CVE & CISA-KEV Catalog

CVE-2025-54389

MEDIUM
6.2
CVSS v3
NVD

Description

AIDE is an advanced intrusion detection environment. Prior to version 0.19.2, there is an improper output neutralization vulnerability in AIDE. An attacker can craft a malicious filename by including terminal escape sequences to hide the addition or removal of the file from the report and/or tamper with the log output. A local user might exploit this to bypass the AIDE detection of malicious files. Additionally the output of extended attribute key names and symbolic links targets are also not properly neutralized. This issue has been patched in version 0.19.2. A workaround involves configuring AIDE to write the report output to a regular file, redirecting stdout to a regular file, or redirecting the log output written to stderr to a regular file.

How to fix

Remediation Available
aideDebian
Fixed in:0.17.3-4+deb11u3CVE-2025-54389
Fixed in:0.18.3-1+deb12u4CVE-2025-54389
Fixed in:0.19.1-2+deb13u1CVE-2025-54389
Fixed in:0.19.2-1CVE-2025-54389
aideRocky
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.15.1-13.el7_9.5RHSA-2025:15728
Fixed in:0:0.15.1-13.el7_9.5RHSA-2025:15728
Fixed in:0:0.15.1-13.el7_9.5RHSA-2025:15728
Fixed in:0:0.15.1-13.el7_9.5.ppc64RHSA-2025:15728
Fixed in:0:0.15.1-13.el7_9.5RHSA-2025:15728
Fixed in:0:0.16-11.el8_2.2RHSA-2025:14980
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-15.el8_8.1RHSA-2025:14982
Fixed in:0:0.16-15.el8_8.1RHSA-2025:14982
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-15.el8_8.1RHSA-2025:14982
Fixed in:0:0.16-14.el8_4.2RHSA-2025:14981
Fixed in:0:0.16-11.el8_2.2RHSA-2025:14980
Fixed in:0:0.16-14.el8_4.2RHSA-2025:14981
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
aideRed Hat / RHEL
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.15.1-13.el7_9.5.ppc64RHSA-2025:15728
Fixed in:0:0.15.1-13.el7_9.5RHSA-2025:15728
Fixed in:0:0.15.1-13.el7_9.5RHSA-2025:15728
Fixed in:0:0.15.1-13.el7_9.5RHSA-2025:15728
Fixed in:0:0.15.1-13.el7_9.5RHSA-2025:15728
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-11.el8_2.2RHSA-2025:14980
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-11.el8_2.2RHSA-2025:14980
Fixed in:0:0.16-15.el8_8.1RHSA-2025:14982
Fixed in:0:0.16-15.el8_8.1RHSA-2025:14982
Fixed in:0:0.16-15.el8_8.1RHSA-2025:14982
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-14.el8_4.2RHSA-2025:14981
Fixed in:0:0.16-14.el8_4.2RHSA-2025:14981
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
aide-debuginfoRocky
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.15.1-13.el7_9.5RHSA-2025:15728
Fixed in:0:0.15.1-13.el7_9.5RHSA-2025:15728
Fixed in:0:0.15.1-13.el7_9.5.ppc64RHSA-2025:15728
Fixed in:0:0.15.1-13.el7_9.5RHSA-2025:15728
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-11.el8_2.2RHSA-2025:14980
Fixed in:0:0.16-15.el8_8.1RHSA-2025:14982
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-15.el8_8.1RHSA-2025:14982
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-14.el8_4.2RHSA-2025:14981
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
aide-debuginfoRed Hat / RHEL
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.15.1-13.el7_9.5RHSA-2025:15728
Fixed in:0:0.15.1-13.el7_9.5.ppc64RHSA-2025:15728
Fixed in:0:0.15.1-13.el7_9.5RHSA-2025:15728
Fixed in:0:0.15.1-13.el7_9.5RHSA-2025:15728
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-15.el8_8.1RHSA-2025:14982
Fixed in:0:0.16-15.el8_8.1RHSA-2025:14982
Fixed in:0:0.16-14.el8_4.2RHSA-2025:14981
Fixed in:0:0.16-11.el8_2.2RHSA-2025:14980
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
aide-debugsourceRocky
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.16-15.el8_8.1RHSA-2025:14982
Fixed in:0:0.16-15.el8_8.1RHSA-2025:14982
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-11.el8_2.2RHSA-2025:14980
Fixed in:0:0.16-14.el8_4.2RHSA-2025:14981
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
aide-debugsourceRed Hat / RHEL
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.18.6-8.el10_0.2RHSA-2025:14592
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-15.el8_8.1RHSA-2025:14982
Fixed in:0:0.16-15.el8_8.1RHSA-2025:14982
Fixed in:0:0.16-14.el8_4.2RHSA-2025:14981
Fixed in:0:0.16-15.el8_6.1RHSA-2025:15058
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-11.el8_2.2RHSA-2025:14980
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-15.el8_10.2RHSA-2025:14573
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
Fixed in:0:0.16-100.el9_0.1RHSA-2025:15409
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
Fixed in:0:0.16-100.el9_2.1RHSA-2025:15038
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
Fixed in:0:0.16-100.el9_4.1RHSA-2025:15039
Fixed in:0:0.16-103.el9_6.2RHSA-2025:14493
registry.redhat.io/compliance/openshift-file-integrityRed Hat / RHEL
Fixed in:rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390xRHSA-2025:21913
Fixed in:rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64leRHSA-2025:21913
Fixed in:rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64RHSA-2025:21913
Fixed in:operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64RHSA-2025:21913
registry.redhat.io/compliance/openshift-file-integrityRocky
Fixed in:rhel8-operator@sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605_ppc64leRHSA-2025:21913
Fixed in:rhel8-operator@sha256:59fcdf4ea159ba76fdb582011263672646dd9d63304a91592c0a21d0f43986a4_s390xRHSA-2025:21913
Fixed in:operator-bundle@sha256:7520e7694e24b0de7e904f1833f9de1bd147eba17cda43aaece3a4df259e6a73_amd64RHSA-2025:21913
Fixed in:rhel8-operator@sha256:86d2378dea6c26da92e19e1a8dc9c9fb0fa8587fd60f83e6cc4503153e753db9_amd64RHSA-2025:21913
aideUbuntu
Fixed in:0.16~a2.git20130520-2ubuntu0.1+esm2USN-7697-1
Fixed in:0.16~a2.git20130520-3ubuntu0.1~esm2USN-7697-1
Fixed in:0.16-3ubuntu0.1+esm1USN-7697-1
Fixed in:0.16.1-1ubuntu0.1+esm1USN-7697-1
Fixed in:0.17.4-1ubuntu0.2USN-7697-1
Fixed in:0.18.6-2ubuntu0.1USN-7697-1

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityNone
IntegrityHigh
AvailabilityNone

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploit Intelligence

0.21%probability of exploitation in 30 days
11thpercentile

Low risk: more likely to be exploited than 11% of all known CVEs.

References

Exploit1
Release Notes1
Embed a live status badge for CVE-2025-54389
CVE-2025-54389 severity badge

Markdown

[![CVE-2025-54389](https://tridentstack.com/cve/badge/CVE-2025-54389.svg)](https://tridentstack.com/cve/CVE-2025-54389)

HTML

<a href="https://tridentstack.com/cve/CVE-2025-54389"><img src="https://tridentstack.com/cve/badge/CVE-2025-54389.svg" alt="CVE-2025-54389"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-11-04.