2388018 – (CVE-2025-54409) CVE-2025-54409 aide: null pointer dereference allows local DoS

Bug 2388018 (CVE-2025-54409) - CVE-2025-54409 aide: null pointer dereference allows local DoS

Summary: CVE-2025-54409 aide: null pointer dereference allows local DoS

Keywords:
Status:	NEW
Alias:	CVE-2025-54409
Deadline:	2025-08-14
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2389389 2389390
Blocks:
TreeView+	depends on / blocked

Reported:	2025-08-12 18:50 UTC by OSIDB Bzimport
Modified:	2025-08-19 12:44 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-08-12 18:50:22 UTC

A null pointer dereference vulnerability was found in AIDE, an advanced intrusion detection system. An attacker can crash the program during report printing or database listing after setting extended file attributes with an empty attribute value or with a key containing a comma. A local user might
exploit this to cause a local denial of service.

Note You need to log in before you can comment on or make changes to this bug.