ALT Linux Team

Branch c10f2 update on 2025-10-08

2025-10-08

ALT-BU-2025-12751-1

Branch c10f2 update bulletin.

ALT-PU-2025-12555-2

Package ghostscript updated to version 10.06.0-alt1 for branch c10f2 in task 396204.

Closed vulnerabilities

Published: 2025-09-24
Modified: 2025-10-14

BDU:2025-11520

Уязвимость функции pdf_write_cmap набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, позволяющая нарушителю оказать воздействие на целостность защищаемой информации

Severity: MEDIUM (4.3) Vector: AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Severity: LOW (2.1) Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N
References:
Published: 2025-09-24
Modified: 2025-10-14

BDU:2025-11521

Уязвимость функции pdfmark_coerce_dest набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, позволяющая нарушителю оказать воздействие на целостность защищаемой информации

Severity: MEDIUM (4.3) Vector: AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Severity: LOW (2.1) Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N
References:
Published: 2025-09-24
Modified: 2025-10-14

BDU:2025-11522

Уязвимость функции ocr_begin_page набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, позволяющая нарушителю оказать воздействие на целостность защищаемой информации

Severity: MEDIUM (4.3) Vector: AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Severity: LOW (2.1) Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N
References:
Published: 2025-09-22
Modified: 2025-11-03

CVE-2025-59798

Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdf_write_cmap in devices/vector/gdevpdtw.c.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2025-09-22
Modified: 2025-11-03

CVE-2025-59799

Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfmark_coerce_dest in devices/vector/gdevpdfm.c via a large size value.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2025-09-22
Modified: 2025-09-25

CVE-2025-59800

In Artifex Ghostscript through 10.05.1, ocr_begin_page in devices/gdevpdfocr.c has an integer overflow that leads to a heap-based buffer overflow in ocr_line8.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:

ALT-PU-2025-12635-3

Package libtpms updated to version 0.10.1-alt1 for branch c10f2 in task 396331.

Closed vulnerabilities

Published: 2025-09-14
Modified: 2025-11-19

BDU:2025-11088

Уязвимость функции CryptHmacSign() библиотеки libtpms связана с чтением за границами буфера в памяти. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (5.9) Vector: AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H
Severity: MEDIUM (4.6) Vector: AV:L/AC:L/Au:S/C:N/I:N/A:C
References:
Published: 2025-06-10
Modified: 2025-11-03

CVE-2025-49133

Libtpms is a library that targets the integration of TPM functionality into hypervisors, primarily into Qemu. Libtpms, which is derived from the TPM 2.0 reference implementation code published by the Trusted Computing Group, is prone to a potential out of bounds (OOB) read vulnerability. The vulnerability occurs in the ‘CryptHmacSign’ function with an inconsistent pairing of the signKey and signScheme parameters, where the signKey is ALG_KEYEDHASH key and inScheme is an ECC or RSA scheme. The reported vulnerability is in the ‘CryptHmacSign’ function, which is defined in the "Part 4: Supporting Routines – Code" document, section "7.151 - /tpm/src/crypt/CryptUtil.c ". This vulnerability can be triggered from user-mode applications by sending malicious commands to a TPM 2.0/vTPM (swtpm) whose firmware is based on an affected TCG reference implementation. The effect on libtpms is that it will cause an abort due to the detection of the out-of-bounds access, thus for example making a vTPM (swtpm) unavailable to a VM. This vulnerability is fixed in 0.7.12, 0.8.10, 0.9.7, and 0.10.1.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:

ALT-PU-2025-12641-2

Package zabbix updated to version 7.0.19-alt0.c10f2.1 for branch c10f2 in task 396334.

Closed vulnerabilities

Published: 2025-09-24
Modified: 2025-10-14

BDU:2025-11596

Уязвимость универсальной системы мониторинга Zabbix, связана с неправильной нейтрализацией специальных элементов, используемых в команде SQL, позволяющая нарушителю выполнять произвольные SQL-запросы в базе данных

Severity: HIGH (8.1) Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Severity: HIGH (8.5) Vector: AV:N/AC:L/Au:S/C:N/I:C/A:C
References:
Published: 2025-09-24
Modified: 2025-10-14

BDU:2025-11597

Уязвимость универсальной системы мониторинга Zabbix, связана с неправильной авторизацией, позволяющая нарушителю получить доступ к конфиденциальной информации

Severity: LOW (3.5) Vector: AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Severity: LOW (2.7) Vector: AV:A/AC:L/Au:S/C:P/I:N/A:N
References:
Published: 2025-09-12
Modified: 2025-09-15

CVE-2025-27233

Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system.

Severity: MEDIUM (5.7) Vector: CVSS:4.0/AV:A/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References:
Published: 2025-09-12
Modified: 2025-10-08

CVE-2025-27238

Due to a bug in Zabbix API, the hostprototype.get method lists all host prototypes to users that do not have any user groups assigned to them.

Severity: LOW (3.5) Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Severity: LOW (2.1) Vector: CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References:
Published: 2025-09-12
Modified: 2025-10-08

CVE-2025-27240

A Zabbix adminitrator can inject arbitrary SQL during the autoremoval of hosts by inserting malicious SQL in the 'Visible name' field.

Severity: HIGH (7.2) Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH (7.5) Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.2
Back to top