Advisories » MGASA-2025-0224

Updated aide packages fix vulnerabilities

Publication date: 02 Sep 2025
Modification date: 02 Sep 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-54389 , CVE-2025-54409

Description

Improper output neutralization (potential AIDE detection bypass).
(CVE-2025-54389)
Null pointer dereference after reading incorrectly encoded xattr
attributes from database (local DoS). (CVE-2025-54409)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=34586
• https://www.openwall.com/lists/oss-security/2025/08/14/7
• https://www.openwall.com/lists/oss-security/2025/08/14/8
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54389
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54409

SRPMS

9/core

• aide-0.18.6-1.1.mga9