891 matches found
CVE-2025-68297
In the Linux kernel, the following vulnerability has been resolved: ceph: fix crash in processv2sparseread for encrypted directories The crash in processv2sparseread for fscrypt-encrypted directories has been reported. Issue takes place for Ceph msgr2 protocol in secure mode. It can be reproduced...
CVE-2025-68297
In the Linux kernel, the following vulnerability has been resolved: ceph: fix crash in processv2sparseread for encrypted directories The crash in processv2sparseread for fscrypt-encrypted directories has been reported. Issue takes place for Ceph msgr2 protocol in secure mode. It can be reproduced...
CVE-2025-68297 ceph: fix crash in process_v2_sparse_read() for encrypted directories
In the Linux kernel, the following vulnerability has been resolved: ceph: fix crash in processv2sparseread for encrypted directories The crash in processv2sparseread for fscrypt-encrypted directories has been reported. Issue takes place for Ceph msgr2 protocol in secure mode. It can be reproduced...
CVE-2025-68297
CVE-2025-68297 concerns the Linux kernel in the context of Ceph msgr2 over fscrypt-encrypted directories. The provided description documents a crash in process_v2_sparse_read() that is triggered when operating on an encrypted Ceph filesystem path (e.g., mounting Ceph fs, creating/encrypting a dir...
CVE-2025-68297 ceph: fix crash in process_v2_sparse_read() for encrypted directories
In the Linux kernel, the following vulnerability has been resolved: ceph: fix crash in processv2sparseread for encrypted directories The crash in processv2sparseread for fscrypt-encrypted directories has been reported. Issue takes place for Ceph msgr2 protocol in secure mode. It can be reproduced...
PT-2025-51701
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc7+ Description The Linux kernel contains a flaw in the Ceph implementation, specifically within the ceph con v2 try read function. This issue can lead to a crash when processing sparse reads for...
ALSA-2025:23325 Moderate: podman security update
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 For...
Moderate: skopeo security update
The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 For more details about the security issues,...
Moderate: podman security update
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 For...
ALSA-2025:23326 Moderate: skopeo security update
The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 For more details about the security issues,...
ALSA-2025:23294 Moderate: skopeo security update
The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 For more details about the security issues,...
ALSA-2025:23295 Moderate: podman security update
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 For...
openSUSE 16 Security Update : go1.25 (openSUSE-SU-2025:20157-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:20157-1 advisory. Update to go1.25.5. Security issues fixed: - CVE-2025-61729: crypto/x509: excessive resource consumption in printing error string for host...
AlmaLinux 9 : grafana (ALSA-2025:23087)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23087 advisory. golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 Tenable has extracted the preceding description block directly from the...
RLSA-2025:23088 Moderate: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 For more details about the security issues, including the impact, a CVSS score,...
OPENSUSE-SU-2025:20158-1 Security update for go1.24
This update for go1.24 fixes the following issues: Update to go1.24.11. Security issues fixed: - CVE-2025-47912: net/url: insufficient validation of bracketed IPv6 hostnames bsc1251257. - CVE-2025-58183: archive/tar: unbounded allocation when parsing GNU sparse map bsc1251261. - CVE-2025-58185:...
AlmaLinux 10 : grafana (ALSA-2025:23088)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23088 advisory. golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 Tenable has extracted the preceding description block directly from the...
RLSA-2025:23087 Moderate: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 For more details about the security issues, including the impact, a CVSS score,...
golang: archive/tar: Unbounded allocation when parsing GNU sparse map
A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go...
golang: archive/tar: Unbounded allocation when parsing GNU sparse map
A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go...