Linux Distros Unpatched Vulnerability : CVE-2025-40189

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: usb: lan78xx: Fix lost EEPROM read timeout error-ETIMEDOUT in lan78xxreadraweeprom Syzbot reported read of uninitialized variable BUG with following call...

CVE-2025-40189

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix lost EEPROM read timeout error-ETIMEDOUT in lan78xxreadraweeprom Syzbot reported read of uninitialized variable BUG with following call stack. lan78xx 8-1:1.0 unnamed netdevice uninitialized: EEPROM read...

DEBIAN-CVE-2025-40189

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix lost EEPROM read timeout error-ETIMEDOUT in lan78xxreadraweeprom Syzbot reported read of uninitialized variable BUG with following call stack. lan78xx 8-1:1.0 unnamed netdevice uninitialized: EEPROM read...

UBUNTU-CVE-2025-40189

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix lost EEPROM read timeout error-ETIMEDOUT in lan78xxreadraweeprom Syzbot reported read of uninitialized variable BUG with following call stack. lan78xx 8-1:1.0 unnamed netdevice uninitialized: EEPROM read...

CVE-2025-40189

The CVE-2025-40189 issue affects the Linux kernel’s LAN78xx USB Ethernet driver (drivers/net/usb/lan78xx.c). A read_raw_eeprom timeout (-ETIMEDOUT) could be obscured in the fallthrough path after attempting to restore LED pin configurations, causing the data buffer to be treated as valid despite ...

CVE-2025-40189

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix lost EEPROM read timeout error-ETIMEDOUT in lan78xxreadraweeprom Syzbot reported read of uninitialized variable BUG with following call stack. lan78xx 8-1:1.0 unnamed netdevice uninitialized: EEPROM read...

CVE-2025-40189 net: usb: lan78xx: Fix lost EEPROM read timeout error(-ETIMEDOUT) in lan78xx_read_raw_eeprom

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix lost EEPROM read timeout error-ETIMEDOUT in lan78xxreadraweeprom Syzbot reported read of uninitialized variable BUG with following call stack. lan78xx 8-1:1.0 unnamed netdevice uninitialized: EEPROM read...

CVE-2025-40189 net: usb: lan78xx: Fix lost EEPROM read timeout error(-ETIMEDOUT) in lan78xx_read_raw_eeprom

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix lost EEPROM read timeout error-ETIMEDOUT in lan78xxreadraweeprom Syzbot reported read of uninitialized variable BUG with following call stack. lan78xx 8-1:1.0 unnamed netdevice uninitialized: EEPROM read...

GHSA-C978-WQ47-PVVW sudo-rs: Partial password reveal is possible after timeout

Summary If a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered are echoed back to the console. Example Using sudo-rs: geiger@cerberus:$ sudo -s sudo: authenticate Password: sudo-rs:...

sudo-rs: Partial password reveal is possible after timeout

Summary If a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered are echoed back to the console. Example Using sudo-rs: geiger@cerberus:$ sudo -s sudo: authenticate Password: sudo-rs:...

CVE-2025-64170

sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...

UBUNTU-CVE-2025-64170

sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...

CVE-2025-64170

CVE-2025-64170 affects sudo-rs, a memory-safe Rust implementation of sudo/su. Concrete details from connected documents show a vulnerability that, when a password timeout occurs due to the user typing a password and not pressing return for an extended period, causes the entered keystrokes to be e...

EUVD-2025-131955

sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...

CVE-2025-64170 sudo-rs: Partial password reveal is possible after timeout

sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...

CVE-2025-64170 sudo-rs: Partial password reveal is possible after timeout

sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...

CVE-2025-64170 sudo-rs: Partial password reveal is possible after timeout

sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...

python-kdcproxy: Remote DoS via unbounded TCP upstream buffering

If an attacker causes kdcproxy to connect to an attacker-controlled KDC server e.g. through server-side request forgery, they can exploit the fact that kdcproxy does not enforce bounds on TCP response length to conduct a denial-of-service attack. While receiving the KDC's response, kdcproxy copie...

sudo-rs 安全漏洞

sudo-rs is an open source memory security implementation of sudo and su by Trifecta Tech Foundation. A security vulnerability exists in sudo-rs version 0.2.7 through versions prior to 0.2.10, which stems from the echoing of typed characters after a password timeout, which could lead to partial...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990889)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990889 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/mad: Improve handling of timed out WRs of mad agent Current timeout handler of mad agent...