SB2025082740 - Multiple vulnerabilities in AIDE
Published: August 27, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Improper Encoding or Escaping of Output (CVE-ID: CVE-2025-54389)
The vulnerability allows a remote attacker to bypass detection rules.
The vulnerability exists due to improper input validation when handling file names. A remote attacker can pass a specially crafted file to the application and hide or remove the file from the logs or bypass AIDE detection of malicious files.
2) NULL pointer dereference (CVE-ID: CVE-2025-54409)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error. A remote attacker can crash the program during report printing or database listing after setting extended file attributes with an empty attribute value or with a key containing a comma.
Remediation
Install update from vendor's website.
References
- https://github.com/aide/aide/commit/64c8f32b0349c33fb8382784af468338078851f9
- https://github.com/aide/aide/releases/tag/v0.19.2
- https://github.com/aide/aide/security/advisories/GHSA-522j-vvx9-gg28
- https://github.com/aide/aide/commit/54a6d0d9d5f14b81961d66373c0291bf4af4135a
- https://github.com/aide/aide/security/advisories/GHSA-79g7-f8rv-jcxh