CVE-2025-54409NULL Pointer Dereference in Intrusion Detection Environment Project Advanced Intrusion Detection Environment

CWE-476NULL Pointer Dereference9 documents8 sources
Severity
5.5MEDIUMNVD
CNA6.2
EPSS
0.0%
top 90.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
AideAdvanced Intrusion Detection Environment Project Advanced Intrusion Detection Environment
Timeline
PublishedAug 14
Latest updateAug 19

Description

AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null pointer dereference vulnerability in AIDE. An attacker can crash the program during report printing or database listing after setting extended file attributes with an empty attribute value or with a key containing a comma. A local user might exploit this to cause a local denial of service. This issue has been patched in version 0.19.2. A workaround involves removing xattrs group from rules matching

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

Debianaide/aide< 0.17.3-4+deb11u3+3
Ubuntuaide/aide< 0.17.4-1ubuntu0.2+5
CVEListV5aide/aide>= 0.13, < 0.19.2

Patches

Patch: github.com

🔴Vulnerability Details

3
OSV
CVE-2025-54409: AIDE is an advanced intrusion detection environment2025-08-14
OSV
aide vulnerabilities2025-08-14
CVEList
AIDE null pointer dereference when reading incorrectly encoded xattr attributes from database (local DoS)2025-08-14

📋Vendor Advisories

4
Red Hat
aide: null pointer dereference allows local DoS2025-08-14
Ubuntu
AIDE vulnerabilities2025-08-14
Microsoft
AIDE null pointer dereference when reading incorrectly encoded xattr attributes from database (local DoS)2025-08-12
Debian
CVE-2025-54409: aide - AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19....2025

💬Community

1
Bugzilla
CVE-2025-54409 aide: null pointer dereference allows local DoS [fedora-42]2025-08-19
CVE-2025-54409 — NULL Pointer Dereference | cvebase