Stay Secure with the Latest Linux Advisories

security advisorysegmentation faultheap buffer

Mageia 9: Critical Transfig Input Issues Reported for 2025-0152

Floating point exception in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via get_slope function. (CVE-2025-31162) Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via put_patternarc function. . MGASA-2025-0152 - Updated transfig packages fix security vulnerabilities Publication date: 11 May 2025 URL: https://advisories.mageia.org/MGASA-2025-0152.html Type: security Affected Mageia releases: 9 CVE: CVE-2025-31162, CVE-2025-31163, CVE-2025-31164 Floating point exception in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via get_slope function. (CVE-2025-31162) Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via put_patternarc function. (CVE-2025-31163) Heap-buffer overflow in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via create_line_with_spline. (CVE-2025-31164) References: - https://bugs.mageia.org/show_bug.cgi?id=34260 - - https://www.cve.org/CVERecord?id=CVE-2025-31162 - https://www.cve.org/CVERecord?id=CVE-2025-31163 - https://www.cve.org/CVERecord?id=CVE-2025-31164 SRPMS: - 9/core/transfig-3.2.9a-1.mga9 . Mageia's security advisory addresses critical vulnerabilities in input handling within the transfig package, urging users to apply patches swiftly to reduce risk. Mageia transfig vulnerabilities, local input manipulation, security patches. . Severity: Critical. LinuxSecurity.com Team

May 11, 2025 •Critical Mageia