CVE-2025-54389

CVSS v3.1

6.2

Medium

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions: AIDE versions prior to 0.19.2

Description: AIDE is susceptible to an improper output neutralization issue. An attacker can create a malicious filename containing terminal escape sequences to conceal file additions or removals from reports and manipulate log output. A local user could exploit this to circumvent AIDE’s detection of malicious files. The output of extended attribute key names and symbolic link targets are also not properly neutralized.

Recommendations: Versions prior to 0.19.2: Update to version 0.19.2 or later. Versions prior to 0.19.2: Configure AIDE to write the report output to a regular file. Versions prior to 0.19.2: Redirect stdout to a regular file. Versions prior to 0.19.2: Redirect the log output written to stderr to a regular file.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-117

Related Identifiers

ALSA-2025:14493

ALSA-2025:14573

ALSA-2025:14592

AZL-66297

AZL-66434

BDU:2025-16180

CESA-2025_14573

CVE-2025-54389

DLA-4272-1

DSA-5977-1

GHSA-522J-VVX9-GG28

INFSA-2025_14493

INFSA-2025_14573

MGASA-2025-0224

OESA-2025-2108

OESA-2025-2109

OESA-2025-2110

OESA-2025-2111

OESA-2025-2112

OESA-2025-2262

OPENSUSE-SU-2025:15474-1

RHSA-2025:14493

RHSA-2025:14573

RHSA-2025:14592

RHSA-2025:14980

RHSA-2025:14981

RHSA-2025:14982

RHSA-2025:15038

RHSA-2025:15039

RHSA-2025:15058

RHSA-2025:15409

RHSA-2025:15728

RHSA-2025_14493

RHSA-2025_14573

SUSE-SU-2025:20657-1

SUSE-SU-2025:20754-1

USN-7697-1

Affected Products

Aide

Almalinux

Centos

Linuxmint

Red Hat

Rocky Linux

Ubuntu

CVE-2025-54389

Weakness Enumeration

Related Identifiers

Affected Products

References · 72