094

In NetXDuo version before 6.4.4, a networking support module for Eclipse Foundation ThreadX, in the DHCPV6 client there was an unchecked index extracting the server DUID from the server reply. With a crafted packet, an attacker could cause an out of memory read...

fetchmail -- potential crash when authenticating to SMTP server

Matthias Andree reports: fetchmail's SMTP client, when configured to authenticate, is susceptible to a protocol violation where, when a trusted but malicious or malfunctioning SMTP server responds to an authentication request with a "334" code but without a following blank on the line, it will...

SUSE CVE-2025-39927

In the Linux kernel, the following vulnerability has been resolved: ceph: fix race condition validating rparent before applying state Add validation to ensure the cached parent directory inode matches the directory info in MDS replies. This prevents client-side race conditions where concurrent...

AZL-71891 CVE-2025-39927 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: ceph: fix race condition validating rparent before applying state Add validation to ensure the cached parent directory inode matches the directory info in MDS replies. This prevents client-side race conditions where concurrent...

CVE-2025-39927 ceph: fix race condition validating r_parent before applying state

In the Linux kernel, the following vulnerability has been resolved: ceph: fix race condition validating rparent before applying state Add validation to ensure the cached parent directory inode matches the directory info in MDS replies. This prevents client-side race conditions where concurrent...

CVE-2025-39927 ceph: fix race condition validating r_parent before applying state

In the Linux kernel, the following vulnerability has been resolved: ceph: fix race condition validating rparent before applying state Add validation to ensure the cached parent directory inode matches the directory info in MDS replies. This prevents client-side race conditions where concurrent...

CVE-2025-39927

CVE-2025-39927 is addressed in the Linux kernel via a Ceph client race fix. The issue occurred when validating r_parent before applying MDS replies, risking stale parent inode references and applying state changes to the wrong directory inode. The fix adds validation to ensure the cached parent i...

Linux Distros Unpatched Vulnerability : CVE-2022-22936

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Job publishes and file server replies are susceptible to replay attacks,...

Linux Distros Unpatched Vulnerability : CVE-2025-43857

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5, there is a possibili...

go-git: go-git clients vulnerable to DoS via maliciously crafted Git server replies

A denial of service DoS vulnerability was found in go-git. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which triggers resource exhaustion in go-git clients...

go-git clients vulnerable to DoS via maliciously crafted Git server replies

...

GO-2025-3367 Clients vulnerable to DoS via maliciously crafted Git server replies in github.com/go-git/go-git

Clients vulnerable to DoS via maliciously crafted Git server replies in github.com/go-git/go-git...

GHSA-R9PX-M959-CXF4 go-git clients vulnerable to DoS via maliciously crafted Git server replies

Impact A denial of service DoS vulnerability was discovered in go-git versions prior to v5.13. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. This is a go-g...

CVE-2025-21614 go-git clients vulnerable to DoS via maliciously crafted Git server replies

go-git is a highly extensible git implementation library written in pure Go. A denial of service DoS vulnerability was discovered in go-git versions prior to v5.13. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git serve...

go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients

A path traversal vulnerability was discovered in the go library go-git. This issue may allow an attacker to create and amend files across the filesystem when applications are using the default ChrootOS, potentially allowing remote code execution...

go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients

A path traversal vulnerability was discovered in the go library go-git. This issue may allow an attacker to create and amend files across the filesystem when applications are using the default ChrootOS, potentially allowing remote code execution...

go-git: Maliciously crafted Git server replies can cause DoS on go-git clients

A denial of service DoS vulnerability was found in the go library go-git. This issue may allow an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which can trigger resource exhaustion in go-git clients...

Maliciously crafted Git server replies can cause DoS on go-git clients

...

Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients

...